BGP preferred route question

Unanswered Question
Aug 6th, 2008
User Badges:

We have a DS3 to our DR site. We have replication traffic and normal DR traffic on this link.


We will be adding a second DS3 and want to dedicate one for the replication traffic and the other for normal DR traffic.


Is it possible to have one link prefered for specific subnets, and the other link preferred for other subnets, if one link fails, all traffic goes across the remianing DS3?



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (4 ratings)
Loading.
mark.mcsherry Wed, 08/06/2008 - 20:50
User Badges:

Hello,


You need to be able to look at influencing both inbound and outbound traffic. I'd take a look at using a route map coupled with a prefix list to apply prepends (for inbound preference) and local preference (for outbound influence).


Hopefully this should steer you in the right direction..


thanks,

Mark

Richard Burts Thu, 08/07/2008 - 04:24
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Richard


The title of your post suggests that it is a BGP issue. But there is no mention of BGP in your description of the question. If the conversation is going to continue it might be helpful to understand the environment a bit better.


As is suggested in other responses it may be possible to manipulate attributes, do prepending, etc to influence the flow of traffic. But your description sounds to me like a more simple and direct solution would be Policy Based Routing. You could set up routing so that 1 link is preferred between sites with the other link as a backup (which takes care of the failover requirement). And then you could configure PBR to send replication traffic over the other link. I am guessing that it would be easier (and possibly more reliable) to identify replication vs DR traffic in a route map for PBR than it would be to manipulate BGP route selection.


HTH


Rick

wilson_1234_2 Thu, 08/07/2008 - 05:42
User Badges:

Thanks for the reply rick.


I am just trying to get as much input as I can before implementation.


I have updated this post.

Originally there was a drwaing attached to my first post but was deleted.


I have attached two jpeg drawings that may help.


Basically we have BGP as our WAN routing protocol and OSPF as our internal.


The MPLS connection is the link to the remote branches and serves as a backup to DR if we loose the DS3.


The DS3 is currently preferred only due to the BGP route selection (from what I can see in the config, unless I am missing something).


As far as configuring routing to prefer one link over the other, this would be on the BGP level, then distributed via OSPF correct?


What is the best way to do that withing BGP?


And on the policy based routing, can I configure the policy to prefer one link and if that is not available to prefer the other one?



Attachment: 
Richard Burts Thu, 08/07/2008 - 14:10
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Richard


I have studied on the drawings that you posted. While they do help me understand some parts of the situation, there is still much that they do not convey and some questions that they do not answer (why does AS65011 have a network statement for 192.168.1.64/30 when AS65001 would know that subnet as a connected subnet, or why does AS65001 have a BGP network statement for 10.1.1.0 (which looks like it would be an OSPF route that gets redistributed) - and if there is reason for AS65001 to advertise it then why does AS65011 not have a network statement for the corresponding 10.10.1.0).


So I stepped back to think about what I think I do understand and to make a couple of suggestions:

- As configured there would not be any failover to the second DS3 if the first one were to fail. The best way to get the failover would be to change the BGP configuration between the BGP neighbors. Instead of using the directly connected subnet on the primary DS3 I suggest that each router should use update-source to specify its loopback interface as the peering address, and then should have a primary route (local static route) to the neighbor loopback on the primary DS3 and then should have a floating static (as backup/failover) pointing to the second DS3.


After looking at the drawing I may have a different idea about how to get the desired traffic to use the second DS3. Am I correct in understanding that from AS65001 the traffic to use the second DS3 would be only traffic with destination 10.10.15.0 and that from AS65011 the traffic to use the second DS3 would be only traffic with destination 10.1.15.0? If that is the case then a simple static route in AS65001 of ip route 10.10.15.0 255.255.255.0 192.168.1.70 and a simple static route in AS65011 of ip route 10.1.15.0 255.255.255.0 192.168.1.69 would accomplish the desired outcome. And if the second DS3 were to fail the static routes would be withdrawn and the default route would send traffic over the primary DS3.


HTH


Rick

wilson_1234_2 Fri, 08/08/2008 - 14:39
User Badges:

Rick,


Thanks for the reply.


I do not know the answers to your questions in paragraph 1, I inherited this setup, so I do not know the reasons for the current BGP config.


As far as your other questions, I used those subnets as an example, there would actually be several subnets on one DS3 and several subnets on the other. There would also be a couple of bridged subnets on one of the DS3s.


I was thinking since one would carry all of the traffic if the other were to fail, they would be configured identically and just direct the traffic to each respective DS3.

Richard Burts Mon, 08/11/2008 - 04:39
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Richard


In the short term answers to questions in paragraph 1 are probably not essential to getting the second DS3 up and operational. I would suggest that in the longer term you should work on finding answers to them because they may effect the long term effectiveness of your DS3 implementation.


I do not understand your last sentence which says:

"since one would carry all of the traffic if the other were to fail, they would be configured identically and just direct the traffic to each respective DS3". If it is a new DS3 then what gets traffic to fail over if the first one fails? Can they realistically be configured identically ? (can they both use the same IP addresses?) The suggestion in my last paragraph was an attempt to get certain traffic on the second DS3 (without impacting the BGP routing) and to provide failover.


HTH


Rick


Actions

This Discussion