Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
463
Views
0
Helpful
8
Replies

Help reqd in BGP config

spremkumar
Level 9
Level 9

‎10-23-2003 01:31 AM - edited ‎03-02-2019 11:11 AM

hi

we hve bgp peering with 2 diff isps .ISPA/ISPB.

our main goal is to have load balancing,redudancy.

we have configured the routers to meet the same conditions.but right now the load balancing is happening but reduandcy is not working i.e., if one link goes down out of 2 our browsing strucks up.

i hve pasted the current config out here.

pls take sometime to go thru it and advice..

router bgp selfAS

no synchronization

bgp log-neighbor-changes

network s.s.212.0

network s.s.213.0

network s.s.214.0

network s.s.215.0

network s.s.216.0

network s.s.217.0

network s.s.218.0

network s.s.219.0

network s.s.252.0

network s.s.253.0

network s.s.254.0

network s.s.255.0

neighbor a.a.a.a remote-as isp2AS

neighbor a.a.a.a ebgp-multihop 5

neighbor a.a.a.a update-source Loopback0

neighbor a.a.a.a weight 1000

neighbor a.a.a.a soft-reconfiguration inbound

neighbor a.a.a.a distribute-list 6 in

neighbor a.a.a.a route-map bi out

neighbor remote-as isp3AS

neighbor b.b.b.b remote-as isp3AS

neighbor b.b.b.b soft-reconfiguration inbound

neighbor b.b.b.b distribute-list 20 in

neighbor b.b.b.b route-map bbbb out

no auto-summary

!

ip default-network b.b.6.0

ip default-network b.b.1.0

ip default-network a.0.0.0

!

ip access-list standard bbbbb

permit s.s.219.0

ip access-list standard bbbbpill

permit s.s.255.0

permit s.s.254.0

permit s.s.253.0

permit s.s.215.0

permit s.s.214.0

permit s.s.213.0

permit s.s.212.0

permit s.s.218.0

permit s.s.217.0

permit s.s.216.0

permit 203.201.192.0

permit 203.201.193.0

!

access-list 6 permit a.0.0.0

access-list 6 permit a.0.0.0

access-list 20 permit b.0.0.0

access-list 20 permit b.b.1.0

access-list 20 permit b.b.2.0

access-list 20 permit b.b.6.0 0.0.0.255

access-list 21 permit b.b.b.b

access-list 21 permit b.b.b.b

!

route-map bbbb permit 40

match ip address bbbbpill

!

route-map bbbb permit 50

match ip address bbbbb

set as-path prepend selfAS selfAS selfAS

!

route-map Check permit 25

set as-path prepend selfAS selfAS

!

route-map bi permit 30

match ip address ispa

!

prem

Labels:
0 Helpful
8 Replies 8

ruwhite
Level 7
Level 7

‎10-23-2003 04:52 AM

Your configs look fine--if you're load sharing, then both links, and both BGP sessions, are working fine. When you have one link failed, do new sessions work? Do the routing tables look right with one link failed?

It could be that when you fail one link, a given session (HTML browasing session?) happened to be going across that link, and the browser may not like the lenght of time it's taking for the network to converge on the single link, or TCP may be resetting, or something along those lines. Could you describe what you mean when you say a browser gets "stuck"?

Russ.W

0 Helpful

spremkumar
Level 9
Level 9
In response to ruwhite

‎10-23-2003 05:52 AM

Hi russel

c once my ispa fails all the incoming as well as the outgoing shuld go via ispb which is not happening at present.i m unable to login yahoo and some(notall) international sites when ispa fails.

wht may be the problem ??

thx

prem

0 Helpful

t.baranski
Level 4
Level 4
In response to spremkumar

‎10-23-2003 05:48 PM

Have you coordinated this configuration with both ISPs to ensure that they're accepting all the prefixes you're announcing? If some sites work via ISP-B but most don't, this could indicate that ISP-B isn't announcing your prefixes to all of its neighbors for some reason.

I'd suggest initiating a failover to ISP-B and then running some tests to get a better idea of what is happening. Tracerouting to various destinations might be helpful to determine where the problems are occuring. (Are the traceroutes stopping at your router or somewhere in ISP-B's network?) Getting ISP-B involved in the troubleshooting may also be helpful. They'll be able to check their routers to see if your routes are propagating correctly.

0 Helpful

vikrantarora
Level 1
Level 1

‎10-23-2003 06:15 AM

prem, I am having teh same problem. Were you able to figure out what's wrong? vikrant

0 Helpful

mark.edwards
Level 1
Level 1
In response to vikrantarora

‎10-24-2003 04:19 AM

what does the network look like when the link to your primary ISP is failed ? Do you still have the full BGP routing table, is the next hop address correct ? If you log onto an internet route-server does your prefix appear in the routing table ?

0 Helpful

spremkumar
Level 9
Level 9
In response to mark.edwards

‎10-25-2003 03:56 AM

thks all for u r replies.

i checked with ispb with whom we r creating neigbhoship with our WAN IPs(with ispa we r doing with loopback) as per them they r announcing all the routes to us.

but still i m unable to fix it up.i cant do any experiments with the live n/w will do it in off peak and let u know edwards.

prem

0 Helpful

Danilo Dy
VIP Alumni
VIP Alumni
In response to spremkumar

‎10-26-2003 09:48 PM

There are two possibilities here.

1. Your upstream ISP may have problem because you advertise your network as /24 (maybe one of them aggregating it for you, the other did not). Try aggregating them in your core router. Add the following lines in your BGP configuration

aggregate-address s.s.212.0 255.255.248.0 summary-only

aggregate-address s.s.252.0 255.255.252.0 summary-only

2. I see that you have eBGP multihop, does the connection problem surface only when you left with your eBGP connection with ISP2AS. eBGP Multihop peering if successful will receive all BGP route but will not be able to reach the destination if the routers between you and the ISP2AS does not have Internal routing protocol to reach those destinations. I have experience this in both Lab and Production.

Example;

YourRouter>R1>R2>R3>R4>ISP2AS = 5 eBGP Multihop, right?

If using static route,

R1 to R4 should know that 0.0.0.0 0.0.0.0 (the Internet) is via ISP2AS.

R4 to R1 should know that s.s.212.0/21 and s.s.252.0/22 is via YourRouter

YourRouter

ip route BGP_IP_OF_ISP2AS 255.255.255.255 R1

R1

ip route 0.0.0.0 0.0.0.0 R2

ip route s.s.212.0 255.255.248.0 YourRouter

ip route s.s.252.0 255.255.252.0 YourRouter

R2

ip route 0.0.0.0 0.0.0.0 R3

ip route s.s.212.0 255.255.248.0 R1

ip route s.s.252.0 255.255.252.0 R1

R3

ip route 0.0.0.0 0.0.0.0 R4

ip route s.s.212.0 255.255.248.0 R2

ip route s.s.252.0 255.255.252.0 R2

R4

ip route 0.0.0.0 0.0.0.0 ISP2AS

ip route s.s.212.0 255.255.248.0 R3

ip route s.s.252.0 255.255.252.0 R3

ISP2AS

ip route BGP_IP_OF_YourRouter 255.255.255.255 R4

0 Helpful

ruwhite
Level 7
Level 7
In response to spremkumar

‎10-28-2003 05:22 AM

One thing you can do is to check one of the looking glasses to see how your routes look when the first ISP goes down. In fact, I would check the looking glass and see what it looks like normally, then check it in failure mode, to see what the difference is.

http://lg.conxion.net/

Is a place where you can search various exchange point and provider BGP tables to see what your route looks like as they see it.

Russ.W

0 Helpful
Customers Also Viewed These Support Documents