Re: BGP multi router load balance/redundancy scenario

kuiperp · ‎06-26-2009

Hello all!

Lets assume we have 2 routers, rA and rB with network 192.168.0.0/16 and AS64512. Each router has 3 interfaces:

connection 1: rA connected to carrier A, rB connected to carrier B via BGP

connection 2: rA is connected to rB via a direct link

connection 3: rA and rB are connected to a layer 3 switch which does the inter-vlan routing

Now, when all interfaces are up and running, life is good. If one of the routers looses its connection to its carrier it is no problem because the BGP session will go down and that router will stop announcing the network and traffic will flow through the other router. Even if connection2 or connection 3 goes down, we can work around this failure by using an iGP of choice. But, what if connection 2 and connection 3 are both down (bad luck, human error etc) on lets say rA, it still has a connection with carrier A and is thus announcing the network 192.168.0.0/16 and traffic will be dropped.

Now, my question is, how can we prevent BGP from announcing routes when this is the case? I have read many books, looked at numerous examples but none seem to address this issue. Is there even a way or am I looking in the wrong direction? Or am I overlooking something here? Any help is very much appreciated!

Thanks,

Peter

Giuseppe Larosa · ‎06-26-2009

Hello Peter,

>> it still has a connection with carrier A and is thus announcing the network 192.168.0.0/16 and traffic will be dropped.

a router advertises a prefix (your 192.168.0.0/16 )in BGP until it has a route to it.

If you are creating a summary route using a static to null0 you can use the more modern

aggregate-address command in BGP process instead.

This solves the problem:

when internal links are down no component route can be in the IP routing table of router A and it has to remove its advertisement of the prefix because no component route can be in the BGP table

see

! link to command reference

http://www.cisco.com/en/US/docs/ios/iproute/command/reference/irp_bgp1.html#wp1011467

! multihoming examples

http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a00800945bf.shtml#configs3

Hope to help

Giuseppe

kuiperp · ‎06-26-2009

Hi Giuseppe,

Thank you for your answer! Does this mean that on rA and rB I remove the static route (no ip route 192.168.0.0/16 Null0) and add the aggregate statement aggregate-address 192.168.0.0/16? Or do I also have to remove the network statement?

I did some testing and I can't seem to get it working as supposed. I must be doing something wrong, do you have some tips still?

Thanks again for your time,

Peter

Giuseppe Larosa · ‎06-26-2009

Hello Peter,

you need network commands but only for the component routes.

you can remove the network command for the prefix 192.168.0.0/16

you need also to learn these component routes from L3 switch using an IGP (OSPF or EIGRP)

if at least a component route like 192.168.2.0/24 is alive

use

router bgp x

aggregate-address 192.168.0.0 255.255.0.0 summary-only

network 192.168.2.0

you can use network commands or you can redistribute your IGP into BGP with.

router bgp x

redistribute eigrp y | ospf z

Hope to help

Giuseppe

kuiperp · ‎06-26-2009

Hi Giuseppe,

Thank you for your reply. I have tested both scenario's but I can only get it to work when I redistribute OSPF into BGP. I have read that it is unwise to do this, though it works great with the aggregate-address statement. I sure hope I don't get arrested by the Internet police :)

The reason why your first solution perhaps does not work is that I have to use Quagga on Linux since I don't have enough spare Cisco's around to try it. Also in my test case the Linux boxes are also doing the inter vlan routing and are running OSPF which might interfere with this. For some reason it keeps announcing the summary route even if there are no routes in the routing table (not even direct connected ones).

Either way, it seems I at least have one working solution and a better understanding how things are supposed to work.

Thanks a lot!

Peter