cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3671
Views
8
Helpful
6
Replies

BGP Design with 3 ISPs

Ibrahim Jamil
Level 6
Level 6

Hi Experts

Thanks cisco Netpro for this great section which indeed helps Cisco pre-sales engineer , Network Engineer and senior Network to build a resilient network , also i hope cisco NCEs and Cisco Advanced Services team to contributes like before in these thread  beside the world wide experts ..

My Post

Pls find attached topology , i have posted many times but unfortunate i didn't get the perfect design

i have two pair of cisco 3900 ISR2 acting as BGP Routers connected to 3 different ISPs, we have our public AS number along with 2 Public  class C Address , i receive default route from these 3 ISPs

on R1 i have advertised the letsay  10.10.10.0/24 to ISP1 if the Link to ISP-1 goes Down this subnet (10.10.10.0/24 will be advertised to ISP-2 And ISP-3)

on R2 i have advertised let say 10.10.20.0/24 to both ISPs connected to R2 (ISP-2 and ISP-3)  if R2 Fails or Any Link to ISP-2 or ISP-3 goes down all traafic will be diverted to to ISP-1

according the above , i have notice on R2 only the Link (8Mbps) to ISP-2 passing the traffic while the Link (16Mbps ) to ISP-3 sitting Idle eventhough i have advertised the 10.10.20.0/24 to both ISPs connected to R2 (ISP-2 and ISP-3) I Need to run both Links connected to R2 for download , i need my users and my little customer happy coz some times link to ISP-2 becomes congested according MRTG while Link to ISP-3 (16-Mbps) idle

so far i didn't assign any kind of traffic engineering towards the 3 ISPs either Inbound (AS-PATH) nor Outbound (LOCAL_PREF)

pls Help me to achieve a resilient design as sated above

Config like bellows

R1

ip prefix-list DEF seq 10 permit 0.0.0.0/0

ip prefix-list OUT seq 10 permit 10.10.10.0/24

ip prefix-list OUT seq 11 permit 10.10.20.0/24


Int g0/0

desc 24 Mbps Link to ISP-1

ip address X.X.X.X/32

router bgp Y <<<--while Y represents a Public AS number

no auto

no sync

network 10.10.10.0 Mask 255.255.255.0 <<<1ST Class C--i have Public IP >>

network 10.10.20.0 Mask 255.255.255.0 <<<2ND Class C--i have Public IP >>

neighbor X.X.X.1 remote-as X <<---where X represents the AS of ISP-1>>

neighbor X.X.X.1 prefix-list DEF in

neighbor X.X.X.1 prefix-list OUT out

R2

ip prefix-list DEF seq 10 permit 0.0.0.0/0

ip prefix-list OUT seq 10 permit 10.10.10.0/24

ip prefix-list OUT seq 11 permit 10.10.20.0/24


int g0/0

Desc 8 Mbps Link to ISP-2

ip address Y.Y.Y.Y.1/32

int g0/1

Desc16 Mbps Link to ISP-3

ip address F.F.F.1/32

router bgp Y <<<--while Y represents a Public AS number

no auto

no sync

network 10.10.10.0 Mask 255.255.255.0 <<<1ST- Class C--i have Public IP >>

network 10.10.20.0 Mask 255.255.255.0 <<<2ND Class C--i have Public IP >>

neighbor Y.Y.Y.2 remote-as Y <<---where Y represents the AS of ISP-2>>

neighbor Y.Y.Y.2 prefix-list DEF in

neighbor Y.Y.Y.2 prefix-list OUT out

neighbor F.F.F.2 remote-as F <<---where F represents the AS of ISP-3>>

neighbor F.F.F.2 prefix-list DEF in

neighborF.F.F.2 prefix-list OUT out

when u go to looking glass and probe my Public IP (10.10.10.0)  i get it via ISP-1 while for network 10.10.20.0/24 i get it via ISP-2 , NOTHING Via ISP-3

thanks

Jamil


6 Replies 6

Marcin Latosiewicz
Cisco Employee
Cisco Employee

Marwan ALshawi
VIP Alumni
VIP Alumni

Hi Jamil

it looks like you want to loadbalance outbound traffic over two IPSs using differnt BGP ASN over eBGP sessions

where you recieve default route or same route from both ISPs

known problem of eBGP load balancing with different peer AS numbers.

To work this requires the hidden command

bgp bestpath as-path multipath-relax

https://supportforums.cisco.com/message/3073029#3073029

also you might consider confrim with each ISP about the bgp community strings they use to perform path selection within their cloud as well

hope this help

Hi Marwan

Thanks for ur reply

i have used the command on R2

bgp bestpath as-pathmultipath-relax and Maximum-path 2

i have seen 2 default route in the routing table each point to each of these ISPs

but when i use sh ip bgp

only on path is available

pls help me i want to use the link (16 Mbps) for download , i dont want as idle

thanks

Hello Ibrahim,

may you post from R2 the output of

show ip bgp summary

show ip bgp 0.0.0.0

show ip route 0.0.0.0

without additional information is not possible to go on

Hope to help

Giuseppe

Hello  Giuseppe

do i need to setup GLBP or HSRP Between R1 and R2?if so do i need to assign Private or Public IPs?

thanks

Hello Ibrahim,

I would suggest to stay focused on few questions/threads otherwise you will end up opening new and new questions before closing opened items.

in this thread the question was about the BGP part and after your request I had asked for some show commands.

The use of HSRP versus GLBP is another part of the scenario.

GLBP provides real advantages only if many clients are directly connected to the routers that are memebers of the GLBP group. If only one device is there a FW or an internal router there is no real difference with HSRP because once this device has received an answer to its ARP request from GLBP AVG it uses only one AVF, so no load balancing outbound occurs.

About using private IP addresses versus public IP addresses is a broader question that interacts with other choices.

For example if NAT has to be used HSRP has to be preferred over GLBP in order to ensure that only one device performs NAT translations.

You have your own public address space so you could also have a DMZ with directly public IP addresses assigned to it.

Given the network topology with two Border Routers it would be wise to NAT on more internal devices, but it also depends on what internal devices are ( most multilayer switches excluding C6500 sup720 are not able of NAT).

Hope to help

Giuseppe

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: