Two ISPs (local ISP and global ISP) will be peered with bgp router and form the multi-homing. We would like to seek for your comments on the configuration of the bgp router located in Hong Kong data center. Attached please find the logical design diagram and below please find the user requirements for your reference:
We would like the local traffics (all Hong Kong traffic) go to local ISP-A and the global traffics (other than Hong Kong traffic) go to ISP-B. Following is the configuration:
router bgp 100
# to ISP-A
neighbor 192.168.10.1 remote-as 100
neighbor 192.168.10.1 route-map LOCAL in
neighbor 192.168.20.1 remote-as 200
neighbor 192.168.10.1 route-map GLOBAL in
ip bgp-community new-format
# define the routes including hkix ASN
ip community-list 1 permit _4635_
# set the routes, which learn from local ISP and including HKIX ASN, to the 75, more preference to ISP-A for local traffic inside HK
route-map LOCAL permit 10
match community 1
set local-preference 75
route-map LOCAL permit 20
# set the routes, which learn from global ISP and including HKIX ASN, to the 125, less preference to ISP-B for local traffic inside HK
route-map GLOBAL permit 10
match community 1
set local-preference 125
route-map GLOBAL permit 20
According to above config, does it achieve my goal? Thanks
there are some notes about proposed configuration:
if you want to filter on BGP attribute AS path you need to use a different filter type
ip as-path access-list 1 permit _4635_
a community list filter attempts to match on BGP community that is a different BGP attribute.
the assumption that local routes will have HK IXP AS number in the AS path has to be verified: most of Internet exchange points provides VLans facilities to allow public peering between participants without need of going via the BGP session with IXP.
You need to verify this eventually looking at IXP web site and with the help of public looking glasses
you can find looking glasses in
c) Cisco implementation provides preference to higher values of Local preference attributes so if ISP-A is the local ISP and the as-path access-list identifies local IP prefixes you need to use a value greater then 100 in route-map LOCAL and a value less then 75 in route-map GLOBAL.
So you need to exchange values in the route-map
What you need more is to check if actually local IP prefixes can be identified by the presence of ASN of IXP
Thanks for your valuable comments and advices, attached please find the revised version of proposed configuration for your further comments.
I have one question regarding as-path ACL, the setting is _xxx$ to be configured. However, I am not sure whether it is the best setup or not. I may be missing or overlook somethings.
According to HKIX web page, the HKIX would be multi-lateral exchange point for ISPs and mainly for routing of intra-HongKong Internet traffic. That's why I assume the routes belongs to the members of HKIX to be treated as local traffic. If this concept is not true, I may be wrong and the configuration may not be achieved my boss requirements. Grateful if you could provide your point of view on the idea I mention above.
Besides, I have one class C IP address only. Can I control the inbounnd (return) local traffic via ISP-A, global traffic via ISP-B? Your help is much appreciated.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...