cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
7535
Views
3
Helpful
11
Replies

BGP Default Route Generation

kankung
Level 1
Level 1

Hi, all

Need your input for my scenario, we have 8 sites (Site 1 - 6, Site A & Site B) which connected to AT&T cloud with BGP running, we manage our CE router.  Site A & Site B also have Internet connection from local providers, and these 2 sites (Site A & Site B) are generating a route zero through AT&T BGP network for Site 1 - 6 as an Internet Gateway.  Currently Site 1 - 6 are pointing Site A as the Internet Gateway.

My question is there any method so that I can control Site 1 - 3 can access Internet through Site A and Site 4 -6 can access Internet through Site B without involve AT&T PE routers?

Appreciate for any idea?

Thanks

Kan

11 Replies 11

kankung
Level 1
Level 1

I am not sure using BGP community will be work or not ? Anyone has same experient on this

Thanks

Jerry Ye
Cisco Employee
Cisco Employee

Assuming all routers are Cisco routers, you can have site 1-3 to give Site A's 0.0.0.0/0 with a higher WEIGHT value, and site 4-6 to give Site B's 0.0.0.0/0 with a higher WEIGHT value.

Here is an example on WEIGHT

http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800c95bb.shtml#weight

Regards,

jerry

Nagendra Kumar Nainar
Cisco Employee
Cisco Employee

Hi,

From your description, it appears that you have L3 MPLS service fro AT&T (i.e) BGP neighborship will be between your CE and AT&T PE. In that case, as AT&T PEs are also involved in routing decision, you cannot have specific site to select one gateway and other using the next natively. Few options, I can think of is below,

1) You may need to have tunnel configured between the sites 1 to 3 with Site A and Sites 4-6 with Site B and point the static default route to this tunnel. The BGP default route will take care of redundancy.

2) Configure iBGP between Site 1- 6 and Site A and Site in a way that each Site will have neighborship with Site A and Site B. Configure Site A and Site B to advertise default route to all sites. Now tweak attrites like WEIGHT to select the best path and have the other as redundancy.

3) The other option is to involve AT&T PE and tweak the attribute/routing decision, which I am not sure if they will agree.

HTH,

Nagendra

Hello Nagendra,

I agree this is the likely scenario.

If so the service provider routers are involved in routing.

To be noted that actual AS number used at the sites can be the same or different because the provider can use as-override or other functions to make the sites communicate even if the AS is the same.

Cooperation with the provider, if they agree, may allow to use BGP communities set on the two default routes.

Then PE routers could increase local preference of one route with a specific BGP community attribute so that connected VRF site will use a specific internet exit point.

In this case a route-map should be applied inbound on the VPNv4 sessions of the PE with its route reflector servers to increase local preference or to provide a weight.

Without these BGP settings best IGP metric in SP provider network  to the other PE node (the one originating the default route in VPNv4) is used in choising a best path, CE nodes receive only one default route after PE has made its choice.

Hope to help

Giuseppe

milan.kulik
Level 10
Level 10

Hi,

if I understand correctly, both sites A and B are advertising the default route via BGP to your corporate network?

If site A is using a different AS number than site B, I'd try following:

Configure an incoming BGP route-map on sites 1 - 3 setting a high local preference for default route originated from A (should use one AS number) and not changing other prefixes.

Configure an incoming BGP route-map on sites 4 - 6 setting a high local preference for default route originated from B (should use another AS number) and not changing other prefixes.

(See https://www.cisco.com/en/US/docs/ios/12_1/iproute/command/reference/1rdbgp.html#wp1020124

you'd need a little more complicated route-map.)

This way sites 1-3 would use A as a gateway to the Internet and sites 4 - 6 would use B.

If one of A, B sites fails, all sites 1 - 6 would use the alive A,B site to access the Internet.

HTH,

Milan

Marwan ALshawi
VIP Alumni
VIP Alumni

are Site A and Site B using same AS number or differnt ?

if its differnt you can do it by using route map with AS path list

for example let say Site A in AS 10 you can do this config in site 1 - 3 as you wanted:

as-path access-list 1 permit _10$

or

as-path access-list 1 permit _10_

route-map AS10

match as-path 1

set weight 150      -- you can use local prefrence as well here

router bgp xx

neighbor x,x,x,x route-map AS10 in

if Site A and B are in the same AS number you can use community list to mark your traffic with that community

for example in Site A :

create a route-map

route-map map1

set community 1:00   (any numbers)

router bgp xx

neighbor x.x.x.x default-originate route-map map1

neighbor x.x.x.x send-community 

in the remote sites ( thats need to prefer this route thorugh Site A) you will do same idea as above but instead of matching AS path you will match community number

ip community-list 1 permit 1:00

route-map AS10

match community 1

set weight 150

router bgp xx

neighbor x,x,x,x route-map AS10 in

but you need to coordinate with your ISP to make sure they pass your community throughout their SP network especially from their PE to your CE routers if not you will not see the community numbes

for site B and other CE routers same idea can be done

good luck

if helpful Rate

Hi,

I'd improve your route-map slightly:

ip prefix-list default-only seq 5 permit 0.0.0.0/0

route-map AS10 permit 10

match as-path 1

match ip address prefix-list default-only

set local-preference 150 

route-map AS10 permit 20

This way it would set higher local preference of the default route ONLY (not for all the prefixes coming from AS 10).

Without the "route-map AS10 permit 20" line the incoming BGP route-map would deny all prefixes not-matching the previous conditions.

BR,

Milan

Thanks all of your input.

Kan

thank you Milan

the is the way i was suggesting but because i was thinking and writing i forgot the prifexlist and second sequence of the route-map

anyway i wish the ideas we sugessted wil be helpful

Kan, please rate the helpful post to let others when they search know which solution or solutions helped you

thank you

Hi Guys,

I thik this is a L3 MPLS Vpn by AT&T. in that case the PE routers are also participating in the routing.

Even if the router A and B are advertising the default route, it will get filtered in the service provider cloud using normal BGP route selection algorithom and only the best path will be advertised to the sites 1-6.

in that case this policy map will not work.

Hi,

you are correct, good point :-(

But using different route distinguishers in A and B, the provider should be able to get both default routes to the site 1-6's PEs.

And it might be possible to ask the provider  to configure the suggested route-map to apply on proper VRF?

BR,

Milan

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco