Hi, working on a BGP local preference problem between 2 sites, connected to Internet with two routers, single-homed each to two different ISP. so 4 routers total, 4 ISP's total. Each site runs a class C. The problem to set a local preference on path from Site1 ClassC to Site2 ClassC. here are the routers:
S1R1-AS1 (Site1 Router1, AS1, for example)
I would like to come up with a method for tuning the path between the two AS1 and AS2 sites to whichever ISP path I want. For example, there are four IPS involved:
Suppose AS1-AS11-AS13-AS2 is the preferred path, but we don't like this for reason, such as latency. Or the ISP's screw up something in the middle and I still receive AS2 from AS11 and AS1 from AS13. In this case, assume ISP has screwed up routing internally only, but not to my site's peers. My route will fail somewhere in the middle of the unknown "black box" between AS11-AS13. My connection between sites will be down unless I can set some sort of preference for the other 3 paths:
I have tried to configure with ebgp-multihop, sending AS1 directly to AS2 via the four paths. I keep hitting stupid little problems though, like a static route with a "permanent" keyword tag is not really permanent until you at least plug in the interface once. So rebooting router without interface link up at least once kills logic. Another thing that would help is how to tell BGP to peer with partner only on 1 interface, so if it has 2 paths, prevent ebgp session on alternate path.
Any ideas, hints, tips? Has anyone ever experienced such a problem of route fail due to unknown "black box" routing problem within an ISP?
hey milan, thx for response. I am a little confused on how tunnels would work. seems like I would still need to configure base level bgp routing preferences to direct the tunnel traffic. I am working on something using ebgp-multihop, and in the lab it seems fairly positive right now. that may be the way to go. I am a little surprised nobody seems to have done this before.
As using tunnel source/destination IP addresses derived from your router to the ISP router point-to-point connections you might easily configure a static host route on each of your routers to get to the particular remote site (similar to the loopback advertised to one IPS only you are using).
And the BGP session through the tunnel would also be Up only when the tunnel is Up.
On the other hand - you might get into trouble with MTU through the tunnels :-(
thx marwan, this is a pretty tricked out configuration. i managed to get it going similar to how you stated, but used bgp session rather than ip sla to track state between sites. i made a sacrificial loopback dedicated just to bgp multihop on each site's router. on the opposing side, i set local preference based on which router the route came from. instead of using ip sla to monitor across Internet from one site to the other, i used a bgp session from each of the routers. if the site-site traffic goes down, the bgp session goes down and then the specific router with higher/lower local pref goes away. seems to be working in the lab. one nice thing is the master route/prefix advertsied through straight ebgp doesnt get manipulated to isp, so both sides always have this to fall back on. the 4 different paths from both sites routers have local pref = 105,110,115,120 to override master route. seems to work pretty well, but the static route configurations where tricky and required ip sla to drop them for sure when the isp went away. also i had to put a null0 route to other site's bgp loopback so if isp went away, there was no chance route to that loopback could go a different way. would be great to hear from anyone who has done this before.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...