×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

two bgp routers to one isp

Unanswered Question
Mar 20th, 2014
User Badges:

i'm very new to bgp and would like any suggestions to configure ibgp to prefer one router over another.  I know there may be load sharing solutions, but for now, I have 1 router with 200mmbps link and a second router with a 50mbps, both in the same ASN, both going to the same provider  and I would like BGP to use the 200mbps link only, maybe use the 50mbps for failover.  This is iBGP and MPLS.  Any suggestions or links to some docs would be great.

thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Joseph W. Doherty Thu, 03/20/2014 - 12:10
User Badges:
  • Super Bronze, 10000 points or more

How will you route to your two eBGP routers?

Jon Marshall Thu, 03/20/2014 - 14:32
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

There are quite a few ways to do this and you don't necessarily need IBGP. Some examples -

1) if the routers are the default gateways for clients then you can make the primary router the HSRP active although with this you do need to use tracking in case there is a falure upstream

2) if the default gateway for the clients is a L3 switch(es) connected to the routers then you have multiple options ie.

a) redistribute the BGP learned routes into an IGP and influence the metrics so the primary router is preferred eg. -

with EIGRP you could use offset lists or a delay on the connection to the backup router

with OSPF you could redistribute the routes as externa type E1s from the primary and E2s from the backup because OSPF always prefers E1s

b) run IBGP between the routers and the L3 switch(es)  and use either weight or local preference (depending on whether you have a single or multiple L3 switches) to influence the path.

Note stacked L3 switches or 4500/6500 running VSS can be treated as one switch

c) run IBGP just between the routers and use local preference to prefer the primary router. This could mean traffic being sent to the backup router only to then be sent back to the primary (and Joseph knows how i feel about that smiley).

But it is a valid choice.

All of the above options where you have a L3 switch(es) mean you do not need any tracking because if the primary router or upstream routers fail then you stop receiving routes do you automatically failover to the backup router.

It also assumes that the routes are for remote sites only ie not full internet routing tables for example which you wouldn't want to redistribute into any IGP

3) again assuming a L3 switch(es) not run IBGP at all and simply have a default route on your L3 switch pointing to the primary router which you track with IP SLA and a floating static poiting to the backup router.

However I generally think using IP SLA etc. is only really a good option when you are not receiving dynamic routes which you are so i only mentioned it for completeness really.

There are other options as well. For example if you were receiving a default route as well as remote site routes there would be other ways you could approach it

So you can see there are multiple ways of achieving the same thing. It really depends on -

1) the routes you are receiving ie. number of routes plus whether you are receiving a default or not

and

2) whether the BGP routers are the default gateways for the clients or whether there are L3 switches etc. behind the routers which i suspect is what Joseph was asking.

Jon

Jon Marshall Fri, 03/21/2014 - 18:03
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

One thing i forgot to mention.

If you are already running an IGP and redistributing into BGP to advertise your internal routes to the MPLS network then if you decide you redistribute BGP into the IGP you need to do route filtering to make sure routes redistributed into your IGP, ie. remote site networks, are not then redistributed back into BGP.

Finally, all of the above deals only with outbound traffic from your internal networks.

For an example of influencing inbound traffic see Guiarista's post.

Jon

Dharamjeet Brar Thu, 03/20/2014 - 18:35
User Badges:

You may use Local Pref attribute to prefer one link over another. From your explanation, it seems like you are receiving default route on both the interfaces. Apply a route-map on router with 200Mb/s link like this:

ip prefix-list catchall seq 5 permit 0.0.0.0/0 le 32
!
route-map setlocalpref permit 10
 match ip address prefix-list catchall
 set local-preference 200

# X.X.X.X is the ISP neighbor you are connected to.
neighbour X.X.X.X route-map setlocalpref in

And apply something like this (on router with 50Mb/s link):

ip prefix-list catchall seq 5 permit 0.0.0.0/0 le 32
!
route-map setlocalpref permit 10
 match ip address prefix-list catchall
 set local-preference 100

# Y.Y.Y.Y is the ISP neighbor you are connected to.
neighbour Y.Y.Y.Y route-map setlocalpref in

Because Router200Mb/s will tag the incoming routes with HIGHER local_pref (higher is preferred), routes from Router50Mb/s will be used in case link200Mb/s goes down or so (be careful with BGP peerings.) I would recommend this link for general load sharing knowledge: http://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp...

This local_pref solution is one way. It only provides egress traffic control. Make sure you use ingress controls as well. Unless your provider supports BGP communities (they do support communities), you can use something simple like MED (lower is preferred):

Router200Mb/s:

route-map setmed permit 10
 match ip address prefix-list catchall
 match as-path 1
 set metric 200

neighbour X.X.X.X route-map setmed out

Router50Mb/s:

route-map setmed permit 10
 match ip address prefix-list catchall
 match as-path 1
 set metric 400

neighbour Y.Y.Y.Y route-map setmed out

Before going for anything, be sure to evaluate all options you have. Egress control is not complex to implement, but ingress control is… talk to you service provider. Load sharing is all dependent on how BGP is configured, how many devices are involved and how they are connected (topologically).


------------------------------------------------
Feel free to disagree and let me know where you feel I went wrong.

Actions

This Discussion

Related Content