Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
459
Views
0
Helpful
3
Replies

Due to BGP session, DMZ affected

Rajeev Ranjan
Level 1
Level 1

‎11-06-2011 07:50 AM - edited ‎03-07-2019 03:14 AM

Dear Friend,

I have problem in BGP network. Currently we have two ISP and both ISP terminated on two other router. Both routers are iBGP peer .Due to some performance issue we did AS-prepending on ISPA and set local preference for ISPB. This scenario works well since a long time. But now we are facing problem. We are facing problem in web dmz. There is connection full issue in web servers but at that time we are not getting any latency on any arm, Firewall shows every thing is going well .We romoved AS-Prepending and LP configuration for troubleshooting and found no solution. We did hit and trial method to troubleshoot after troubleshooting internal network and found that when we shut BGP session of ISPB, all things are going well.Web servers are working well. ISPB service provider told us that they are not getting any issue on their network.

Kindly suggest what’s the issue with BGP configuration.

Labels:
0 Helpful
3 Replies 3

Arun Nair
Level 1
Level 1

‎11-06-2011 08:33 AM

Hi Rajeev,

We need some more clarity on the design before we can comment on this.

Heavy traffic directed towards web servers cannot be simply attributed to BGP configuration as BGP is just a protocol that delivers the packet to the destination CEs from the ISPs.

But as far as I can see, I believe your servers might be becoming victim to broadcast packets. Please let us know whether your access to the internet for the servers is through the BGP peering, or do clients access the servers through some other way.

More info required. Maybe a rough design??

Cheers

Arun

0 Helpful

Rajeev Ranjan
Level 1
Level 1
In response to Arun Nair

‎11-06-2011 08:53 AM

Hi Arun,

Actually we have firewall and IPS behind the BGP routers. we are not getting any broadcast traffic . We checked our network throughly and found no issue in our network. As i said using hit and trial method we just shut the BGP session of ISPB  to see what will happen. and surprised that the connections to web server which was full at the time of both ISP running was decreased and working well.

As i said in previous post, we are prefering ISPB. Is there any issue with ISPB? Why traffic from perticular ISP affects our web servers. In fact our web servers are not accessible at that time.

0 Helpful

Arun Nair
Level 1
Level 1
In response to Rajeev Ranjan

‎11-06-2011 09:06 AM

Rajeev,

I would check the prefixes being sent through ISPB when it is not shut out and see whether ISPB is sending server prefix or any of its shorter matches. If not, maybe you are advertising the server prefixes only through ISPA and that might be making the servers inaccessible.

ALSO,

AS-path is an attribute we use to set path preference for incoming traffic, while Local preference sets path preference for outgoing traffic. Please check whether you are able to see any asymmetric routing going on between the IBGP peers.

Cheers

Arun

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card