cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
672
Views
4
Helpful
6
Replies

Multihomed BGP

smitty6504
Level 1
Level 1

I have two different ISP's and two routers that are configured with eBGP between the ISP's and iBGP between the two routers. I am getting full routes plus a default route. I have 2 network addresses ISP A 10.117.125.0 /24 and ISP B 10.51.170.0 /24. (I have changed the ip addresses for this example. ) I would like it if ISP A fails then ISP B will route that subnet. This happened the other day and it did not work. The ISP is setup correctly and i see that i am missing a network statement, but is there anything else in this config that is wrong?

1 Accepted Solution

Accepted Solutions

Hello Bryan,

outgoing:

only prepending of your own AS number is recommended for the BGP rule that silently discards BGP advertisements with an AS Path attribute that already contains your own AS number.

So the best practice for prepending is to use your own AS number.

set as-path prepend 25 25

incoming:

About the config example you have linked:

you have written you are receiving BGP full tables from both providers.

the ip as path access-list of example provide better preference for all routes with an AS path attribute that is made of only the provider AS number.

ip as-path access-list 1 permit ^400$

this means an AS path that starts with 400 (^ symbol) and ends just after it ($ symbol).

In other words in your scenario this part is not effective:

routes originated in AS 400 (representing ISPB) are preferred for their shortest AS path over the routes received from ISP A that have an AS path made of at least

"300 400 i"

or longer if the two have no direct relationship (peering)

longer then "400 i"

these routes are exchanged over the iBGP session.

Hope to help

Giuseppe

View solution in original post

6 Replies 6

Collin Clark
VIP Alumni
VIP Alumni

Did/do you plan on AS-Prepend your public address space on this router? You have a match command but no set statement. Example-

set as-path prepend 18 18

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Bryan,

if the two public networks belong to the two ISP, ISP B is not going to accept prefix A because it is not in their block.

They filter the advertisement thinking you are acting as a transit network.

To achieve this you need to do an agreement with both providers.

Or you need to implement on your side NAT in such a way that if link or session to ISPA fails addresses of second block are used instead.

Hope to help

Giuseppe

The provider has agreed to accept the prefix A, that blongs to ISPA.

Hello Bryan,

this is good.

you need the missing network statement and as Collin has suggested you may want to use selective AS path prepending of your own AS number as a way to influence return path.

In the configuration you have attached I see:

you need also an empty route map clause to advertise the other prefix with no prepending if desired

route-map AS_Prepend permit 10

match ip address 10

!

route-map AS_Prepend permit 20

!

the opposite has to be done for the other isp

Hope to help

Giuseppe

I looked at this config on cisco's website. http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a00800945bf.shtml#conf5

When i do the local-preference 150 that is saying use shorter paths from ISP B if it has a better path correct?

The prepend, do i want to use my ASN or the ISP's ASN?

I plan on using this:

route-map AS-400-INCOMING permit 10

match as-path 1

set local-preference 150

!

route-map AS-400-OUTGOING permit 10

match ip address 10

set as-path prepend 100

!

!

route-map AS-400-OUTGOING permit 20

match ip address 20

Hello Bryan,

outgoing:

only prepending of your own AS number is recommended for the BGP rule that silently discards BGP advertisements with an AS Path attribute that already contains your own AS number.

So the best practice for prepending is to use your own AS number.

set as-path prepend 25 25

incoming:

About the config example you have linked:

you have written you are receiving BGP full tables from both providers.

the ip as path access-list of example provide better preference for all routes with an AS path attribute that is made of only the provider AS number.

ip as-path access-list 1 permit ^400$

this means an AS path that starts with 400 (^ symbol) and ends just after it ($ symbol).

In other words in your scenario this part is not effective:

routes originated in AS 400 (representing ISPB) are preferred for their shortest AS path over the routes received from ISP A that have an AS path made of at least

"300 400 i"

or longer if the two have no direct relationship (peering)

longer then "400 i"

these routes are exchanged over the iBGP session.

Hope to help

Giuseppe

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco