05-21-2002 05:28 PM - edited 03-01-2019 09:49 PM
Firstly - Apologies for the length of this message!
We are moving to a Multihomed scenario (Two Upstreams) - Current BGP Conf: (Router: 7206)
#################### Current Conf ######################
!
router bgp yyyyyy
no synchronization
bgp log-neighbor-changes
network xxx.xxx.x1.0
network xxx.xxx.x2.0
network xxx.xxx.x3.0
network xxx.xxx.x4.0
network xxx.xxx.x5.0
network xxx.xxx.x6.0
redistribute static
neighbor providor_one_router_address remote-as xxxx
neighbor providor_one_router_address soft-reconfiguration inbound
neighbor providor_one_router_address distribute-list 100 in
neighbor providor_one_router_address distribute-list 100 out
neighbor providor_one_router_address filter-list 1 out
!
ip as-path access-list 1 permit ^$
ip as-path access-list 1 deny .*
access-list 100 is denying private address ranges.
ip classless
ip route 0.0.0.0 0.0.0.0 providor_one_router_address
#################### Current Conf ######################
Proposed Conf:
#################### Proposed Conf ######################
!
router bgp yyyyyy
no synchronization
bgp log-neighbor-changes
network xxx.xxx.x1.0
network xxx.xxx.x2.0
network xxx.xxx.x3.0
network xxx.xxx.x4.0
network xxx.xxx.x5.0
network xxx.xxx.x6.0
redistribute static
neighbor providor_one_router_address remote-as xxxx
neighbor providor_one_router_address soft-reconfiguration inbound
neighbor providor_one_router_address distribute-list 100 in
neighbor providor_one_router_address distribute-list 100 out
neighbor providor_one_router_address filter-list 1 out
neighbor providor_two_router_address remote-as yyyy
neighbor providor_two_router_address soft-reconfiguration inbound
neighbor providor_two_router_address distribute-list 100 in
neighbor providor_two_router_address distribute-list 100 out
neighbor providor_two_router_address filter-list 1 out
!
ip as-path access-list 1 permit ^$
ip as-path access-list 1 deny .*
access-list 100 is denying private address ranges.
ip classless
ip route 0.0.0.0 0.0.0.0 providor_one_router_address 2
ip route 0.0.0.0 0.0.0.0 providor_two_router_address
#################### Proposed Conf ######################
Firstly, does the conf look correct/Any suggestions for improvements?
Second, I'm concerned with the two static routes - What I would ideally like would to be able to prioritize the traffic towards the new providor (We have agreed to a minimum monthly usage)
Is there an elegant way to accomplish this ? (Eg. 6:4 Ratio in favour of Providor 2?)
Thanks in advance for any suggestions/comments.
Regards,
Michael
05-29-2002 09:59 AM
First, I don't see anything wrong about the configuration. Configuration doesn't say much though, and it is not clear whether you are using an IGP in your net or not.
As for the static routes, I would recommend if you route to the physical interface instead of IPs, this way you guarantee your router not to process any packets if one of the ISPs' link goes down.
i.e , use "ip route 0.0.0.0 0.0.0.0 s0/0" for example rather than "ip route 0.0.0.0 0.0.0.0 192.168.252.2"
I think the only way to get rid of the static statements is to receive default route updates from your service providers or the full BGP table from both. It is not clear whether you are filtering any of those or not, or whether you are receiving the full BGP table or not. If you are not receiving the full BGP table, then make sure you are receiving 0.0.0.0 from both providers, you can always ask them to send the default route to you. You can use "default-information originate" to originate such information into the rest of your peers.
Again, your BGP configuration is not clear to give any kind of recommendation. I am not sure whether you have a loopback address defined in the router or not. It is always recommended to have a loopback address and use such for the update source. Use "update-source Loopback" command for that.
As for the load balancing you want to perform, if you are already receiving the full BGP table from your providers, then, you don't have to worry about that unless you are experiencing congestion in one of the links, in that case you will have to prepend (or change the weight) some routes to force traffic to pass through the less busy link. Remember default routes from your service provider will NOT load balance your traffic. In most cases, you will have to manually engineer your traffic by distributing your networks over the two links.
05-29-2002 03:29 PM
Firstly, thanks very much for the reply.
IGP is being used.
The 7206 is doing one-armed routing (Multiple Port-Channel Sub-Interfaces).
We are currently receiving local routing table from our Upstream.
Currently do not have a Loopback Interface defined. (I shall implement)
Regarding the load-balance:
Sould I be implementing CEF or DCEF - Is this overkill - What are the alternatives ?
As we have committed to a minimum usage with upstream_providor_two, I would like to be able to enforce some type of control over which upstream the majority of our traffic goes via (I know this is a _very_ simplistic way of looking at it!)
Regards,
Michael
05-30-2002 07:41 AM
You need to be careful in deciding on which switching algorithm is best for you, specially if you are going to leave the two static default routing statements intact.
First, I don't think that 7206 supports dCEF, as far as I remember it is a 75xx and 12xxx feature. As for CEF, I would suggest, depending on the IOS image you are currently running on the router, you make sure you are safe from any CEF IOS bugs. Check Cisco site for the IOS release notes and known bugs for that.
If your IOS supports CEF, and you do not have any CEF bugs concerns, I would suggest you go for it. BUT in that case, you have to design your load balancing carefully. Use "show ip cef
CEF generally relieves your router CPU from a lot of processing time, especially if you decide to go for per-packet load balancing. If you can implement it, I would highly recommend it.
05-30-2002 02:10 PM
hi ,
As to make some of the subnets go thro some particular Upstream provider u can put route-maps.
either you can set AS path or set default interface so the subnets will take this outbound path.
neighbor a.b.c.d remote-as x
neighbor a.b.c.d description ***** BGP Peer *****
neighbora.b.c.d update-source Serial1/0.1
neighbor a.b.c.d version 4
neighbor a.b.c.d soft-reconfiguration inbound
neighbor a.b.c.d distribute-list 36 in
neighbor a.b.c.d route-map xyz out
route-map xyz permit 10
match ip address 80
set default interface Serial1/0.1
Standard IP access list 80
permit a.b.c.d
permit a.b.c.d, wildcard bits 0.0.0.255
Hope this will help u .
Regards
Aditya Kaul
Engg-NCG
SIFY
India
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide