Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
421
Views
0
Helpful
4
Replies

Moving from Single Upstream to Mutihomed - Howto Prioritize Traffic?

mbellears
Level 1
Level 1

‎05-21-2002 05:28 PM - edited ‎03-01-2019 09:49 PM

Firstly - Apologies for the length of this message!

We are moving to a Multihomed scenario (Two Upstreams) - Current BGP Conf: (Router: 7206)

#################### Current Conf ######################

!

router bgp yyyyyy

no synchronization

bgp log-neighbor-changes

network xxx.xxx.x1.0

network xxx.xxx.x2.0

network xxx.xxx.x3.0

network xxx.xxx.x4.0

network xxx.xxx.x5.0

network xxx.xxx.x6.0

redistribute static

neighbor providor_one_router_address remote-as xxxx

neighbor providor_one_router_address soft-reconfiguration inbound

neighbor providor_one_router_address distribute-list 100 in

neighbor providor_one_router_address distribute-list 100 out

neighbor providor_one_router_address filter-list 1 out

!

ip as-path access-list 1 permit ^$

ip as-path access-list 1 deny .*

access-list 100 is denying private address ranges.

ip classless

ip route 0.0.0.0 0.0.0.0 providor_one_router_address

#################### Current Conf ######################

Proposed Conf:

#################### Proposed Conf ######################

!

router bgp yyyyyy

no synchronization

bgp log-neighbor-changes

network xxx.xxx.x1.0

network xxx.xxx.x2.0

network xxx.xxx.x3.0

network xxx.xxx.x4.0

network xxx.xxx.x5.0

network xxx.xxx.x6.0

redistribute static

neighbor providor_one_router_address remote-as xxxx

neighbor providor_one_router_address soft-reconfiguration inbound

neighbor providor_one_router_address distribute-list 100 in

neighbor providor_one_router_address distribute-list 100 out

neighbor providor_one_router_address filter-list 1 out

neighbor providor_two_router_address remote-as yyyy

neighbor providor_two_router_address soft-reconfiguration inbound

neighbor providor_two_router_address distribute-list 100 in

neighbor providor_two_router_address distribute-list 100 out

neighbor providor_two_router_address filter-list 1 out

!

ip as-path access-list 1 permit ^$

ip as-path access-list 1 deny .*

access-list 100 is denying private address ranges.

ip classless

ip route 0.0.0.0 0.0.0.0 providor_one_router_address 2

ip route 0.0.0.0 0.0.0.0 providor_two_router_address

#################### Proposed Conf ######################

Firstly, does the conf look correct/Any suggestions for improvements?

Second, I'm concerned with the two static routes - What I would ideally like would to be able to prioritize the traffic towards the new providor (We have agreed to a minimum monthly usage)

Is there an elegant way to accomplish this ? (Eg. 6:4 Ratio in favour of Providor 2?)

Thanks in advance for any suggestions/comments.

Regards,

Michael

Labels:
0 Helpful
4 Replies 4

osam
Level 1
Level 1

‎05-29-2002 09:59 AM

First, I don't see anything wrong about the configuration. Configuration doesn't say much though, and it is not clear whether you are using an IGP in your net or not.

As for the static routes, I would recommend if you route to the physical interface instead of IPs, this way you guarantee your router not to process any packets if one of the ISPs' link goes down.



i.e , use "ip route 0.0.0.0 0.0.0.0 s0/0" for example rather than "ip route 0.0.0.0 0.0.0.0 192.168.252.2"

I think the only way to get rid of the static statements is to receive default route updates from your service providers or the full BGP table from both. It is not clear whether you are filtering any of those or not, or whether you are receiving the full BGP table or not. If you are not receiving the full BGP table, then make sure you are receiving 0.0.0.0 from both providers, you can always ask them to send the default route to you. You can use "default-information originate" to originate such information into the rest of your peers.

Again, your BGP configuration is not clear to give any kind of recommendation. I am not sure whether you have a loopback address defined in the router or not. It is always recommended to have a loopback address and use such for the update source. Use "update-source Loopback" command for that.

As for the load balancing you want to perform, if you are already receiving the full BGP table from your providers, then, you don't have to worry about that unless you are experiencing congestion in one of the links, in that case you will have to prepend (or change the weight) some routes to force traffic to pass through the less busy link. Remember default routes from your service provider will NOT load balance your traffic. In most cases, you will have to manually engineer your traffic by distributing your networks over the two links.

0 Helpful

mbellears
Level 1
Level 1
In response to osam

‎05-29-2002 03:29 PM

Firstly, thanks very much for the reply.

IGP is being used.

The 7206 is doing one-armed routing (Multiple Port-Channel Sub-Interfaces).

We are currently receiving local routing table from our Upstream.

Currently do not have a Loopback Interface defined. (I shall implement)

Regarding the load-balance:

Sould I be implementing CEF or DCEF - Is this overkill - What are the alternatives ?

As we have committed to a minimum usage with upstream_providor_two, I would like to be able to enforce some type of control over which upstream the majority of our traffic goes via (I know this is a _very_ simplistic way of looking at it!)

Regards,

Michael

0 Helpful

osam
Level 1
Level 1
In response to mbellears

‎05-30-2002 07:41 AM

You need to be careful in deciding on which switching algorithm is best for you, specially if you are going to leave the two static default routing statements intact.

First, I don't think that 7206 supports dCEF, as far as I remember it is a 75xx and 12xxx feature. As for CEF, I would suggest, depending on the IOS image you are currently running on the router, you make sure you are safe from any CEF IOS bugs. Check Cisco site for the IOS release notes and known bugs for that.

If your IOS supports CEF, and you do not have any CEF bugs concerns, I would suggest you go for it. BUT in that case, you have to design your load balancing carefully. Use "show ip cef internal" command to check on your networks load balancing, "ip load-sharing per-packet" and "ip load-sharing per-dest" interface commands to configure load-balancing algorithm.

CEF generally relieves your router CPU from a lot of processing time, especially if you decide to go for per-packet load balancing. If you can implement it, I would highly recommend it.

0 Helpful

addiekaul75
Level 1
Level 1
In response to mbellears

‎05-30-2002 02:10 PM

hi ,

As to make some of the subnets go thro some particular Upstream provider u can put route-maps.

either you can set AS path or set default interface so the subnets will take this outbound path.

neighbor a.b.c.d remote-as x

neighbor a.b.c.d description ***** BGP Peer *****

neighbora.b.c.d update-source Serial1/0.1

neighbor a.b.c.d version 4

neighbor a.b.c.d soft-reconfiguration inbound

neighbor a.b.c.d distribute-list 36 in

neighbor a.b.c.d route-map xyz out

route-map xyz permit 10

match ip address 80

set default interface Serial1/0.1

Standard IP access list 80

permit a.b.c.d

permit a.b.c.d, wildcard bits 0.0.0.255

Hope this will help u .

Regards

Aditya Kaul

Engg-NCG

SIFY

India

0 Helpful
Customers Also Viewed These Support Documents