Solved: eBGP 4 paths Selection problem...

will · ‎02-24-2012

Hi, working on a BGP local preference problem between 2 sites, connected to Internet with two routers, single-homed each to two different ISP. so 4 routers total, 4 ISP's total. Each site runs a class C. The problem to set a local preference on path from Site1 ClassC to Site2 ClassC. here are the routers:

S1R1-AS1 (Site1 Router1, AS1, for example)

S1R2-AS1

S2R1-AS2

S2R2-AS2

I would like to come up with a method for tuning the path between the two AS1 and AS2 sites to whichever ISP path I want. For example, there are four IPS involved:

ISP1-AS11 (Site1)

ISP2-AS12 (Site1)

ISP3-AS13 (Site2)

ISP4-AS14 (Site2)

Suppose AS1-AS11-AS13-AS2 is the preferred path, but we don't like this for reason, such as latency. Or the ISP's screw up something in the middle and I still receive AS2 from AS11 and AS1 from AS13. In this case, assume ISP has screwed up routing internally only, but not to my site's peers. My route will fail somewhere in the middle of the unknown "black box" between AS11-AS13. My connection between sites will be down unless I can set some sort of preference for the other 3 paths:

AS1-AS11-AS14-AS2

AS1-AS12-AS13-AS2

AS1-AS12-AS14-AS2

I have tried to configure with ebgp-multihop, sending AS1 directly to AS2 via the four paths. I keep hitting stupid little problems though, like a static route with a "permanent" keyword tag is not really permanent until you at least plug in the interface once. So rebooting router without interface link up at least once kills logic. Another thing that would help is how to tell BGP to peer with partner only on 1 interface, so if it has 2 paths, prevent ebgp session on alternate path.

Any ideas, hints, tips? Has anyone ever experienced such a problem of route fail due to unknown "black box" routing problem within an ISP?

thanks in advance,

Will

Marwan ALshawi · ‎02-27-2012

One of the ways is that you use an ip/loopback to be advertised over the ISP

In site2

In site1 use a static route to this ip point to the ISP as well

Then in site1 use ipsla with icmp to check reachibilty to this ip if it's down then you can do some action to change a bgp metric or a route

Or bringing a static route up for example to use alternative path

Using ip sla tricked and capabilities

Hope this help

Sent from Cisco Technical Support iPhone App

View solution in original post

milan.kulik · ‎02-27-2012

Hi,

one idea:

What about configuring tunnels through the Internet (full mesh between your sites, if necessary)?

You could configure BGP peering through the tunnels then, e.g.

And prefer routing over any path you want.

HTH,

Milan

will · ‎02-27-2012

hey milan, thx for response. I am a little confused on how tunnels would work. seems like I would still need to configure base level bgp routing preferences to direct the tunnel traffic. I am working on something using ebgp-multihop, and in the lab it seems fairly positive right now. that may be the way to go. I am a little surprised nobody seems to have done this before.

milan.kulik · ‎02-28-2012

Hi Will,

it was just a raw idea.

As using tunnel source/destination IP addresses derived from your router to the ISP router point-to-point connections you might easily configure a static host route on each of your routers to get to the particular remote site (similar to the loopback advertised to one IPS only you are using).

And the BGP session through the tunnel would also be Up only when the tunnel is Up.

On the other hand - you might get into trouble with MTU through the tunnels :-(

BR,

Milan

Marwan ALshawi · ‎02-27-2012

One of the ways is that you use an ip/loopback to be advertised over the ISP

In site2

In site1 use a static route to this ip point to the ISP as well

Then in site1 use ipsla with icmp to check reachibilty to this ip if it's down then you can do some action to change a bgp metric or a route

Or bringing a static route up for example to use alternative path

Using ip sla tricked and capabilities

Hope this help

Sent from Cisco Technical Support iPhone App

will · ‎02-27-2012

thx marwan, this is a pretty tricked out configuration. i managed to get it going similar to how you stated, but used bgp session rather than ip sla to track state between sites. i made a sacrificial loopback dedicated just to bgp multihop on each site's router. on the opposing side, i set local preference based on which router the route came from. instead of using ip sla to monitor across Internet from one site to the other, i used a bgp session from each of the routers. if the site-site traffic goes down, the bgp session goes down and then the specific router with higher/lower local pref goes away. seems to be working in the lab. one nice thing is the master route/prefix advertsied through straight ebgp doesnt get manipulated to isp, so both sides always have this to fall back on. the 4 different paths from both sites routers have local pref = 105,110,115,120 to override master route. seems to work pretty well, but the static route configurations where tricky and required ip sla to drop them for sure when the isp went away. also i had to put a null0 route to other site's bgp loopback so if isp went away, there was no chance route to that loopback could go a different way. would be great to hear from anyone who has done this before.

thx, will