Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1724
Views
5
Helpful
16
Replies

BGP dual-routers with dual-ISP / load-shareing

doncarei2
Level 1
Level 1

‎02-23-2014 10:59 PM - edited ‎03-04-2019 10:25 PM

Untitled.png

Basically we suscribe to 2 ISP, so i believe they have different AS.
We also have our own ASN number , example 12345

We asked both isp to aggregate our ASN number .

Question, seeing that both ISP aggregate our ASN number, we are also confuse which path will it get?

Can we achieve a load balance of the incoming traffic here?

Labels:
0 Helpful
16 Replies 16

JohnTylerPearce
Level 7
Level 7

‎02-24-2014 03:53 AM

Jeff,

You could look at route servers from different geographic regions around whatever area you live in. I would then look at what the AS_PATH attribtuesa re for your network, in the various route servers. You could then implement a policy, in which you may not have true 50/50 load balancing for incoming traffic, but pretty close. For example, you can try and use AS_PATH prepending for prefix 1.1.1.0/24, so that the AS_PATH's that are advertsied from each ISP, are the same and or as close as possible.

Assuming you firewall is behind all this diagram, you shouldn't have any issues with your firewall.

0 Helpful

doncarei2
Level 1
Level 1
In response to JohnTylerPearce

‎03-05-2014 12:32 AM

isnt the AS Path advertisied controlled by ISP ?

0 Helpful

JohnTylerPearce
Level 7
Level 7
In response to doncarei2

‎03-05-2014 02:34 AM

Jeff,

Technically, the only thing you can really control is outbound traffic from out AS out. But you can change the AS_PATH by doing AS_PATH prepending and looking at route servers to verify that everything is working properly. You could also talk to your ISP, and see what they support do not support.

0 Helpful

Sajid Ali
Level 1
Level 1

‎03-05-2014 03:54 AM

jeff tan

Your may control you outbound traffic through BGP AS Path attribute via AS prepention, in that case you should communicate to your ISPs to advertise your AS with prepention as it is, as JohnTylerPearce suggest

If you want to load balance your inbound traffic, there is one possibility. Break your public Subnet in tow segments, I mean if it is /22 then break it to /23 and advertise each new subnet to different ISP. You may get technical details and configuration from web and also from your ISP.

0 Helpful

doncarei2
Level 1
Level 1
In response to Sajid Ali

‎03-05-2014 07:37 PM

Sajid Ali,

we have our own ip of /24 does it help ?

0 Helpful

Sajid Ali
Level 1
Level 1
In response to doncarei2

‎03-06-2014 02:22 AM

Jeff Tan,

No,actually ISPs only advertise /24 or shorter prefix to upstream. You may not allowed to advertise /25 or longer prefixes to ISP. Actually one year ago i had faced same case with my company and now we are chang over scerio from Loadbalance to fialover.

0 Helpful

doncarei2
Level 1
Level 1
In response to Sajid Ali

‎03-06-2014 02:49 AM

we are currently doing a failover. but we are paying for both line and the boss want to utilize both connection.

so there isnt a way to load share between the 2 isp ?

I came across this tutorial , i wonder how does he work out

https://www.youtube.com/watch?v=kCVMkMym9MY

0 Helpful

sathvik k v
Level 3
Level 3
In response to doncarei2

‎03-06-2014 04:08 AM

HI Jeff,

Would suggest to use OER/PFR for load balancing of both the links.Refer http://docwiki.cisco.com/wiki/PfR:Solutions and scroll down to Internet Edge Solution Guides.

Hope this helps

Regards,

Sathvik K V

0 Helpful

Sajid Ali
Level 1
Level 1
In response to sathvik k v

‎03-06-2014 05:07 AM

Ya, OER or Performance Routing is another solution to contro Inbound traffic and achieve traget of laod balancing over BGP, but it needs a complet understanding and expertise to deploy this solution in an enterprise.

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎03-06-2014 06:53 AM

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

As already noted by another poster, OER/PfR could load balance your outbound traffic.  Inbound, though, with only a /24 is problematic.  As also noted by other posters, you cannot subdivide the /24 (on the Internet) and so the best you can accomplish is each ISP advertise your /24.  If they do this, remote hosts will take what they believe is their best best path to your /24.  So, your inbound traffic will depend on where your remote hosts are vis-a-vis your two ISPs.

In theory, your ISPs could cost or prepend your /24 higher to some of their BGP AS peers, which would influence your inbound traffic per ISP.  That's "messy" and difficult to maintain, and not dynamic based on load.  (Although in theory, PfR could send updates to your ISPs to indicate you want traffic shifted.  Lots of luck trying to get ISP cooperation unless you have very deep pockets.)

To recap, you can pretty easily outbound load share, including dynamically with OER/PfR.  For inbound load sharing, probably the best you can easily do is get each ISP to advertise your /24 "equally" to their Internet AS peers.

Sajid Ali
Level 1
Level 1
In response to Joseph W. Doherty

‎03-07-2014 01:22 AM

Thanks Joseph,

You clear my confusion too, I was always get confuse when thinking about PfR from ISP perspective.

0 Helpful

doncarei2
Level 1
Level 1

‎03-07-2014 01:36 AM

In the past some senior tried to get the ISP to advertise our /24 "equally" , however none of the incoming traffic manage to reach us. But we can set out traffic . eg email

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to doncarei2

‎03-07-2014 02:52 AM

Disclaimer

The  Author of this posting offers the information contained within this  posting without consideration and with the reader's understanding that  there's no implied or expressed suitability or fitness for any purpose.  Information provided is for informational purposes only and should not  be construed as rendering professional advice of any kind. Usage of this  posting's information is solely at reader's own risk.

Liability Disclaimer

In  no event shall Author be liable for any damages whatsoever (including,  without limitation, damages for loss of use, data or profit) arising out  of the use or inability to use the posting's information even if Author  has been advised of the possibility of such damage.

Posting

In the past some senior tried to get the ISP to advertise our /24 "equally" , however none of the incoming traffic manage to reach us. But we can set out traffic . eg email

That might be one of your ISP's doing.  If you pass them both the /24 but one of them rolls it up into an aggregate, the specific /24 from the remaining ISP would be seen as the more specific route.

0 Helpful

doncarei2
Level 1
Level 1
In response to Joseph W. Doherty

‎03-07-2014 03:11 AM

what do you mean by both /24....we only have a set of /24 block . we actually send the /24 as well as our ASN to both isp to

aggregate the network .

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card