Multi-homing, BGP, and ASN Number

jamesbruce · ‎02-10-2009

WE have a Cisco 2821XM Router loaded with CME and CUE. The business owner wants to multi-home from two different ISPs and get an ASN number.

1. Will multi-homing with BGP strain the capabilities of the 2821 or impact CME?

2. The 2821 has only 256 DRAM, I assume I would have to upgrade this?

3. Would going to a 3800 series be preferable?

4. Anyone here familiar with multi-homing and BGP? I want to make sure I'm not advertising anything I shouldn't, and that running this on top of CME/CUE will not present security risks.

Thanks in advance

jim_berlow · ‎02-10-2009

I think the first question to ask is why does the business owner want to multi-home? Is it for redundancy purposes or does he want more control of how traffic flows?

This answer will help you to answer some of your questions:

1) If you are only concerned about redundancy, then you might be able to get away with just having two providers give you a default route. This doesn't take up much memory, but it really isn't scalable. Now, if you need to take more than just default routes you probably will WANT to upgrade. I wouldn't do anything more than default routes on a 2821.

2) See above. If you're doing more than default routes then you probably want to upgrade.

3) My favorite router for partial routes (not full routes) would be a 3845 loaded with at least 768 DRAM (1 Gig pref). If for whatever reason you need full routes, bump that router to a 7600.

4) I highly recommend buying a book on best practices. There are many good ones to choose from. You should become familiar with creating filters to protect yourself from becoming a transit site and it is also nice to just learn something about how this works. Especially after you implement it and see 90% of traffic on one link and only 10% on the other (how do you fix?)!

The other wildcard you have in your pocket is your service providers. These guys do this for a living and are usually more than willing to offer some help with configuring it the first time around.

HTH,

Jim

Giuseppe Larosa · ‎02-10-2009

Hello James,

I recommend to use a separate device and to accept only default routes or just a few routes representing business partners.

Being multi-homed has been a requirement to get a public AS number (now with the new 32bits AS number this may change a little) from ARIN or RIPE or other RIRs.

Probably a multi-homing with NAT and using two address blocks taken from the two ISPs can be enough for your customer needs.

Clearly with NAT would be a primary/secondary solution that provides redundancy.

to give a look at what BGP multihoming looks like

http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a008009456d.shtml

for enterprise multihoming with NAT

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a0080091c8a.shtml

Hope to help

Giuseppe

Joseph W. Doherty · ‎02-10-2009

#1 It may if you accept full Internet BGP tables. You'll need lots of RAM and the BGP scanner is often CPU intensive.

#2 If you want to take two full Internet BGP tables, yes.

#3 Depends on bandwidth of links and BGP processing. Had a customer using a pair of 3660s (performance somewhat similar to a 2821) with T3s and two providers taking two full BGP tables. Routers were suffering. Stop taking BGP tables and just defaulted out to both provides, routers ran fine.

#4 Probably not considered best practice, but if you don't overload the router and properly implement security, perhaps doable.

trippi · ‎02-27-2009

We are running BGP with default route on a 2611XM with 128mb RAM...We are multihomed to two providers, but we have 1 2611XM for each provider. They are doing fine....