Multiple ISP bandwidth use same time in 3845 router with BGP

Answered Question
Mar 12th, 2010

Dear Experts & Giuseppe ,

I need help very urgent , I have 3845 router working with 45 MB bandwith from ISP-1 . this bandwithd  utilization very high almost upto 45mb used,

So that's why we are purchased and configure anather 25 MB bandwidth from 2nd anather ISP-2 in this same router.

pl see my bellow configuration,  i have  facing some problem , the problem is when both ISP's Bandwidth working same time that time my 45MB bandwidth comes down from 45Mb to 27 mb and my 2nd bandwdith uses 25 mb full total 50 mb bandwidth uses only when both bandwidth use at a time.

but i have total 70 mb bandiwidth i need to use total 70 mb bandwitdh so how can i use what is the configuration need to configure in 3845 router ??

PROBLEM WHEN BOTH BANDWIDTH USED SAME TIME THAT TIME ISP-1 45MB BANDWIDTH COMES DOWN UPTO 25 MB I DONT DO THIS I NEED WHEN ISP-1 45 MB BANDWITH USED FULL THEN ISP-2 BANDWIDTH COMES UP TO USE OTHERWISE TOTAL 70 MB BANDWITH USED UNEQUAL COST SAME TIME.

pl see my running BGP configuration templates.

version 12.4
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname abc
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
logging buffered 51200 warnings
enable secret Connectbvn1
!
no aaa new-model
clock timezone Chennai 5 30
!
dot11 syslog
no ip source-route
no ip gratuitous-arps
!
!
ip cef
!
!
ip domain name sancharonline.net
ip name-server 202.137.86.2
ip name-server 4.2.2.2
multilink bundle-name authenticated
!
!
!
!
!
!

archive
  log config
   hidekeys
!
!
ip ssh version 1
!
!
!
interface GigabitEthernet0/0
  description *** WAN From ISP-1 ***
  ip address 220.224.53.149 255.255.255.252
  ip access-group Virus-Block in
  ip access-group Virus-Block out
  duplex auto
  speed auto
!no shut

interface GigabitEthernet0/1
  description *** Connect to Cisco 3750 ***
  no ip address
  ip access-group Virus-Block in
  ip access-group Virus-Block out
  duplex auto
  speed auto
  no shut
!
interface GigabitEthernet0/1.1
  encapsulation dot1Q 1 native
  ip access-group Virus-Block in
  ip access-group Virus-Block out
!
interface GigabitEthernet0/1.2
  encapsulation dot1Q 2
  ip address 113.236.74.1 255.255.252.0
  ip address 220.224.152.1 255.255.255.128 secondary
  ip address 220.224.149.1 255.255.255.192 secondary
  ip address 220.224.59.1 255.255.255.0 secondary
  ip access-group Virus-blok in
  ip access-group Virus-Block out

  Interface fastEthernet0/0/0

description WAN from ISP-2

ip address 115.131.29.245 255.255.255.252

ip access-group Virus-Block in
  ip access-group Virus-Block out
  duplex auto
  speed auto
  no shut


  !
router bgp 2.133
  no synchronization
  bgp log-neighbor-changes
  aggregate-address 220.224.152.0 255.255.255.0 summary-only
  aggregate-address 220.224.149.0 255.255.255.128 summary-only
  aggregate-address 220.224.59.0 255.255.255.0 summary-only
  aggregate-address 113.236.74.0 255.255.252.0 summary-only
  redistribute connected
  redistribute static
  maximum-path 2
  neighbor 220.224.63.150 remote-as 10101
  neighbor 220.224.63.150 update-source GigabitEthernet0/0
  neighbor 220.224.63.150 next-hop-self
  neighbor 220.224.63.150 route-map default in
  neighbor 115.131.29.246 remote-as 9728
  neighbor 115.131.29.246 update-source FastEthernet0/1
  neighbor 115.131.29.246 next-hop-self
  neighbor 115.131.29.246 route-map default in
  no auto-summary
!

ip as-path access-list 10 permit ^$
ip http server
ip http authentication local
no ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
i
ip route 0.0.0.0 0.0.0.0 220.224.63.150
ip route 0.0.0.0 0.0.0.0 115.131.29.246
!
ip access-list extended Virus-Block
  deny   tcp any any eq 135
  deny   udp any any eq 135
  deny   udp any any eq netbios-ns
  deny   udp any any eq netbios-dgm
  deny   tcp any any eq 139
  deny   udp any any eq netbios-ss
  deny   tcp any any eq 445
  deny   tcp any any eq 593
  deny   tcp any any eq 4444
  permit ip any any
!
access-list 10 permit 220.224.59.0 0.0.0.255
access-list 10 permit 220.224.152.0 0.0.0.255
access-list 10 permit 220.224.149.0 0.0.0.255
access-list 10 permit 113.236.74.0 0.0.3.255
access-list 11 permit 0.0.0.0
route-map PREVENT-TRANSIT permit 10
  match ip address 10
  match as-path 10
!
route-map AS-10101-OUTGOING permit 10

Pl hlp me urgent,

Thanks in ADV,

Vaib...

I have this problem too.
0 votes
Correct Answer by Giuseppe Larosa about 6 years 10 months ago

Hello Vhaibav,

your current configuration would try to perform eBGP multipath and would be fine if the links were of equal speed.

To implement weighted load balancing using DMZ bandwidth you should follow the config examples we had discussed in your previous thread about this issue.

see

https://supportforums.cisco.com/thread/2006607?tstart=120

see last post

you need

#


so you need 4 commands

router bgp XX

bgp dmzlink-bw

maximum-paths 2

neigh isp-link1 dmzlink-bw

neigh isp-link2 dmzlik-bw

neigh isp-link1 send-community both

neigh isp-link2 send-community both

you need also to set bandwidth on edge interfaces to reflect true speed of links

int link1

bandwidth 34000

int link2

bandwidth 25000

this should be a resonable way to configure this

Edit:

notes:

a) you need ISP cooperation because you advertise DMZ bandwidth to ebgp neighbor

b) if you have multihomed with two different ISPs I'm afraid it can be a problem specially for return traffic that is what you are interested more.

See reference network diagram in

http://www.cisco.com/en/US/docs/ios/iproute_bgp/configuration/guide/irg_link_band_ps6441_TSD_Products_Configuration_Guide_Chapter.html#wp1054022

multihomed but to a single AS number in this last config I see two different AS numbers for the eBGP peers.

BGP can originate the link bandwidth community only for directly connected links to eBGP neighbors.

being a community you need to enable BGP communities exchange with commands in bold. I've added the commands above.

Edit2:

>>

So that's why we are purchased and configure anather 25 MB bandwidth from 2nd anather ISP-2 in this same router.

I'm sorry BGP link bandwidth probably does not apply to this scenario you should have two links from SAME ISP

Hope to help

Giuseppe

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Giuseppe Larosa Fri, 03/12/2010 - 09:21

Hello Vhaibav,

your current configuration would try to perform eBGP multipath and would be fine if the links were of equal speed.

To implement weighted load balancing using DMZ bandwidth you should follow the config examples we had discussed in your previous thread about this issue.

see

https://supportforums.cisco.com/thread/2006607?tstart=120

see last post

you need

#


so you need 4 commands

router bgp XX

bgp dmzlink-bw

maximum-paths 2

neigh isp-link1 dmzlink-bw

neigh isp-link2 dmzlik-bw

neigh isp-link1 send-community both

neigh isp-link2 send-community both

you need also to set bandwidth on edge interfaces to reflect true speed of links

int link1

bandwidth 34000

int link2

bandwidth 25000

this should be a resonable way to configure this

Edit:

notes:

a) you need ISP cooperation because you advertise DMZ bandwidth to ebgp neighbor

b) if you have multihomed with two different ISPs I'm afraid it can be a problem specially for return traffic that is what you are interested more.

See reference network diagram in

http://www.cisco.com/en/US/docs/ios/iproute_bgp/configuration/guide/irg_link_band_ps6441_TSD_Products_Configuration_Guide_Chapter.html#wp1054022

multihomed but to a single AS number in this last config I see two different AS numbers for the eBGP peers.

BGP can originate the link bandwidth community only for directly connected links to eBGP neighbors.

being a community you need to enable BGP communities exchange with commands in bold. I've added the commands above.

Edit2:

>>

So that's why we are purchased and configure anather 25 MB bandwidth from 2nd anather ISP-2 in this same router.

I'm sorry BGP link bandwidth probably does not apply to this scenario you should have two links from SAME ISP

Hope to help

Giuseppe

csawest.dc Fri, 03/12/2010 - 22:46

Dear Giuseppe,

Thanks a lot everytime you given me support very well,

Now i clear you actually we have two ISP's in different cities,

our 1st ISP there is 3845 router with two different isp's bandwidth from isp-1, 45 mb and isp-2, 25 mb in single 3845 router.

our 2nd ISP there is 3750 multilayer switch. here in this switch two WAN from one ISP bandwidth provider , which is 34 mb bandwdith

and 2nd WAN 11 MB in single 3750 multilayer swtich.

both the ISP's working on BGP routing , there are same problem at both side , when i configure multiple bandwidth in sigle router or multilayer switch.

our 1st ISP's bandwidth goes down from 45 mb to 25 mb  when ISP-2 bandwidth configure and work at a time.

now we are try to configure which is you have to provide me as given bellow.then let you know.

Thanks once again!!!

Vaib...

csawest.dc Sun, 03/14/2010 - 05:25

Dear Giuseppe,

this bellow command which is given you , can it's usefull ??  when multiple different ISP's bandiwidth in one single router or can

multiple wan from one single isp's

router bgp XX

bgp dmzlink-bw

maximum-paths 2

neigh isp-link1 dmzlink-bw

neigh isp-link2 dmzlik-bw

neigh isp-link1 send-community both

neigh isp-link2 send-community both


you need also to set bandwidth on edge interfaces to reflect true speed of links


int link1

bandwidth 34000


int link2

bandwidth 25000

I NEED LOAD SHARING  NOT LOAD BANANCE  BOTH BANDWIDTH PROVIDER BANDWIDTH USE AT A TIME  ISP-1 45 MB AND ISP-2 25 MB TOTAL 70 MB BADWITH WE HAVE U NEED TI USE AT A TIME 70 MB IN ONE SINGLE ROUTER.

Thanks in ADV,

Vaib...

Giuseppe Larosa Mon, 03/15/2010 - 03:55

Hello Vaibhav,

I think you can reach load sharing or load balancing in the outbound direction but for the use of two ISPs is very difficult to achieve this in the inbound direction.

for effective eBGP load balancing outbound the hidden command

bgp bestpath as-path multipath-relax

is needed.

you then may need an iBGP full mesh with internal routers with maximum-paths 4 on internal routers as explained in the configuration guide chapter I've linked in previous post.

for return traffic an agreement between you and the two ISPs is needed.

Depending on the number of /24 public IP address blocks that you have an approach with selective AS path prepending may work.

Hope to help

Giuseppe

Actions

This Discussion