BGP dual-routers with dual-ISP / load-share

Unanswered Question
Jan 28th, 2010

Hi,

I have two links from two different providers. Assuming I have /24 to advertise these two networks which is a min requirement, I'll receive a default routes from them not to consume too much resources and I need to control policies in my local routers. I would prefer a shortest-path for my inbound traffic and/or load-share my links as close as possible... what is the best way for outbound traffic to even out the links if possible? or maybe inbound traffic as well?

Thanks in advance ...

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Giuseppe Larosa Thu, 01/28/2010 - 10:02

Hello,

under the hyphotesis you own two public /24 address blocks and your own BGP public AS number you are in the conditions of taking advantage of eBGP multihoming.

Towards ISP1 you can send prefix 1 without any prepending and prefix2 with some AS path prepending of your own AS number.

doing the opposite towards ISP2 makes ISP1 the preferred return path for Prefix1 and ISP2 the preferred return path for Prefix2.

Two different route-maps to be applied outbond to neighbors have to be used

This however, can have limited effects because a better connectivity on ISP1 towards some destinations may compensate for your AS path prepending on Prefix2.

The same can happen for ISP2 when looking at Prefix1.

If the two prefixes are also contiguous like 195.22.201.0 and 195.22.202.0 playing on usage of a /23 and sending of only one /24 (prefix1) to ISP1 and sending of /23 and prefix2 to ISP2 can be used.

for outbound traffic if you only receives default routes there is little you can do, just the use of internal routing protocols on internal lan interfaces or of GLBP or MHSRP if blocks apply to client vlans.

the two border routers can publish a default route in OSPF or EIGRP with same parameters devices in internal vlan (to be noted ASA can support this) can install two default routes and can perform per flow load balancing.

The route has to be published only if the BGP 0.0.0.0 is received on the border router and from the eBGP neighbor.

if an iBGP session is used between the two border routers the presence of the route and the route next-hop should be checked.

We have done this successfully with OSPF using

router ospf 10

default-information originate route-map check_BGP type 1

access-list 11 permit host eBGP-next-hopaddress

ip prefix-list only-default permit 0.0.0.0/0

route-map check_BGP permit 10

match ip address prefix only-default

match ip next-hop 11

set metric 50

border routers learn of public address blocks from their IGP neighbors or they perform NAT also

Hope to help

Giuseppe

Gerard Gacusan Thu, 01/28/2010 - 11:24

Thanks for a reply...but I have a single public /24 block only. Yes, I own ASN. I understand your scenario below with two prefixes using AS prepending for outbound traffic, one prefix to ASN1 and other prefix to ASN2.

Does it sounds right? How about a single /24?

Giuseppe Larosa Fri, 01/29/2010 - 01:37

Hello,

with a single /24 you will not be able to influence return path in the same way.

I'm afraid you may expect one ISP to be used most for return traffic or even only one.

You can try to prepend towards this dominant ISP in an attempt to get some return traffic from the other one.

You can even try to setup agreements between you and the two providers with the objective of improving traffic load sharing on the return path.

This private arrangement could allow you to use two /25 prefixes but requires a direct peering between the two ISPs, in the global internet /24 is the most specific route accepted.

As you can understand this becomes more a commercial problem and you may receive a negative answer from providers.

Hope to help

Giuseppe

Gerard Gacusan Fri, 01/29/2010 - 06:48

Hello,

In your case, does you links are equally even or close to equal on both incoming and outgoing traffics?

For incoming traffic, the source will use the shortest AS_path from which the traffic was originated from, so it might go to ISP1 or ISP2 ?

For outbound traffic, prefix1 is destined via ISP1 and prefix2 is destined via ISP2 with AS prepending?

what if the link is saturated? would there be a possibility to reroute traffic to other link?

I am interested of getting the links equal or close to equal use if possible ...

Thanks again ..

Giuseppe Larosa Fri, 01/29/2010 - 09:48

Hello,

>> In your case, does you links are equally even or close to equal on both incoming and outgoing traffics?

no this is not possible you can achieve usage of both links on both directions

>> For outbound traffic, prefix1 is destined via ISP1 and prefix2 is destined via ISP2 with AS prepending?

no, AS path prepending tries to influence return path not outgoing path there is no attempt to enforce symmetric paths (not required) that would require to use PBR on both routers but it is not needed in usual scenarios

outbound is simply load balancing over two default routes if specific routes are not received from ISP1 and ISP2

>> what if the link is saturated? would there be a possibility to reroute traffic to other link?

this is not possible with BGP alone, for outbound direction without receiving full internet BGP tables you cannot decide out what ISP to go.

to be correct some modern tecniques like OER/PfR can help in detecting that a link is used too much.

>> I am interested of getting the links equal or close to equal use if possible ...

it is simply not possible specially for the return path it is a good result to get both links used in both directions or at least fair outbound load balancing and one link used for return traffic.

Hope to help

Giuseppe

Actions

This Discussion