Two WAN -Same ISP with BGP routing help

Answered Question
Feb 27th, 2010

Dear Experts,

How can i configure 2nd bandwith WAN same ISP with same ASN-

Our new 11 Mbps WAN Details with same ISP / ASN as under:-

115.248.14.245 ip
255.255.255.252 mask
115.248.14.246  Gateway

ASN-13101
______________________________________________________________________________
Old ip class with 45 Mbps (working bandwith)

220.224.63.197  Ip
255.255.255.252 Subnet
220.224.63.198 Gateway

ASN-13101

Working BGP routing as given bellow:

router bgp 45905
no synchronization
bgp log-neighbor-changes
network 180.140.240.0 mask 255.255.252.0
network 220.224.150.0 mask 255.255.255.0
network 220.224.151.0 mask 255.255.255.128
redistribute static
redistribute connected
neighbor 220.224.63.198 remote-as 13101
neighbor 220.224.63.198 update-source FastEthernet1/0/21
neighbor 220.224.63.198 next-hop-self
neighbor 220.224.63.198 route-map default in
no auto-summary

access-list 16 permit 220.224.150.0 0.0.0.255
access-list 16 permit 220.224.151.0 0.0.0.128
access-list 16 permit 180.140.240.0 0.0.3.255
access-list 17 permit 0.0.0.0

!
route-map AS-13101-OUTGOING permit 16
match ip address 16


ip as-path access-list 16 permit ^$
route-map PREVENT-TRANSIT permit 16
match ip address 16
match as-path 16

Pl help me.

Vaib...

I have this problem too.
0 votes
Correct Answer by Giuseppe Larosa about 6 years 10 months ago

Hello Vaibhav,

some comments here:

if the new link speed is 11 Mbps and the old link is a true 45 Mbps your best choice is to use the new link as a secondary path to be used only when primary link (the existing one) fails.


With this goal you need to do the following:

making current neighbor the preferred one using weight or local preference.

for inbound direction you can use MED or AS path prepend to make updates sent on new link worse then the ones on the primary link

router bgp 45905

neighbor 220.224.63.198 weight 500

two route-maps are needed to differentiate advertisements sent to the two eBGP neighbors in AS 13101

route-map out-to-primary permit 16
match ip address 16
match  as-path 16

set metric 50

route-map out-to-secondary permit 16
match ip address 16
match  as-path 16

set metric 200

set as-path prepend 45905 45905

router bgp 45905

neigh 115.248.14.246 remote-as 1301

neigh 115.248.14.246 route-map default in

neigh 115.248.14.246 route-map out-to-secondary out

! towards primary neigh

neigh 220.224.63.198 route-map out-to-primaryout

Hope to help

Giuseppe

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Paolo Bevilacqua Sat, 02/27/2010 - 02:25

Premitted that you can very possibly good free advice here or other Internet forums.

Would not be better if you instead engage a netwotk professional that can take of the all the aspects of the problem, and guarantee professional results without downtime ?

csawest.dc Sat, 02/27/2010 - 03:06

Dear experts,

Pl help me when Multiple WAN from Same (single) ISP with BGP routing configure.

How can i configure 2nd bandwith WAN same ISP with same ASN-


Our new 11 Mbps WAN Details with same ISP / ASN as under:-


115.248.14.245 ip
255.255.255.252 mask
115.248.14.246  Gateway

ASN-13101
______________________________________________________________________________
Old ip class with 45 Mbps (working bandwith)


220.224.63.197  Ip
255.255.255.252 Subnet
220.224.63.198 Gateway

ASN-13101


our

Network : 180.140.240.0/22

               220.224.150.0/24

               220.224.152.0/25

Thanks in ADV,

Vaib...

Correct Answer
Giuseppe Larosa Sat, 02/27/2010 - 03:03

Hello Vaibhav,

some comments here:

if the new link speed is 11 Mbps and the old link is a true 45 Mbps your best choice is to use the new link as a secondary path to be used only when primary link (the existing one) fails.


With this goal you need to do the following:

making current neighbor the preferred one using weight or local preference.

for inbound direction you can use MED or AS path prepend to make updates sent on new link worse then the ones on the primary link

router bgp 45905

neighbor 220.224.63.198 weight 500

two route-maps are needed to differentiate advertisements sent to the two eBGP neighbors in AS 13101

route-map out-to-primary permit 16
match ip address 16
match  as-path 16

set metric 50

route-map out-to-secondary permit 16
match ip address 16
match  as-path 16

set metric 200

set as-path prepend 45905 45905

router bgp 45905

neigh 115.248.14.246 remote-as 1301

neigh 115.248.14.246 route-map default in

neigh 115.248.14.246 route-map out-to-secondary out

! towards primary neigh

neigh 220.224.63.198 route-map out-to-primaryout

Hope to help

Giuseppe

csawest.dc Sat, 02/27/2010 - 03:32

Dear Giuseppe,

thanks you very much , My current working 45 MB bandwith used full utilized many times that's why i need other 11 mb bandwith same ISP with new WAN , so i need when current bandwith full used then other    11 bm comes up  for use autometc or both are used same time.

can i give maximum-path 2 in bgp ???

pl check bellow config can it is right ??

route-map out-to-primary permit 16
match ip address 16
match  as-path 16

set metric 50

route-map out-to-secondary permit 16
match ip address 16
match  as-path 16

set metric 200

set as-path prepend 45905 45905

router bgp 45905

no synchronization
bgp log-neighbor-changes

network 180.140.240.0 mask 255.255.252.0
network 220.224.150.0 mask 255.255.255.0
network 220.224.151.0 mask 255.255.255.128

neigh 220.224.63.198 remote-as 13101

neigh 220.224.63.198 route-map default in

neigh 220.224.63.198 route-map out-to-primary out

neighbor 220.224.63.198 update-source FastEthernet1/0/21
neighbor 220.224.63.198 next-hop-self

neigh 115.248.14.246 remote-as 13101

neigh 115.248.14.246 route-map default in

neigh 115.248.14.246 route-map out-to-secondary out

neigh 115.248.14.246 update-sourece fasethernet1/0/24

neigh 115.248.14.246 netxt-hop-self

maximum-path 2

redistribute static
redistribute connected

no auto-summary.

Pl let me know my above config templates is correct for multiple wan in bgp same ISP ??

Thanks in ADV,

Vaib...

Giuseppe Larosa Sat, 02/27/2010 - 04:27

Hello Vaibhav,

if the links were of equal speed the goal could be the use of both links for load balancing and redundancy.

But  if the link speed is so different (45 Mbps versus 11) Mbps using maximum-paths 2 you would end up to suffer saturation of new link when aggregate traffic is roughly 25 Mbps.

BGP does not provide a traffic load based policy tool.

One way to implement  something similar would be to use OER/PfR optimized edge routing/Performance Routing.

see

http://www.cisco.com/en/US/docs/ios/oer/configuration/guide/oer-overview_ps6441_TSD_Products_Configuration_Guide_Chapter.html

But it might be unsupported on the device you are using that is probably a C3750 multilayer switch.

I would remove that maximum-paths 2 and would give preference to faster link.

Second option (to be checked with SP and on your device)

Sorry, only way to use effectively both links would be to split logically the fast link in 4 logical links and then to implement 5 eBGP sessions over new link and the 4 logical links derived from primary link.

But this can be done only if there is a way to create some form of subinterfaces.

you would need 4 /30 subnets on primary link. If the link comes with some form of FE link you could use Vlan based.

your side would be changed in a L2 trunk carrying  4 vlans

you would need 4 SVI one for each vlan, one eBGP session would be built over each SVI/vlan and the 5th one is on the new link.

You would need cooperation with the service provider to perform this setup.

In this scenario you would need maximum-paths 5 (if possible so first check is to see if this command is accepted under router BGP)

You should also advertise your own subnets with no difference (no different MED no AS path prepending)

in the end: the easiest way is to upgrade second link to 45 Mbps speed.

Hope to help

Giuseppe

csawest.dc Sat, 02/27/2010 - 05:53

Dear Giuseppe,

My requirement is when my woriking 45 mb bandwidth are fully utilised then other 11 mb bandwith for use.

so please give me simple templates regareding the same. can i use maximum-path 2 command for this perpose ??

Thanks in ADV,

Vaib...

Giuseppe Larosa Sat, 02/27/2010 - 09:26

Hello Vaibhav,

as I've explained in my previous post BGP does not provide a tool to start to use second link when load a primary link is over a threshold.

I strongly recommend to not use maximum-paths on the current scenario.

However, if both links and eBGP sessions are on the same device you could think to take advantage of backup interface command.

The second interface declared as backup of the first will not be operational until load is over a configured threshold. As a result of this the second eBGP session will be down under normal conditions and will come up after few seconds second interface is brought up.

check if the following commands are supported (not sure they are in a multilayer switch)

int fas1/0/21

backup interface fas1/0/24

backup load 

However, the risk is that the device will try to load balance between the two links with huge drops on secondary link (that can happen on ISP network)

If this happens you get a worse network then current one under heavy load conditions.

Only EIGRP can perform a weighted load balancing, so this could be the only option but the ISP should agree on this (on the use of EIGRP)

Unfortunately, not every issue has a technical solution even without looking at the complexity.

Hope to help

Giuseppe

csawest.dc Mon, 03/01/2010 - 23:06

Dear Giuseppe,

can i use both of these command for unqueal cost bandwith and remove maximum-path 2 ??

Pls see bellow mention templates is it right or needs to any changes ??

pl suggest me.

router bgp 45905

no synchronization
bgp log-neighbor-changes

network 180.140.240.0 mask 255.255.252.0
network 220.224.150.0 mask 255.255.255.0
network 220.224.151.0 mask 255.255.255.128

neigh 220.224.63.198 remote-as 13101

neigh 220.224.63.198 route-map default in

neigh 220.224.63.198 route-map out-to-primary out

neighbor 220.224.63.198 update-source FastEthernet1/0/21
neighbor 220.224.63.198 next-hop-self

neighbor 220.224.63.198 dmzlink-bw <<----------------------------------------------------- Add this command ??
neigh 115.248.14.246 remote-as 13101

neigh 115.248.14.246 route-map default in

neigh 115.248.14.246 route-map out-to-secondary out

neigh 115.248.14.246 update-sourece fasethernet1/0/24

neigh 115.248.14.246 netxt-hop-self

neighbor 115.248.14.246 dmzlink-bw <<------------------------------------------------ Add This Command ??
redistribute static
redistribute connected

no auto-summary.

Thanks in ADV,

Vaib...

route-map out-to-primary permit 16
match ip address 16
match  as-path 16

set metric 50

route-map out-to-secondary permit 16
match ip address 16
match  as-path 16

set metric 200

set as-path prepend 45905 45905

Giuseppe Larosa Tue, 03/02/2010 - 09:15

Hello Vaibhav,

interesting note

the command is described here:

http://www.cisco.com/en/US/docs/ios/iproute/command/reference/irp_bgp3.html#wp1013589

it is interesting it might work but only in combination with

maximum-paths 2

and with AF level

bgp dmzlink-bw  (that should do the trick, but in what direction ?)
but I'm not sure if it works outbound or also inbound.

Also bandwidth what is the bandwidth configured on the interface?

I admit I've never used this command, so I cannot say if the behaviour is correct.

Also you probably should remove prepending on secondary link and you should use the same MED value

It may be wise to test it in a lab if possible.

Edit:

looking at configuration guide the feature appears to be useful to allow weighted load balancing from internal BGP peers towards different edge BGP routers

but also on edge routers should be effective as described

>> In the following example, Router B is configured to support multipath load balancing, to distribute Router D and Router E link traffic proportionally to the bandwidth of each link, and to advertise the bandwidth of these links to iBGP neighbors as an extended community:

http://www.cisco.com/en/US/docs/ios/iproute_bgp/configuration/guide/irg_link_band_ps6441_TSD_Products_Configuration_Guide_Chapter.html#wp1054017

Edit:

in a new thread another colleague Konrad is using a similar setup with a single edge device

see

https://supportforums.cisco.com/thread/2007036?tstart=0

Hope to help

Giuseppe

csawest.dc Fri, 03/05/2010 - 02:35

Dear Giuseppe,

I have configured bellow configuration in BGP

router bgp 45905

no synchronization
bgp log-neighbor-changes

network 180.140.240.0 mask 255.255.252.0
network 220.224.150.0 mask 255.255.255.0
network 220.224.151.0 mask 255.255.255.128

neigh 220.224.63.198 remote-as 13101

neigh 220.224.63.198 route-map default in

neighbor 220.224.63.198 update-source FastEthernet1/0/21
neighbor 220.224.63.198 next-hop-self

neigh 115.248.14.246 remote-as 13101

neigh 115.248.14.246 route-map default in

neigh 115.248.14.246 update-sourece fasethernet1/0/24

neigh 115.248.14.246 netxt-hop-self

redistribute static
redistribute connected

no auto-summary.

When i configured this above config , my old bandwith wihich is 34 MB comes down to 14 mb and new one which is 11 mb is fully utilised , and also download speed also very low.

There are all the traffic 1st on new 11 mb used, and when i shut that port fastether1/0/24 then old bandwith 34 mb is used full upto 32 mb,

so problem is when both bandth is up that time total bandith used old 14 mb + new 11 mb = 25 mb only but when i disconnect new 11 mb bandwith it's used old bandwidth upto 33 mb,

So my requirement ( how can i  configure priority on bandwidth when old 34 mb bw fully utilized then comes up to use new 11 mb?? ) my all traffice 1st on old 34 mb bandwidth then it's fully utilized after other traffic on new 11 mb so then i can used total 45 mb bandwith not wasted my idle bandwith.

pl help me it's VERY URGENT.

Thanks in ADV,

Vaib...

Giuseppe Larosa Fri, 03/05/2010 - 02:44

Hello Vaibhav,

your results confirm my worries.

if you use maximum-paths without the DMZ bandwidth commands you get a worse scenario with a bottle neck as you have seen

also in the configuration you have posted I don't see maximum-paths 2 but you have configured it otherwise you couldn't see both paths used at the same time.

Read carefully my previous post if you want to try to implement DMZ bandwidth.

otherwise use my first proposal to implement a primary/secondary schema that was my first suggestion.

Edit:

how I could answer to your post before you have sent it?

Hope to help

Giuseppe

csawest.dc Fri, 03/05/2010 - 03:00

Dear Giuseppe,

Can it is possible bandwidth prority how can i configure ??

new link as a secondary path to be used only when primary link (the existing one 34 mb )  fully utilize or fails..

So my requirement ( how can i  configure priority on bandwidth when old 34 mb bw fully utilized then comes up to use new 11 mb?? ) my all traffice 1st on old 34 mb bandwidth then it's fully utilized after other traffic on new 11 mb so then i can used total 45 mb bandwith not wasted my idle bandwith.

i have configure dmzlink-bw command with maximum-path 2 still same problem , without maximum-path 2 only dmzlink-bw ,still same issue , and aslo both the command i removed only simple bgp configuration as i mention above still face same problem 1st used my new 11 mb bandiwth and then goes down my old bandwith from 33 mb to 14 or 15 mb when i used both bandwidth at a same time so how can i set 1st prority utilized my 34 old bandwith then new 11 mb new when old bandwidth fuly utilized then.

if you are give me templates  my  required it is very help full for me.

please....

Vaib...

Giuseppe Larosa Fri, 03/05/2010 - 03:26

Hello Vaibhav,

to effectively use both links with DMZ bandwidth you need to coordinate with ISP: they need to do the same on their side to build bidirectional unequal load balancing.

Sorry if this aspect was not clear before. As I wrote I haven't used this specific feature but you can look at the thread of Konrad that is using it with good results.

no backup effects are possible I  tried to explain this before.

template from config guide

Router B(config-router)# address-family ipv4 
Router B(config-router-af)# bgp dmzlink-bw 
Router B(config-router-af)# neighbor 10.10.10.1 activate 
Router B(config-router-af)# neighbor 10.10.10.1 next-hop-self 
Router B(config-router-af)# neighbor 10.10.10.1 send-community both 
Router B(config-router-af)# neighbor 10.10.10.3 activate 
Router B(config-router-af)# neighbor 10.10.10.3 next-hop-self 
Router B(config-router-af)# neighbor 10.10.10.3 send-community both 
Router B(config-router-af)# neighbor 172.16.1.1 activate 
Router B(config-router-af)# neighbor 172.16.1.1 dmzlink-bw 
Router B(config-router-af)# neighbor 172.16.2.2 activate 
Router B(config-router-af)# neighbor 172.16.2.2 dmzlink-bw
Router B(config-router-af)# maximum-paths ibgp 6
Router B(config-router-af)# maximum-paths 6 

so you need 4 commands

router bgp XX

bgp dmzlink-bw

maximum-paths 2

neigh isp-link1 dmzlink-bw

neigh isp-link2 dmzlik-bw

you need also to set bandwidth on edge interfaces to reflect true speed of links

int link1

bandwidth 34000

int link2

bandwidth 11000

Hope to help

Giuseppe

Actions

This Discussion