Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
965
Views
0
Helpful
3
Replies

Multihomed BGP issue

Go to solution
faze1sari
Level 1
Level 1

‎07-16-2012 07:42 AM - edited ‎03-04-2019 04:58 PM

We are an ISP and we are trying to give internet access to a client via BGP. The client already has a primary connection with AT&T and is using our service as a backup. We have a complete routing table in our router and we are only giving the client 4 networks which they desire via a route-map. For discussion sake lets say our ASN number is 40000 the client ASN number is 27000. Our router ip is 10.156.130.91 and the client is 10.156.130.81. Ping is working fine and the BGP state is established but when the client brings down their primary internet connection with AT&T they are unable to route outside and get a message expired in transit from the 130.91 ip address. Our config is as follows:

router bgp 40000

bgp log-neighbor-changes

neighbor 10.156.130.81 remote-as 27309

neighbor 10.156.130.81 route-map rm_peer_3_in in

neighbor 10.156.130.81 route-map rm_peer_3_out out

neighbor 10.156.130.100 remote-as 40725

!

ip prefix-list pl_peer_3_in seq 5 permit 12.132.104.0/24

ip prefix-list pl_peer_3_in seq 10 permit 12.208.151.0/24

ip prefix-list pl_peer_3_in seq 15 permit 76.233.231.0/24

ip prefix-list pl_peer_3_in seq 20 permit 69.0.104.0/24

ip prefix-list pl_peer_3_in seq 21 permit 0.0.0.0/32

ip prefix-list pl_peer_3_in seq 25 deny any

ip prefix-list pl_peer_3_out seq 5 permit 12.132.104.0/24

ip prefix-list pl_peer_3_out seq 10 permit 12.208.151.0/24

ip prefix-list pl_peer_3_out seq 15 permit 76.233.231.0/24

ip prefix-list pl_peer_3_out seq 20 permit 69.0.104.0/24

ip prefix-list pl_peer_3_out seq 21 permit 0.0.0.0/32

ip prefix-list pl_peer_3_out seq 25 deny any

!

route-map rm_peer_3_out permit 5

match ip address prefix-list pl_peer_3_out

!

route-map rm_peer_3_in permit 5

match ip address prefix-list pl_peer_3_in

The client configuration is:

interface FastEthernet0/0/0
ip address 10.156.130.81 255.255.255.192
duplex auto
speed auto

router bgp 27000
no synchronization
bgp log-neighbor-changes
bgp inject-map ORIGINATE exist-map LEARNED_ROUTE
network 12.132.104.0 mask 255.255.255.0
network 12.132.104.0 mask 255.255.255.128
network 12.208.151.0 mask 255.255.255.128
network 69.0.104.0 mask 255.255.255.0
network 76.233.231.0 mask 255.255.255.0
aggregate-address 69.0.104.0 255.255.255.0 summary-only
aggregate-address 12.208.151.0 255.255.255.0 summary-only
aggregate-address 12.132.104.0 255.255.255.0 summary-only
neighbor 12.91.XX.YYY remote-as 7000
neighbor 12.91.XX.YYY weight 10
neighbor 12.91.XX.YYY route-map ATT_NO_EXPORT in
neighbor 10.156.130.91 remote-as 40000
neighbor 10.156.130.91 send-community
neighbor 10.156.130.91 distribute-list 6 out
neighbor 10.156.130.91 route-map Backup in
neighbor 10.156.130.91 route-map Comcast-Community out
neighbor 10.156.130.91 advertise-map ADV non-exist-map NONEXIST
neighbor 10.156.130.91 ebgp-multihop 255
no auto-summary
!
no ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 10.156.130.91 30
ip route 192.168.40.0 255.255.255.0 76.233.231.3 permanent
no ip http server
no ip http secure-server
!
ip bgp-community new-format
!
ip prefix-list ROUTE seq 5 permit 0.0.0.0/0
!
ip prefix-list ROUTE_SOURCE seq 5 permit 12.91.XX.YYY/32
!
ip prefix-list UNAGGREGATED_ROUTES seq 5 permit 1.1.1.1/32
!
access-list 1 permit any
access-list 2 deny  any
access-list 3 permit any
access-list 5 permit 1.1.1.1
access-list 6 permit 12.132.104.0 0.0.0.255
access-list 6 permit 69.0.104.0 0.0.0.255
access-list 6 permit 12.208.151.0 0.0.0.255
access-list 6 permit 76.233.231.0 0.0.0.255
!
!
!
!
route-map NONEXIST permit 10
match ip address 5
!
route-map Backup permit 10
match ip address 1
set community no-export
!
route-map Comcast-Community permit 10
match ip address 3
set community 7922:100
!
route-map ATT_NO_EXPORT permit 10
match ip address 1
set community no-export
!
route-map ORIGINATE permit 10
set ip address prefix-list UNAGGREGATED_ROUTES
!
route-map LEARNED_ROUTE permit 10
match ip address prefix-list ROUTE
match ip route-source prefix-list ROUTE_SOURCE
!
route-map ADV permit 10
match ip address 6
!
route-map AS-PREPEND permit 10
match ip address 1
set as-path prepend 27000 27000 27000 27000      

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to faze1sari

‎07-16-2012 10:24 AM

Hello Faze1sari,

they (the customer)  have to advertise to you their public IP networks, how can routing on the return path work when the primary ISP is failed?

This is the basic idea of BGP multihoming

the prefix list in 'in' direction should list different IP subnets then the other one as far as I can understand. However, I can miss something.

Hope  to help

Giuseppe

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame

‎07-16-2012 10:00 AM

Hello Faze1sari,

there are some basic notes about your configuration

a) a default route should be represented as 0.0.0.0/0 not as 0.0.0.0/32

b)  why the route filters applied to the customer are equal?  this doesn't make sense the two prefix-list pl_peer_3_out and pl_peer_3_in permit the same IP prefixes I would expect you to provide a default route and some routes not  to receive a default route from customer and the same set of routes.

c) what is the use of the inject-map on customer router? if the customer router receives a default route from expected route source it generates a route for 1.1.1.1/32 that is not sent to your router ( there is the distribute-list 6 towards your router and that prefix is not included) so what is its use?

Hope to help

Giuseppe

0 Helpful

Go to solution
faze1sari
Level 1
Level 1
In response to Giuseppe Larosa

‎07-16-2012 10:10 AM

Giuseppe,

Thanks for your response I have made the following changes on my side:

ip prefix-list pl_peer_3_in seq 5 permit 12.132.104.0/24

ip prefix-list pl_peer_3_in seq 10 permit 12.208.151.0/24

ip prefix-list pl_peer_3_in seq 15 permit 76.233.231.0/24

ip prefix-list pl_peer_3_in seq 20 permit 69.0.104.0/24

ip prefix-list pl_peer_3_in seq 25 deny any

ip prefix-list pl_peer_3_out seq 5 permit 12.132.104.0/24

ip prefix-list pl_peer_3_out seq 10 permit 12.208.151.0/24

ip prefix-list pl_peer_3_out seq 15 permit 76.233.231.0/24

ip prefix-list pl_peer_3_out seq 20 permit 69.0.104.0/24

ip prefix-list pl_peer_3_out seq 21 permit 0.0.0.0/0

ip prefix-list pl_peer_3_out seq 25 deny any

Also we are not supposed to receive any routes from the client we are providing them with routes not the other way around.

0 Helpful

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to faze1sari

‎07-16-2012 10:24 AM

Hello Faze1sari,

they (the customer)  have to advertise to you their public IP networks, how can routing on the return path work when the primary ISP is failed?

This is the basic idea of BGP multihoming

the prefix list in 'in' direction should list different IP subnets then the other one as far as I can understand. However, I can miss something.

Hope  to help

Giuseppe

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card