PBR for HTTP traffic with BGP

Answered Question
Feb 16th, 2010

How would I force http traffic from behind LAN_RTA's Fa0/0 interface to use RT1's link to RT3 to reach web server 10.10.1.10 using BGP's weight attribute?  If I then wanted to set the local-preference value in the route map instead of the weight attribute (if there were multiple routers connected to 10.1.1.0/24 for instance) to force traffic from multiple routers to prefer the same path, would I then just need to modify the route-map to set the local-preference to, say 150?  How can I then test to make sure that traffic is preferring this path?

Something like this for the weight attribute? Where would I apply the route map?

On LAN_RTA:

ip access-list extended HTTP_TRAFFIC

permit tcp 10.1.1.0 0.0.0.255 eq 80 any

route-map HTTP_REDIRECT permit 10
match ip address HTTP_TRAFFIC
set weight 100

route-map HTTP_REDIRECT permit 20

HTTP_Traffic_Redirect.gif

I have this problem too.
0 votes
Correct Answer by Giuseppe Larosa about 6 years 9 months ago

Hello,

sorry if I have not been clear:

PBR acts on user traffic packets and it is totally unrelated from BGP.

with BGP you can make use of local preference in an AS, for example AS 65001, to select an exit point towards an IP Prefix.

BGP as a routing protocol acts on IP prefixes or subnets and does not handle different type of traffic.

If for you is acceptable to route all traffic with destination A via the same exit point, regardless of traffic type (http but also FTP, telnet and whatever application can be in use) the use of local preference on border router is a possible solution.

>> What if there were multiple routers each w/ a connection to AS65001

let's suppose all of  them are eBGP peers of some border routers in AS65001

increasing the local preference on LAN_RTA will make all routers in AS 65001 to choice it as the best path to IP network behind LAN_RTA.

This BGP best path is passed to eBGP peers.

Verify that you have a full mesh iBGP in AS65001 so that return packets can be correctly routed back to eBGP peers.

Hope to help

Giuseppe

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Giuseppe Larosa Wed, 02/17/2010 - 03:12

Hello 88ssmontercarlo,

you can increase weight for some BGP routes or for all BGP routes received from a BGP neighbor.

neigh 1.1.1.1 weight 5000

or you can use a route-map to increase selectively weight only for some routes.

For diverting traffic based on type of traffic or source you need to use PBR = policy based routing

see

http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a008009481d.shtml

Hope to help

Giuseppe

Gary Jeffers Wed, 02/17/2010 - 16:10

Thanks for you reply Giuseppe.  My diagram may not have adequately shown what I was trying to ask.  What if there were multiple routers each w/ a connection to AS65001.  How would I get them all to use LAN_RTA for web traffic?  Would that be done on inbound packets via the local preference?

Correct Answer
Giuseppe Larosa Wed, 02/17/2010 - 23:33

Hello,

sorry if I have not been clear:

PBR acts on user traffic packets and it is totally unrelated from BGP.

with BGP you can make use of local preference in an AS, for example AS 65001, to select an exit point towards an IP Prefix.

BGP as a routing protocol acts on IP prefixes or subnets and does not handle different type of traffic.

If for you is acceptable to route all traffic with destination A via the same exit point, regardless of traffic type (http but also FTP, telnet and whatever application can be in use) the use of local preference on border router is a possible solution.

>> What if there were multiple routers each w/ a connection to AS65001

let's suppose all of  them are eBGP peers of some border routers in AS65001

increasing the local preference on LAN_RTA will make all routers in AS 65001 to choice it as the best path to IP network behind LAN_RTA.

This BGP best path is passed to eBGP peers.

Verify that you have a full mesh iBGP in AS65001 so that return packets can be correctly routed back to eBGP peers.

Hope to help

Giuseppe

Actions

This Discussion

Related Content