05-12-2012 07:08 AM - edited 03-03-2019 06:34 AM
Hi Experts
Thanks cisco Netpro for this great section which indeed helps Cisco pre-sales engineer , Network Engineer and senior Network to build a resilient network , also i hope cisco NCEs and Cisco Advanced Services team to contributes like before in these thread beside the world wide experts ..
My Post
Pls find attached topology , i have posted many times but unfortunate i didn't get the perfect design
i have two pair of cisco 3900 ISR2 acting as BGP Routers connected to 3 different ISPs, we have our public AS number along with 2 Public class C Address , i receive default route from these 3 ISPs
on R1 i have advertised the letsay 10.10.10.0/24 to ISP1 if the Link to ISP-1 goes Down this subnet (10.10.10.0/24 will be advertised to ISP-2 And ISP-3)
on R2 i have advertised let say 10.10.20.0/24 to both ISPs connected to R2 (ISP-2 and ISP-3) if R2 Fails or Any Link to ISP-2 or ISP-3 goes down all traafic will be diverted to to ISP-1
according the above , i have notice on R2 only the Link (8Mbps) to ISP-2 passing the traffic while the Link (16Mbps ) to ISP-3 sitting Idle eventhough i have advertised the 10.10.20.0/24 to both ISPs connected to R2 (ISP-2 and ISP-3) I Need to run both Links connected to R2 for download , i need my users and my little customer happy coz some times link to ISP-2 becomes congested according MRTG while Link to ISP-3 (16-Mbps) idle
so far i didn't assign any kind of traffic engineering towards the 3 ISPs either Inbound (AS-PATH) nor Outbound (LOCAL_PREF)
pls Help me to achieve a resilient design as sated above
Config like bellows
R1
ip prefix-list DEF seq 10 permit 0.0.0.0/0
ip prefix-list OUT seq 10 permit 10.10.10.0/24
ip prefix-list OUT seq 11 permit 10.10.20.0/24
Int g0/0
desc 24 Mbps Link to ISP-1
ip address X.X.X.X/32
router bgp Y <<<--while Y represents a Public AS number
no auto
no sync
network 10.10.10.0 Mask 255.255.255.0 <<<1ST Class C--i have Public IP >>
network 10.10.20.0 Mask 255.255.255.0 <<<2ND Class C--i have Public IP >>
neighbor X.X.X.1 remote-as X <<---where X represents the AS of ISP-1>>
neighbor X.X.X.1 prefix-list DEF in
neighbor X.X.X.1 prefix-list OUT out
R2
ip prefix-list DEF seq 10 permit 0.0.0.0/0
ip prefix-list OUT seq 10 permit 10.10.10.0/24
ip prefix-list OUT seq 11 permit 10.10.20.0/24
int g0/0
Desc 8 Mbps Link to ISP-2
ip address Y.Y.Y.Y.1/32
int g0/1
Desc16 Mbps Link to ISP-3
ip address F.F.F.1/32
router bgp Y <<<--while Y represents a Public AS number
no auto
no sync
network 10.10.10.0 Mask 255.255.255.0 <<<1ST- Class C--i have Public IP >>
network 10.10.20.0 Mask 255.255.255.0 <<<2ND Class C--i have Public IP >>
neighbor Y.Y.Y.2 remote-as Y <<---where Y represents the AS of ISP-2>>
neighbor Y.Y.Y.2 prefix-list DEF in
neighbor Y.Y.Y.2 prefix-list OUT out
neighbor F.F.F.2 remote-as F <<---where F represents the AS of ISP-3>>
neighbor F.F.F.2 prefix-list DEF in
neighborF.F.F.2 prefix-list OUT out
when u go to looking glass and probe my Public IP (10.10.10.0) i get it via ISP-1 while for network 10.10.20.0/24 i get it via ISP-2 , NOTHING Via ISP-3
thanks
Jamil
05-12-2012 07:40 AM
Jamil,
For long term solution, please look into performance routing on IOS:
and
http://www.cisco.com/en/US/docs/ios-xml/ios/pfr/command/pfr-cr-book.html
For short term, i.e. preferring one of the links rather then the other for inbound or outbound:
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094431.shtml
Marcin
05-13-2012 03:04 AM
Hi Jamil
it looks like you want to loadbalance outbound traffic over two IPSs using differnt BGP ASN over eBGP sessions
where you recieve default route or same route from both ISPs
known problem of eBGP load balancing with different peer AS numbers.
To work this requires the hidden command
bgp bestpath as-path multipath-relax
https://supportforums.cisco.com/message/3073029#3073029
also you might consider confrim with each ISP about the bgp community strings they use to perform path selection within their cloud as well
hope this help
05-14-2012 09:36 AM
Hi Marwan
Thanks for ur reply
i have used the command on R2
bgp bestpath as-pathmultipath-relax and Maximum-path 2
i have seen 2 default route in the routing table each point to each of these ISPs
but when i use sh ip bgp
only on path is available
pls help me i want to use the link (16 Mbps) for download , i dont want as idle
thanks
05-18-2012 05:58 AM
Hello Ibrahim,
may you post from R2 the output of
show ip bgp summary
show ip bgp 0.0.0.0
show ip route 0.0.0.0
without additional information is not possible to go on
Hope to help
Giuseppe
05-19-2012 07:22 AM
Hello Giuseppe
do i need to setup GLBP or HSRP Between R1 and R2?if so do i need to assign Private or Public IPs?
thanks
05-21-2012 12:45 AM
Hello Ibrahim,
I would suggest to stay focused on few questions/threads otherwise you will end up opening new and new questions before closing opened items.
in this thread the question was about the BGP part and after your request I had asked for some show commands.
The use of HSRP versus GLBP is another part of the scenario.
GLBP provides real advantages only if many clients are directly connected to the routers that are memebers of the GLBP group. If only one device is there a FW or an internal router there is no real difference with HSRP because once this device has received an answer to its ARP request from GLBP AVG it uses only one AVF, so no load balancing outbound occurs.
About using private IP addresses versus public IP addresses is a broader question that interacts with other choices.
For example if NAT has to be used HSRP has to be preferred over GLBP in order to ensure that only one device performs NAT translations.
You have your own public address space so you could also have a DMZ with directly public IP addresses assigned to it.
Given the network topology with two Border Routers it would be wise to NAT on more internal devices, but it also depends on what internal devices are ( most multilayer switches excluding C6500 sup720 are not able of NAT).
Hope to help
Giuseppe
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: