We run a small Wireless ISP and due to our grow we are setting up our network for full availability for our customers. We got our AS and IP block from ARIN, and we have internal OSPF for all our POPs, we have 2 Internet upstreams with same Bandwidth, and now we are planning to run BGP to have redundancy on our Internet pipe. I'm really new to BGP configurations , so we have decided to set it as simple as possible but always aiming to provide redundancy to our customers. I've reading a lot and some configurations suggest to receive default routes from both ISP since we are planning to work BGP as backup instead load balancing.
This is the catch. (Please refer to our network diagram)
We have two 7204 Routers connected to two different ISPs. Rigth now we dont have any BGP running just OSPF for internal backup.
As soon as we set BGP we dont want all traffic going to just one ISP , what we want is to force traffic from HILINE and GTS though Router B, and CYMEZ, BADAFI and OFICINA through router A, but still have redundancy in case one or the other ISP goes down.
I would appreciate some basic configurations so we can achieve this goal.
A solution would be to have two static routes towards to each upstream router. In each internal router you will give the static route you prefer lower administrative distance. In order to have failure protection you shoyld assign each sattic route a track object from which you will be monitoring the internet connectivity of each upstream router (e.g by using a ping towards the ISP point to point IP address). This implicates that you will leak these point to point IPs to your ospf domain.
Another solution (best to my opinion) would be to set up iBGP between your routers and use local preference to prefer a router to another one. If you want you could advertise only default routes from your internet routers. In this way you will keep OSPF and BGP totally separate. Remember to use loopback in these neighborships and make sure you advertise these loopbacks in your OSPF.
I think the simplest option would be to set BGP up as you had drawn but don't worry about the IBGP connection as its not of much use if you only receive a default route. Then allow ospf to generate a default route from each 7204 and with a metric type of E1 based on the presence of the BGP default route being in your routing table.
Metric-Type 1 will ensure the end to end path cost the the gateway is used to for path selection.
OSPF would then be responsible for routing traffic towards the closest internet gateway and not BGP. I think this will give an approximate balancing of outbound traffic close to what your looking for.
Hope that (works and) helps to simplify things a little.
Good luck with it
Thank you Lex,
This solution seems to be simpler , we will try this one as our first option, and let you know if we run into any issues.
I have two questions:
1- The default-information originate metric-type 1 command must be set on the 7204s?
2- OSPF routing table on all routers will have 2 default routes on table? How routers will decide which one to choose
1 - Yes the set the default information originate on the 7204s.
2 - In the majority of cases the routers will use the default with the lowest composite metric to reach the closest gateway. Where a tie break exists my guess it that it would not load share but install the router to 7204B. If it did load share you could prevent this by setting maximum-paths to 1 under the OSPF process.
Let us know how you get on.
there are many ways to load balance traffic in output but you have to consider traffic from Internet to your network too. Balancing this traffic is more difficult but you have to consider this problem.
Have a look to: https://supportforums.cisco.com/discussion/12155816/bgp-partial-traffic-migration
PS: please, rate if useful
Excellent point Enrico inbound traffic will also be a challenge.
A feasible although slightly complicated approach would be to tag the routes as they are redistributed (assuming they are connected subnets on each router) into ospf. This tag could be used to identify which routes have a prefered inbound route through either 7204A or 7204B. This would allow inbound and outbound traffic balancing to be performed in OSPF which i am assuming your are more comfortable with.
The rough logic would be:
On each router look at the ospf routing table. If the prefered default is from 7204 A set route tag 1
Redistribute connected subnets tag 1
If it is 7204 B then use route tag 2
Redistribute connected subnets tag 2
When redistributing from OSPF to BGP on 7204A use a route map to match tag 2 and prepend 3 dummy instance of your AS. This will ensure that these routes are not prefered via this router unless a failure occurs. The same configuration could also be used in mirrored configuration on 7204B.
This would allow an almost identical inbound and outbound traffic paths under non failure conditions and also allow some balancing of traffic although it is a bit manual (so is BGP for that matter).
When considering Internet load balancing, you have to consider 2 different flows.
And you need to take into account your gateway redundancy.
Inbound initiated connection from the Internet could be addressed by allowing the ISP to pass all Internet routes learned to your 7204 via eBGP, and then allowing the iBGP session between your 7204s to decide the best exit ISP for the return traffic of your hosts. Scaled down version of this principle would be receiving a partial routing table from your Service Provider, or designating a list of public networks and marking those routes with a local preference that would split the load between yoru 7204s and ISPs.
Outbound initiated connection from your hosts could be addressed by modifying the OSPF cost of your links. As an example, see attached. This would allow the load balancing and provide redundancy.
Thank you everybody for your replies,
We know BGP can be a bit tricky but with all your suggestions I guess we well approach to the besto solution. I'l keep you guys posted
Thanks a lot