Hi Mate,

Just to prove to you that this is possible, I simulated this setup in my lab. There are 2 routers, with 2 links between them and eBGP configured over each of these links:

Router 1

--------

router bgp 100

no synchronization

bgp log-neighbor-changes

neighbor 10.7.1.2 remote-as 200

neighbor 10.8.1.2 remote-as 200

no auto-summary

Router1#sh ip bgp summary

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

10.7.1.2 4 200 5 5 19 0 0 00:00:13 15

10.8.1.2 4 200 5 5 19 0 0 00:00:11 15

Router1#

Router 2

--------

router bgp 200

no synchronization

bgp log-neighbor-changes

neighbor 10.7.1.1 remote-as 100

neighbor 10.8.1.1 remote-as 100

Router2#sh ip bgp summary

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

10.7.1.1 4 100 5 5 391 0 0 00:00:52 0

10.8.1.1 4 100 5 5 391 0 0 00:00:50 0

Router2#

Paresh

Hi friend,

This configuration tested by myself.

But i wonder about policies will be applyed in two neighbors.

With MP-BGP it could be done but in BGPv4 i'm not sure.

But in this week, i will test with my customer and i hope that i will send a good infor to you.

Regard,

Hi,

While I have been trying to say that this config is certainly possible, I have to re-iterate my earlier warning to you about such a setup:

It does not make sense to run 2 separate eBGP sessions and then apply different policies to each of them. The reason is that the routes learned over both sessions will end up in the same BGP table. Let's take an example, say you apply an inbound policy on one session that filters out the 10.1.1.0/24 network. On the other session, you apply an inbound policy that does not filter out that network. The end result will be that the 10.1.1.0/24 route will appear in the BGP table, even though it was rejected by the first filter.

Unless you are planning to use Multi-VRF or are running BGP for different address-families on each session, then the setup is not going to work.

Paresh

Hi,

This is my configuration:

interface Serial7/1/0

ip address 203.113.157.245 255.255.255.252

framing g751

dsu bandwidth 34010

Interface VLAN 7

ip address 203.113.158.153 255.255.255.248

ip policy route-map QTSC-HighPriority-vn

router bgp 7552

neighbor 202.78.224.41 remote-as 24085

neighbor 202.78.224.41 ebgp-multihop 255

neighbor 202.78.224.41 version 4

neighbor 202.78.224.41 remove-private-AS

neighbor 202.78.224.41 route-map PMQT-CUSTOMER in

neighbor 202.78.224.41 route-map PMQT-CUSTOMER-OUT out

neighbor 203.113.158.158 remote-as 24085

neighbor 203.113.158.158 version 4

neighbor 203.113.158.158 remove-private-AS

neighbor 203.113.158.158 route-map PMQT-CUSTOMER in

neighbor 203.113.158.158 route-map QTSC-PEER-OUT in

*/ as-path use for advetise to AS 24085, apply for second physical interface

ip as-path access-list 12 permit _24085$

ip as-path access-list 15 permit ^23962 18403$

ip as-path access-list 15 permit ^23962 7643$

ip as-path access-list 15 permit ^23962 24066$

*/ All IP address receive from peering AS 23692, use for route-map

access-list 3 permit 58.186.0.0 0.1.255.255

access-list 3 permit 125.214.0.0 0.0.63.255

access-list 3 permit 202.6.2.0 0.0.0.255

access-list 3 permit 202.6.96.0 0.0.1.255

access-list 3 permit 202.47.142.0 0.0.0.255

access-list 3 permit 202.151.160.0 0.0.15.255

access-list 3 permit 203.77.178.0 0.0.0.255

access-list 3 permit 203.119.8.0 0.0.3.255

access-list 3 permit 203.128.240.0 0.0.7.255

access-list 3 permit 203.160.0.0 0.0.127.255

access-list 3 permit 203.162.0.0 0.0.255.255

access-list 3 permit 203.190.160.0 0.0.15.255

access-list 3 permit 203.210.128.0 0.0.127.255

access-list 3 permit 210.245.0.0 0.0.127.255

access-list 3 permit 221.121.0.0 0.0.63.255

access-list 3 permit 221.132.0.0 0.0.63.255

access-list 3 permit 221.133.0.0 0.0.31.255

access-list 3 permit 222.252.0.0 0.1.255.255

access-list 3 permit 222.255.0.0 0.0.255.255

access-list 3 permit 202.134.16.0 0.0.7.255

access-list 3 permit 220.231.64.0 0.0.63.255

access-list 3 permit 203.113.128.0 0.0.63.255

access-list 3 permit 125.234.0.0 0.1.255.255

access-list 3 permit 202.78.224.0 0.0.7.255

deny ip any any

*/ Route-map policies apply for the second physical interface permit any traffic receice in AS 23692

route-map QTSC-HighPriority-vn permit 10

match ip address 3

set ip next-hop 203.113.158.158

set metric 33333

route-map QTSC-HighPriority-vn permit 20

set ip next-hop 202.78.224.41

*/ Advertise to customer AS 24085, permit only traffic with destination received by AS 23692

route-map QTSC-PEER-OUT permit 100

match ip address prefix-list AllowToVNNIX

!

route-map QTSC-PEER-OUT permit 110

match as-path 15

!

route-map QTSC-PEER-OUT permit 120

match as-path 18

!

route-map QTSC-PEER-OUT deny 150

*/ Advertise to customer Internet, permit only traffic from Internet go though this link which policies apply

route-map PMQT-CUSTOMER-OUT deny 100

match ip address prefix-list AllowToVNNIX

!

route-map PMQT-CUSTOMER-OUT deny 110

match as-path 15

!

route-map PMQT-CUSTOMER-OUT deny 120

match as-path 18

!

route-map PMQT-CUSTOMER-OUT permit 150

!

*/ receive only routing from AS 24085

route-map PMQT-CUSTOMER permit 100

match as-path 12

!

route-map PMQT-CUSTOMER deny 150

Alright mate, I've had a pretty close look at your config and I am thinking that it will work okay. Since the next-hop of eBGP-learned routes is the peering address used for the peer from which the routes were learned, the customer router in AS 24085 will use the first link for all Internet traffic and the second link for traffic to the other ASs directly connected to AS 7552.

So on the face of it, I can't seem to see any problems with what you are proposing.

Pls do remember to rate posts.

Paresh

Hi @Ketan Ukani ,

It is not possible to establish an ebgp session with your ISP, if both sides use the same ASN. You will need to change the ASN on your side or ask the ISP to change the ASN on his side.

Regards,