Full Internet Routes or Default Route from ISP

Answered Question
Jan 6th, 2010

Hi,


We have two sites in two different states.  Each site will use a different ISP.  We own a /20 and have our own AS number.  We take advantage BGP failover from the HQ site to the DR site useing local preference and more specific routing.  Our DR site uses a /24 carved from our /20.  We advertise the /24 and /20 from the DR site, and we break the /20 into two /21's at our HQ site and use local preference.


Currently at my HQ site, I DO NOT take full internet routes from our ISP - only the default route.  The DR site takes full Internet routes (currently useing the same ISP).  We are in the process of re-provisioning our Internet access to a different provider and I'm trying to decide if I really need to take full routes.


Any suggestions?

Correct Answer by Jon Marshall about 7 years 1 month ago

christopherbell wrote:


Hi there -- this is the kind of information I need.  To be honest though, at this point and time we are not really interestedin NetFlow traffic analysis.  If there is no performance affecting reason for accepting full routes - or anything that would prevent us from failing over between the two sites, I don't see any reason to take full routes.


Any other suggestions?


Christopher


If there is only one way in and out then no you do not need full internet routing and a default route would be fine. The others have pointed out why you might want to take full routing and if your device supports it then why not but if none of the reasons already given are things you need then just accept a default.


As has already been said, accepting full/partial routing for the internet is really to do with when you have multiple exit and entry points and you want to influence either inbound, outbound or both but that is not the case for you.


Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (3 ratings)
Loading.
Christopher Bell Wed, 01/06/2010 - 11:14

I should preface the last statement with we are in the process of provisioning a new ISP at our DR site -- not our HQ site.  It will remain the same.  We will have different ISP's at each site.

Borman Bravo Wed, 01/06/2010 - 11:57

If your current router platform is capable of supporting full BGP routing tables then that should really be the way to go to take advantage of all of the benefits of your external BGP peering, receiving full routes achieves the following:


-Outbound traffic will egress via the path closest to the destination (either ISP-A or ISP-B)

-Redundancy for Individual prefixes can be achieved so if a routing issue within either ISP-A or ISP-B for a particular subnet can be

picked up by the opposite ISP.


I hope this helps.

Christopher Bell Wed, 01/06/2010 - 12:43

Hi,


Thanks for posting back.  I would agree if we had two different ISP's at each location - but we don't.  There is no need for loadbalancing at the sites or between the sites.  Since only one ISP is being used at each site (different ISP's however) I really don't see why I would need to use full routes... but I guess that's what I'm asking.

Giuseppe Larosa Wed, 01/06/2010 - 15:24

Hello Christopher,


there can be advantages at different levels, not only for optimal routing to the internet.


For example, if you have a full internet table you can perform netflow traffic analysis based on AS number. This can be useful for security reasons and for studying how the traffic going to the internet of coming from the internet is composed.


It can help to trace from what AS a specific traffic comes (netflow with option origin-as to keep the original AS number).


So I agree that if your edge device supports a full table it is wise to receive it. To be ready for possible requests from security team, for possible needs at management/monitoring level.


Hope to help

Giuseppe

Christopher Bell Thu, 01/07/2010 - 04:46

Hi there -- this is the kind of information I need.  To be honest though, at this point and time we are not really interestedin NetFlow traffic analysis.  If there is no performance affecting reason for accepting full routes - or anything that would prevent us from failing over between the two sites, I don't see any reason to take full routes.


Any other suggestions?

Correct Answer
Jon Marshall Thu, 01/07/2010 - 05:17

christopherbell wrote:


Hi there -- this is the kind of information I need.  To be honest though, at this point and time we are not really interestedin NetFlow traffic analysis.  If there is no performance affecting reason for accepting full routes - or anything that would prevent us from failing over between the two sites, I don't see any reason to take full routes.


Any other suggestions?


Christopher


If there is only one way in and out then no you do not need full internet routing and a default route would be fine. The others have pointed out why you might want to take full routing and if your device supports it then why not but if none of the reasons already given are things you need then just accept a default.


As has already been said, accepting full/partial routing for the internet is really to do with when you have multiple exit and entry points and you want to influence either inbound, outbound or both but that is not the case for you.


Jon

Christopher Bell Thu, 01/07/2010 - 05:50

Thanks -- this was the clarification I was looking for.  I am by no means an expert on BGP and I wanted to make sure this was not going to affect our failover configuration.

Actions

This Discussion