IBGP Load balancing for two same ISPs on routers

Unanswered Question

Dear All,


This is my recent problem i faced in my network by having loops created in network and network going shut or performence fail for some sites.


In details , my network is having two 7600 routers connected to service provider by BGP with 4 and 2 MB link respectively.I use EIGRP at my core switch ,for my internal network. My getting routes from all my remotes sites on both links if used shutting down one router.If both routers are switched on,my both routers are learing same routes and creating loops in network and network fails.


Some how i found that i can make load balancing by using IBGP between two routers.


Couldn anyone please let me knew further detail process for same.


Sami

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Giuseppe Larosa Mon, 11/02/2009 - 11:41
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Sami,

your core switches are running both BGP and EIGRP.

you are probably redistributing BGP into EIGRP but also EIGRP into BGP.


mutual redistribution requires additional safety measures.

an iBGP session can help but:

BGP can advertise EIGRP routes by using appropriate network commands that match EIGRP prefixes (including EIGRP summary routes if needed).

this can help by eliminating redistribution of EIGRP into BGP.


once you remove mutual redistribution you should be fine.


alternatively, if mutual redistribution is needed for any reason you need to implement route tags and route-tags filtering as in this example:


route-map BGPtoEIGRP deny 10

match route-tag 500

route-map BGPtoEIGRP permit 20

set route-tag 600


route-map EIGRPtoBGP deny 10

match route-tag 600

route-map EIGRPtoBGP permit 20

set route-tag 500


the idea is that what is learned by BGP at core1 has to be filtered in redistributing to BGP at core2.

And also for EIGRP the same idea


router bgp xx

redistribute eigrp 100 route-map EIGRPtoBGP


router eigrp 100

red bgp xx route-map BGPtoEIGRP


if we put iBGP session in the picture we can get some benefits but I'm not sure that loops are solved without the safety measures described above.


Hope to help

Giuseppe


Please find below Configuration for 2 routers and core switch

Router 1

interface GigabitEthernet0/0.127

description " WiMax 2Mbps DMAM09-DMAM09 IP31 "

bandwidth 2048

encapsulation dot1Q 127

ip address 172.31.83.182 255.255.255.252

ip flow ingress

!

interface GigabitEthernet0/1

description DMAM09_00_303-DMAM09_00_303 IP4 Fiber 4Mbps

bandwidth 4096

no ip address

ip flow ingress

ip flow egress

load-interval 30

duplex auto

speed auto

media-type rj45

!

interface GigabitEthernet0/1.123

description DMAM09_00_303-DMAM09_00_303 IP4 Fiber 4Mbps

bandwidth 4096

encapsulation dot1Q 123

ip address 172.31.178.110 255.255.255.252

ip flow ingress

ip flow egress

traffic-shape group 130 512000 12800 12800 1000

!

router eigrp 100

redistribute static

redistribute bgp 64589 metric 1000 10 255 1 1500

network 10.0.0.0

no auto-summary

no eigrp log-neighbor-changes

!

router bgp 64589

bgp log-neighbor-changes

neighbor 172.31.28.237 remote-as 65000

neighbor 172.31.178.109 remote-as 65000

!

address-family ipv4

redistribute static

redistribute eigrp 100

neighbor 172.31.28.237 activate

neighbor 172.31.178.109 activate

no auto-summary

no synchronization

Router 2:

interface GigabitEthernet0/0.127

description " WiMax 2Mbps DMAM09-DMAM09 IP31 "

bandwidth 2048

encapsulation dot1Q 127

ip address 172.31.83.182 255.255.255.252

ip flow ingress

shutdown

!

interface GigabitEthernet0/1

ip address 10.42.0.18 255.255.255.252

ip hello-interval eigrp 100 1

ip hold-time eigrp 100 3

ip authentication mode eigrp 100 md5

ip authentication key-chain eigrp 100 [email protected]

no ip mroute-cache

duplex auto

speed 100

media-type rj45

!

interface FastEthernet0/0/0

description Link to DMHF5C1CrS2C65

ip address 10.42.0.6 255.255.255.252

ip access-group 30 out

no ip proxy-arp

ip hello-interval eigrp 100 1

ip hold-time eigrp 100 3

ip authentication mode eigrp 100 md5

ip authentication key-chain eigrp 100 [email protected]

no ip mroute-cache

duplex auto

speed auto

!

interface FastEthernet0/0/1

description Link to DMHF5C1CrS2C65

ip address 10.43.0.6 255.255.255.252

ip access-group 30 out

no ip proxy-arp

ip hello-interval eigrp 100 1

ip hold-time eigrp 100 3

ip authentication mode eigrp 100 md5

ip authentication key-chain eigrp 100 [email protected]

no ip mroute-cache

duplex full

speed 100

!

router eigrp 100

redistribute bgp 64589 metric 1000 10 255 1 1500

network 10.0.0.0

no auto-summary

no eigrp log-neighbor-changes

!

router bgp 64589

bgp log-neighbor-changes

neighbor 172.31.28.237 remote-as 65000

neighbor 172.31.83.181 remote-as 65000

!

address-family ipv4

redistribute eigrp 100

neighbor 172.31.28.237 activate

neighbor 172.31.83.181 activate

no auto-summary

no synchronization

Core switch Routing :


router eigrp 100

redistribute connected

redistribute static

network 10.0.0.0

distribute-list default-Route out !

ip classless

ip route 0.0.0.0 0.0.0.0 10.42.0.2

!

no ip http server

!

ip access-list standard default-Route

permit 0.0.0.0

!

access-list 186 deny tcp 10.44.0.0 0.0.255.255 10.0.152.0 0.0.0.255

access-list 186 permit ip any any



with above configuration am able to put up my network transmitting well,but when i switch on my second router the loops are found and network gets down.please let me knew the simple method with minimum down time to remove my loopps and utilize both links of 4 and 2 mbps in my network to same ISP.





Giuseppe Larosa Thu, 11/05/2009 - 05:15
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Sami,

as I have guessed in my first post the problem is that you have two devices performing mutual redistribution between BGP and EIGRP.


I've already explained the two options available:

a) removing red of EIGRP into BGP and adding appropriate network commands under router BGP to represent local routes

b) using route tags to implement mutual redistribution in a controlled way


also on core switches what is the use of ip route 0.0.0.0 0.0.0.0 10.42.0.2 if they receive the default route in EIGRP this is not needed.

in this way you are overriding the dynamic routing.


I'm afraid this can be part of the problem. Also I would try to remove the distribute-list to see what happens.


Hope to help

Giuseppe


Actions

This Discussion