Some IP Pools all the traffic through second ISP by ip prefix-list and failover in BGP

Answered Question
May 23rd, 2010

Dear experts,

Please help me regarding ip prefix-list and also failover when any one ISP-A Bnadwidth goes  down then autometic all the traffic utilize up on second ISP-B bandwidth.

router bgp 123456
no synchronization
bgp log-neighbor-changes
aggregate-address 132.238.75.0 255.255.252.0 summary-only
aggregate-address 210.212.159.0 255.255.255.128 summary-only
aggregate-address 210.212.152.0 255.255.255.0 summary-only
aggregate-address 210.212.59.0 255.255.255.0 summary-only
redistribute static
redistribute connected
neighbor 210.212.51.150 remote-as 10101
neighbor 210.212.51.150 update-source FastEthernet0/1
neighbor 210.212.51.150 next-hop-self
no auto-summary
!
ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 210.212.51.150
ip route 132.238.77.0 255.255.255.0 132.235.75.6


currently we are using cisco 3845 router and at present only one ISP bandwidth running which is 50 MB , now we need more 30 MB bandwith from second ISP-B.

we need some ip pools all the traffics in / out both utilize through ISP-B e.g 132.238.77.0/24. we need this ip pools all the traffic both in / out utilize on ISP-B

but when isp-B bandwidth goes down that time perticularly this pool or which ever we can configure through ISP -B after down bandwidth of ISP-B all the traffic of these ip pools comes up on ISP-A autometic in BGP.

above bold indicatation ip pools we need all the traffic through ISP-B , but when down bandwidth of ISP-B it comes up autometci on ISP-A.

as per my requirment , what is the configuration in BGP to solve this issue.

ISP B ASN 9674
neighbour- 125.114.224.45

Thanks in ADV,

Vaib...

I have this problem too.
0 votes
Correct Answer by Giuseppe Larosa about 6 years 8 months ago

Hello Vaibhav,

>> we need some ip pools all the traffics in / out both utilize through ISP-B e.g 132.238.77.0/24. we need this ip pools all the traffic both in / out utilize on ISP-B

BGP alone is not enough to achieve this: for selecting an outgoing path based on source address you need to use policy based routing PBR

access-list 11 permit 132.238.77.0 0.0.0.255

route-map PBR_to_ISPB permit 10

match ip address 11

set ip next-hop 125.114.224.45

interface LAN

description internal LAN

ip policy route-map PBR_to_ISPB

this should provide you correct behaviour in outbound direction.

In order to influence the return path you should use selective AS path prepending to make ISPB more attractive and you could advertise more specific routes towards ISPB. The combination of these two operations can give you a reasonable amount of return traffic via ISP B for net 132.238.77.0/24

you should add

router bgp 123456

network 132.238.77.0 mask 255.255.255.0

no aggregate-address 132.238.75.0 255.255.252.0 summary-only

aggregate-address 132.238.75.0 255.255.252.0

! specific route to ISPB, aggregate to ISP A

!

ip prefix-list component77 seq 5 permit 132.238.77.0/24

ip prefix-list aggregate132 seq 5 permit 132.238.75.0/22

route-map out_ISPA deny 10

match ip address prefix-list component77

route-map out_ISPA permit 20

match ip address prefix-list aggregate132

set as-path-prepend 123456 123456 123456 123456

route-map out_ISPA permit 30

! empty block to allow all other prefixes with no changes

for ISPB

route-map out_ISPB deny 10

match ip address prefix-list aggregate132

route-map out-ISPB permit 20

match ip address prefix-list component77

route-map out-ISPB permit 30

set as-path-prepend 123456 123456 123456 123456

router bgp 123456

neigh 210.212.51.150 route-map out_ISPA out

neigh 125.114.224.45 route-map out_ISPB out

Hope to help

Giuseppe

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Giuseppe Larosa Mon, 05/24/2010 - 01:59

Hello Vaibhav,

>> we need some ip pools all the traffics in / out both utilize through ISP-B e.g 132.238.77.0/24. we need this ip pools all the traffic both in / out utilize on ISP-B

BGP alone is not enough to achieve this: for selecting an outgoing path based on source address you need to use policy based routing PBR

access-list 11 permit 132.238.77.0 0.0.0.255

route-map PBR_to_ISPB permit 10

match ip address 11

set ip next-hop 125.114.224.45

interface LAN

description internal LAN

ip policy route-map PBR_to_ISPB

this should provide you correct behaviour in outbound direction.

In order to influence the return path you should use selective AS path prepending to make ISPB more attractive and you could advertise more specific routes towards ISPB. The combination of these two operations can give you a reasonable amount of return traffic via ISP B for net 132.238.77.0/24

you should add

router bgp 123456

network 132.238.77.0 mask 255.255.255.0

no aggregate-address 132.238.75.0 255.255.252.0 summary-only

aggregate-address 132.238.75.0 255.255.252.0

! specific route to ISPB, aggregate to ISP A

!

ip prefix-list component77 seq 5 permit 132.238.77.0/24

ip prefix-list aggregate132 seq 5 permit 132.238.75.0/22

route-map out_ISPA deny 10

match ip address prefix-list component77

route-map out_ISPA permit 20

match ip address prefix-list aggregate132

set as-path-prepend 123456 123456 123456 123456

route-map out_ISPA permit 30

! empty block to allow all other prefixes with no changes

for ISPB

route-map out_ISPB deny 10

match ip address prefix-list aggregate132

route-map out-ISPB permit 20

match ip address prefix-list component77

route-map out-ISPB permit 30

set as-path-prepend 123456 123456 123456 123456

router bgp 123456

neigh 210.212.51.150 route-map out_ISPA out

neigh 125.114.224.45 route-map out_ISPB out

Hope to help

Giuseppe

csawest.dc Mon, 05/24/2010 - 02:26

Dear Giuseppe,

Thanks buddy, you are one of the greatest expert in CSC.

as per your config template as given bellow, i have to do in my router and

router bgp 123456

neigh 210.212.51.150 route-map out_ISPA out

neigh 125.114.224.45 route-map out_ISPB out

so then all the traffic IN and OUT  bothway to utilize throug both the ISP ??

Some confiusion pls clear it i requist to you please.

>> Should i need to remove static and default route ??

>> and PBR apply in LAN interface ?? ( in my router 3 ge int two WAN and one LAN )

>> Should i need to remove ip policy route-map PBR_to_ISPB in LAN interface when ISP-B bandwidth down ??

>> then it's work as per my requirement ??

>> 132.238.77.0/24 ip pool all the traffic through ISP -B and when ISP-B bandwidth down it comes up autometic on ISP-A ??

Thanks once again!!!

Cheers!!!

Vaib...

Giuseppe Larosa Mon, 05/24/2010 - 11:30

Hello Vaibhav,

I have given a configuration example to provide an application to the idea.

>> Should i need to remove static and default route ??

use BGP to learn prefixes or you will not be able to remove prefixes when session is down

just verify you are receiving appropriate prefixes (BGP 0.0.0.0/0 default route)

you are the only one to know all details of your scenario so take this as a suggestion not a requirement.

>> and PBR apply in LAN interface ?? ( in my router 3 ge int two WAN and one LAN )

PBR has to be applied inbound on all internal interfaces not on interfaces facing ISPs (it is not a question of LAN versus WAN but of internal versus external)

>> Should i need to remove ip policy route-map PBR_to_ISPB in LAN interface when ISP-B bandwidth down ??

no, you just need to implement next-hop verify-reachability this should be supported on your device

>> 132.238.77.0/24 ip pool all the traffic through ISP -B and when ISP-B bandwidth down it comes up autometic on ISP-A ??

it should do so

Hope to help

Giuseppe

csawest.dc Mon, 05/24/2010 - 21:53

Dear giuseppe,

Thanks bro have great support.

when ISP-B comes up within shortly i will try to implement as per your suggetion in my router , and then if any issue i will freely discuss with you regarding the same.

Thanks once again!!!

cheers!!!

Have a nice day!!!

Vaib...

Actions

This Discussion