Multihoming - As Prepend & Aggregate

Unanswered Question
Nov 2nd, 2009

Hi All,

We have two isp plugged into the same router. Lets say A and B. In the current setup we have X.X.X.124/24 to X.X.X.128/24 published to both the ISPs but with AS prepended to ISP B using route-map. For some reason we see some of the Tier-1 ISPs are preferring ISP B over A to send us the traffic. Now we are looking to do aggregate for ISP B and also AS prepend for one network. Could someone tell me if the following is ok with route-map

ISP A

route-map colt deny 10

match ip address prefix-list network-aggregate

route-map colt permit 20

ISP B

route-map ril deny 10

match ip address prefix-list network-allbut1

route-map ril permit 20

match ip address prefix-list network-prepend

set as-path prepend our_AS our_AS our_AS

----

ip prefix-list network-aggregate s 5 permit X.X.X.124/22

ip prefix-list network-allbut1 s 5 permit X.X.X.124/24

ip prefix-list network-allbut1 s 10 permit X.X.X.125/24

ip prefix-list network-allbut1 s 15 permit X.X.X.126/24

ip prefix-list network-allbut1 s 20 permit X.X.X.127/24

ip prefix-list network-prepend s 5 permit X.X.X.128/24

Thanks in advance.

subra

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (2 ratings)
Loading.
Edison Ortiz Mon, 11/02/2009 - 11:23

Subra,

I don't see you sending the aggregate towards ISP B.

On the following route-map:

route-map ril deny 10

match ip address prefix-list network-allbut1

You are blocking all specifics -- good.

route-map ril permit 20

match ip address prefix-list network-prepend

set as-path prepend our_AS our_AS our_AS

You are prepending .128/24

-- Where is the aggregate? There is an implied deny all..

Regards

Edison.

subra4u Mon, 11/02/2009 - 11:27

Hi,

Oops sorry I missed it

It should be

route-map ril permit 30

Otherwise does it look like it will work ok without any issues.

Thanks in advance

Subra

Giuseppe Larosa Mon, 11/02/2009 - 11:30

Hello Subra,

just to add to Edison's notes:

have you got 4 /24 prefixes from x.x.124.0/24 to x.x.128.0/24 ?

because

x.x.x..124/24

and

x.x.x.128/24 are always the same prefix

x.x.x.0/24

it may be just a typing error in masking your real addresses (and this is safe)

as Edison has noted you need to invoke the right prefix-list in second clause of route-map ril.

Hope to help

Giuseppe

subra4u Mon, 11/02/2009 - 11:44

Hi Giuseppe,

You are right. I wanted to mask the original IP address and I ended up typing all wrong.

Actually it should have been

x.x.124.0/24 to x.x.128.0/24

If this is the case then the config i posted should be alright i guess.

"as Edison has noted you need to invoke the right prefix-list in second clause of route-map ril."

i.e. route-map ril permit 30

Will the above statement do any good.

Thanks for pointing it out.

Subra

Giuseppe Larosa Mon, 11/02/2009 - 12:08

Hello Subra,

it was clearly a mistyping

I think you need a second clause invoking the prefix-list matching the aggregate.

Also I don't think you need the third empty statement unless there are other routes to be passed to ISPB.

if you have already denied all component routes.

Unless you want to use the empty 30 block to just implicitly match the aggregate route.

I would prefer to match a prefix-list explicitly to have better control leaving an empty block would automatically allow any new prefix you advertise in BGP and also provides a risk for you to pass routes from ISPA to ISPB.

Hope to help

Giuseppe

subra4u Mon, 11/02/2009 - 12:19

Hi,

I would like to send aggregate and the X.X.128.0/24 only to ISP B. So can i have the final config as

route-map ril deny 10

match ip address prefix-list network-allbut1

route-map ril permit 20

match ip address prefix-list network-aggregate

route-map ril permit 30

match ip address prefix-list network-prepend

set as-path prepend our_AS our_AS our_AS

Thx in advance

subra

Actions

This Discussion