06-25-2014 05:16 PM - edited 03-04-2019 11:13 PM
hi guys,
I would appreciate some assistance here. We have a primary head office & a DR site. Routers at both sites connect to our carrier for an IP VPN service using BGP. BGP configs on each router advertise a default route 0.0.0.0.
#sh ip bgp neighbors x.x.x.x advertised-routes
BGP table version is 358, local router ID is x.x.x.x
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Originating default network 0.0.0.0
Issue is, some of our remote sites prefer the DR router path for traffic destined to internet.
We are advertising multiple default routes to our carrier, and based on feedback from carrier, route with lowest MED is preferred.
This brings me to what i need to change from my side. Need to change the route preference so that from our remote offices, only the route to head office is preferred with DR site the least preferred route. I know there are multliple ways of doing this, however keen to get input from the experts out there.
DR site router has this BGP config currently applied:
router bgp XXXXX
bgp log-neighbor-changes
redistribute connected
redistribute ospf 1 match internal external 1 external 2
neighbor x.x.x.x remote-as XXXX
neighbor x.x.x.x default-originate
neighbor x.x.x.x soft-reconfiguration inbound
neighbor x.x.x.x route-map IMPORT-POLICY in
neighbor x.x.x.x route-map OPI-route-advertisement out
default-information originate
Removing the "neighbor x.x.x.x default-originate" is not an option, as we need to have the ability to failover to DR at any point.
Thanks in advance & if you need any further info pls advise.
Rama
06-25-2014 07:39 PM
What I think would be nice doing is kind of create an identification to each of your sites, for example, HQ is site 1, Florida is site 2 and so on so forth, that would allow you to make any change whenever you want with very little effort. What you wanna do is to set a community with those "labelings" so whatever you advertise from HQ you set the community 1, whatever you advertise from Florida has the community of two, so you just match the default route on your branch offices based on community (You would need to work with your provider on that, making sure they allow communities to pass by) and setting local preferences to a higher value.
06-26-2014 03:31 AM
Hi,
it's not clear how does the IP VPN service look like exactly?
Does it provide an MPLS backbone to you?
Are you using the same AS number on all your sites or different ones?
Any way, what about advertising the default route from your DR site with the site AS number prepended several times (5 times, e.g.)?
If your provider would permit that and hasn't configured his routers to ignore the AS_PATH length (as him a question), it should make the default route advertised from your DR less preferred within your backbone.
Best regards,
Milan
06-26-2014 03:34 PM
Hi Milan,
Thanks. Answers below:
Does it provide an MPLS backbone to you? YES
Are you using the same AS number on all your sites or different ones? Same AS
Any way, what about advertising the default route from your DR site with the site AS number prepended several times (5 times, e.g.)? That's the thing I am struggling to understand as the route-map OPI-route-advertisement already has it prepended 2 times. Shouldn't that be enough to influence which route is least preferred?
route-map OPI-route-advertisement permit 20
match ip address prefix-list xxx default-route
set as-path prepend XXXXX XXXXX
If your provider would permit that and hasn't configured his routers to ignore the AS_PATH length (as him a question), it should make the default route advertised from your DR less preferred within your backbone. Will ask.
Given this, any other thoughts/questions?
Thanks, Rama
06-27-2014 01:05 AM
Hi,
sometimes prepending your AS number twice is not enough - depending on the provider backbone structure.
I'd try to prepend 5 or 6 times.
If that wouldn't help, I'd ask the provider if he is ignoring the AS_PATH length for any reason.
Best regards,
Milan
06-29-2014 07:07 PM
hi Milan,
I tried prepend 5 times however still no difference. Carrier does allow bgp selection based on AS-path.
currently the route-map looks like this:
route-map OPI-route-advertisement permit 10
match ip address prefix-list LOCAL-NETS
!
route-map OPI-route-advertisement permit 20
match ip address prefix-list FreshWater-Place-subnets default-route
set as-path prepend xxxxx xxxxx xxxxx xxxxx xxxxx
!
route-map OPI-route-advertisement deny 30
Should i split up the prefixes in permit 20?
Carrier is suggesting to choose another way to influence bgp path selection by eg using MED. Carrier also confirmed they have not received any hidden routes either. Sample out put from carrier side looks like this:
* 0.0.0.0/0 x.x.x.x
[AS number] I
So nothing is being preferred.
Any other thoughts?
thanks, rama
06-30-2014 01:34 AM
Hello
"that's the thing I am struggling to understand as the route-map OPI-route-advertisement already has it prepended 2 times. Shouldn't that be enough to influence which route is least preferred?" - Silly question but are you prepending with the same as number as your site As number? - also just apply higher metric to the default route in the below stanza to the less proffered rtr
route-map OPI-route-advertisement permit 20
match ip address prefix-list xxx default-route
set as-path prepend XXXXX XXXXX
set metric 200
res
Paul
06-30-2014 07:19 PM
hi Paul,
verified this, config looks fine.
eventually found that the neighbor x.x.x.x default-originate command was essentially advertisign the default route so applied route-map to end of that command with the 2x prepend and problem resolved.
thanks to all for your help.
rama
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide