Solved: BGP Requirements

tonyraboza · ‎07-02-2008

Hi,

We're implementing BGP and we already have our AS number, and peering arrangements with 1 ISP (the other one is coming up next). In fact we already have an entry on our border router. Basically we are implementing BGP in order to provide us with inbound and outbound Internet link connectivity.

Questions:

#1. Will our router be able to handle BGP once we have it fully implemented?

Here's our router:

===

Cisco 3725 (R7000) processor (revision 0.1) with 247808K/14336K bytes of memory.

Processor board ID JPE0751125P

R7000 CPU at 240MHz, Implementation 39, Rev 3.3, 256KB L2 Cache

18 FastEthernet interfaces

DRAM configuration is 64 bits wide with parity disabled.

55K bytes of NVRAM.

31360K bytes of ATA System CompactFlash (Read/Write)

62720K bytes of ATA Slot0 CompactFlash (Read/Write)

===

#2 Any tips, or things we should watch out for during our implementation of BGP?

Thanks,

Tony

lee.reade · ‎07-02-2008

Hi Tony,

Well your router looks fine as far as memory and flash as concerned, however what you should really do is baseline the router prior to BGP being made active and then again, say a few days after the connection is fully active.

You can use the following commands to do this;

show process cpu

show memory

Additionally depends on whether or not your router will be receiving a default route from your new BGP peer, partial routes or full internet routes.

Finally will this router be a dedicated internet peering router? What about things like NAT etc? will these be done by the isp or you?

Cheers,

LR

View solution in original post

royalblues · ‎07-02-2008

Tony,

Multihoming can be done even by accepting just a default route from the ISP's. You just need to set your Policies so that one link is seen as preferred for inbound traffic (uisnf as prepends) and the other preferred for outbound (using local pref/weights etc)

Yes NAT can coexist with BGP

The usual convergence time for BGP is 3 minutes. This can be tweaked by adjusting the timers. (BGP scan time, advertisement interval and hold timers)

Note the more routes you have the more processing you would require in case a link flaps so be careful before adjusting the timers.

Narayan

View solution in original post

lee.reade · ‎07-02-2008

Hi Tony,

You only really need to take a default from each bgp peer, then set the local-preference on your primary outgoing router, to a value higher than that of the secondary outgoing router, default 100.

You would also want to do as-prepend on the secondary router to its bgp peer, so that the primary router advertises a shorter route to your networks.

You wouldnt have a problem doing NAT on this box, even less so if you were just taking a default route.

If you start thinking about VPNs etc, ie ipsec, I would look into getting an asa and doing the NAT and VPN on that.

Here is a good link for BGP config steps.

http://www.cisco.com/en/US/docs/ios/iproute/configuration/guide/irp_bgp_external_sp_ps6350_TSD_Products_Configuration_Guide_Chapter.html

Cheers,

LR

View solution in original post

Giuseppe Larosa · ‎07-02-2008

Hello,

you can import a full table from ISP1 and a default route and selected routes from the second ISP2 to have load balancing you will provide preference to the selected routes of ISP2.

It is better to move the NAT on another box.

There is a BGP option that ties the BGP sessions to the state of the physical interfaces

router bgp

bgp fast-external-fallover

in this case the time to recover is the time to detect that the interface is down.

Without this command time is 3 times the keeealive interval that with default values is 180 seconds.

To import two BGP full tables more memory is required.

hope to help

Giuseppe

View solution in original post

Denise "Fish" Fishburne · ‎07-02-2008

I just taught BGP Multihoming: An Enterprise View at Networkers in Orlando this year. Networkers is great... you should consider trying to go next year.

Anyway... I'm a strong advocate of NOT accepting full routes. Your decisions are limited right? You go thru one SP or the other. If both are Tier 1/2 and you are in America then I would go with just accepting a default from both. If there are speed differences between the links or cost differeneces between the providers then go with primary/secondary.

Link down and convergence will be based on whether you are talking eBGP and direct connections to the SPs or iBGP between your routers and using loopbacks. These are all dependent on the timers you chose to use.

View solution in original post

lee.reade · ‎07-02-2008

Hi Tony,

Well your router looks fine as far as memory and flash as concerned, however what you should really do is baseline the router prior to BGP being made active and then again, say a few days after the connection is fully active.

You can use the following commands to do this;

show process cpu

show memory

Additionally depends on whether or not your router will be receiving a default route from your new BGP peer, partial routes or full internet routes.

Finally will this router be a dedicated internet peering router? What about things like NAT etc? will these be done by the isp or you?

Cheers,

LR

royalblues · ‎07-02-2008

What are the routes you are going to receive from the ISP - Full, partial or just the default

Though the router has 256MB of memory, i would be hesitant to use it if your intention is to get full internet routing table from the ISP's

Narayan

tonyraboza · ‎07-02-2008

Hi Lee and Narayan,

My company's requirement for doing BGP is to multi-home - to provide us with redundant inbound (for our servers) and outbound (for our company's users) Internet connectivity.

From my readings - it would seem that to be able to meet our requirements above - I would need the full routes from our two ISPs. Is this correct?

Our router is also currently doing NAT - can this service co-exist with BGP or will this be too much for our router. Anyway, I can probably move NAT over to a Linux box.

Another question though - what is the usual average time for convergence of BGP when a link goes down?

Thanks for the kind replies.

Regards,

Tony

royalblues · ‎07-02-2008

Tony,

Multihoming can be done even by accepting just a default route from the ISP's. You just need to set your Policies so that one link is seen as preferred for inbound traffic (uisnf as prepends) and the other preferred for outbound (using local pref/weights etc)

Yes NAT can coexist with BGP

The usual convergence time for BGP is 3 minutes. This can be tweaked by adjusting the timers. (BGP scan time, advertisement interval and hold timers)

Note the more routes you have the more processing you would require in case a link flaps so be careful before adjusting the timers.

Narayan

lee.reade · ‎07-02-2008

Hi Tony,

You only really need to take a default from each bgp peer, then set the local-preference on your primary outgoing router, to a value higher than that of the secondary outgoing router, default 100.

You would also want to do as-prepend on the secondary router to its bgp peer, so that the primary router advertises a shorter route to your networks.

You wouldnt have a problem doing NAT on this box, even less so if you were just taking a default route.

If you start thinking about VPNs etc, ie ipsec, I would look into getting an asa and doing the NAT and VPN on that.

Here is a good link for BGP config steps.

http://www.cisco.com/en/US/docs/ios/iproute/configuration/guide/irp_bgp_external_sp_ps6350_TSD_Products_Configuration_Guide_Chapter.html

Cheers,

LR

Giuseppe Larosa · ‎07-02-2008

Hello,

you can import a full table from ISP1 and a default route and selected routes from the second ISP2 to have load balancing you will provide preference to the selected routes of ISP2.

It is better to move the NAT on another box.

There is a BGP option that ties the BGP sessions to the state of the physical interfaces

router bgp

bgp fast-external-fallover

in this case the time to recover is the time to detect that the interface is down.

Without this command time is 3 times the keeealive interval that with default values is 180 seconds.

To import two BGP full tables more memory is required.

hope to help

Giuseppe

Denise "Fish" Fishburne · ‎07-02-2008

I just taught BGP Multihoming: An Enterprise View at Networkers in Orlando this year. Networkers is great... you should consider trying to go next year.

Anyway... I'm a strong advocate of NOT accepting full routes. Your decisions are limited right? You go thru one SP or the other. If both are Tier 1/2 and you are in America then I would go with just accepting a default from both. If there are speed differences between the links or cost differeneces between the providers then go with primary/secondary.

Link down and convergence will be based on whether you are talking eBGP and direct connections to the SPs or iBGP between your routers and using loopbacks. These are all dependent on the timers you chose to use.