BGP Tutorial Part 3 - Multihoming PDF Free Download

1y ago

21 Views

1 Downloads

3.11 MB

205 Pages

Report/dmca

Download PDF

Transcription

Introduction Presentation has many configuration examples Uses Cisco IOS CLI Aimed at Service ProvidersTechniques can be used by many enterprises too Feel free to ask questionsAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.3

BGP Multihoming Techniques Definition & Options Connecting to the same ISP Connecting to different ISPs Service Provider Multihoming Using Communities Case StudyAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.4

Multihoming Definition More than one link external to the localnetworktwo or more links to the same ISPtwo or more links to different ISPs Usually two external facing routersone router gives link and provider redundancyonlyAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.6

AS Numbers An Autonomous System Number isrequired by BGP Obtained from upstream ISP or RegionalRegistry Necessary when you have links to morethan one ISP or exchange pointAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.7

Configuring Policy Three BASIC Principlesprefix-lists to filter prefixesfilter-lists to filter ASNsroute-maps to apply policy Avoids confusion!APRICOT2003 2003, Cisco Systems, Inc. All rights reserved.8

Policy Tools Local preferenceoutbound traffic flows Metric (MED)inbound traffic flows (local scope) AS-PATH prependinbound traffic flows (Internet scope) Communitiesspecific inter-provider peeringAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.9

Originating Prefixes Basic AssumptionsMUST announce assigned address block toInternetMAY also announce subprefixes – reachabilityis not guaranteedRIR minimum allocation is /20several ISPs filter RIR blocks on this boundarycalled “Net Police” by someAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.10

Part of the “Net Police” prefix x-listprefix-listRIPE tpermit61.0.0.0/8 ge 9 le 20202.0.0.0/7 ge 9 le 20210.0.0.0/7 ge 9 le 20218.0.0.0/7 ge 9 le 20220.0.0.0/6 ge 9 le .0.0.0/8 ge 9 le 2063.0.0.0/8 ge 9 le 2064.0.0.0/6 ge 9 le 2068.0.0.0/7 ge 9 le 20199.0.0.0/8 ge 9 le 20204.0.0.0/6 ge 9 le 20208.0.0.0/7 ge 9 le 20216.0.0.0/8 ge 9 le permitpermitpermitpermitpermitpermit62.0.0.0/8 ge 9 le 2080.0.0.0/7 ge 9 le 2082.0.0.0/8 ge 9 le 20193.0.0.0/8 ge 9 le 20194.0.0.0/7 ge 9 le 20212.0.0.0/7 ge 9 le 20217.0.0.0/8 ge 9 le 20FILTER permit 200.0.0.0/8 ge 9 le 20 2003, Cisco Systems, Inc. All rights reserved.11

“Net Police” prefix list issues meant to “punish” ISPs who pollute the routing tablewith specifics rather than announcing aggregates impacts legitimate multihoming especially at theInternet’s edge impacts regions where domestic backbone isunavailable or costs compared with internationalbandwidth hard to maintain – requires updating when RIRs startallocating from new address blocks don’t do it unless consequences understood and youare prepared to keep the list currentAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.12

Stub NetworkAS101AS100 No need for BGP Point static default to upstream ISP Upstream ISP advertises stub network Policy confined within upstream ISP’s policyAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.14

Multi-homed Stub NetworkAS65530AS100 Use BGP (not IGP or static) to loadshare Use private AS (ASN 64511) Upstream ISP advertises stub network Policy confined within upstream ISP’s policyAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.15

Multi-Homed NetworkGlobal InternetAS200AS300AS100 Many situations possiblemultiple sessions to same ISPsecondary for backup onlyload-share between primary and secondaryselectively use different ISPsAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.16

Multiple Sessions to an ISP– Example One eBGP multihop eBGP to loopback addresses eBGP prefixes learned withloopback address as next hopAS 2001.1.1.1router bgp 201neighbor 1.1.1.1 remote-as 200neighbor 1.1.1.1 ebgp-multihop 5!ip route 1.1.1.1 255.255.255.255 serial 1/0ip route 1.1.1.1 255.255.255.255 serial 1/1ip route 1.1.1.1 255.255.255.255 serial 1/2APRICOT2003 2003, Cisco Systems, Inc. All rights reserved.AS 20117

Multiple Sessions to an ISP– Example One Try and avoid use of ebgp-multihopunless:It’s absolutely necessary –or–Loadsharing across multiple links Many ISPs discourage its use, forexample:We will run eBGP multihop, but do not support it as a standard offeringbecause customers generally have a hard time managing it due to: routing loops failure to realise that BGP session stability problems are usually dueconnectivity problems between their CPE and their BGP speakerAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.18

Multiple Sessions to an ISP– Example Two BGP multi-path Three BGP sessionsrequiredAS 200 limit of 6 parallel pathsrouter bgp 201neighbor 1.1.2.1 remote-as 200neighbor 1.1.2.5 remote-as 200neighbor 1.1.2.9 remote-as 200maximum-paths 3APRICOT2003 2003, Cisco Systems, Inc. All rights reserved.AS 20119

Multiple Sessions to an ISP Simplest scheme is to usedefaults Learn/advertise prefixesfor better controlAS200CDAB Planning and some workrequired to achieveloadsharing No magic solutionAS 201APRICOT2003 2003, Cisco Systems, Inc. All rights reserved.20

Private-AS – Application ApplicationsISP with singlehomed customers(RFC2270)corporate networkwith severalregions andconnections to theInternet only in thecoreAPRICOT2003 2003, Cisco Systems, Inc. All rights 193.1.34.0/24B65003193.2.35.0/24A193.1.32.0/22 188021

Private-AS Removal neighbor x.x.x.x remove-private-AS Please include in all eBGP configurations Rules:Available for eBGP neighbours onlyif the update has AS PATH made up of private-AS numbers, theprivate-AS will be droppedif the AS PATH includes private and public AS numbers, privateAS number will not be removed it is a configuration error!if AS PATH contains the AS number of the eBGP neighbor, theprivate-AS numbers will not be removedif used with confederations, it will work as long as the private ASnumbers are after the confederation portion of the AS PATHAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.22

Multihoming to the same ISP Use BGP for this type of multihominguse a private AS (ASN 64511) upstream ISP proxy aggregatesin other words, announces only your addressblock to the Internet (as would be done if youhad one statically routed connection)APRICOT2003 2003, Cisco Systems, Inc. All rights reserved.25

Two links to the same ISP(one as backup only) Announce /19 aggregate on each linkprimary link makes standard announcementbackup link increases metric on outbound, and reduceslocal-pref on inbound When one link fails, the announcement of the /19aggregate via the other link ensures continuedconnectivityAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.28

Two links to the same ISP(one as backup only) Router A Configurationrouter bgp 65534network 221.10.0.0 mask 255.255.224.0neighbor 222.222.10.2 remote-as 100neighbor 222.222.10.2 description RouterCneighbor 222.222.10.2 prefix-list aggregate outneighbor 222.222.10.2 prefix-list default in!ip prefix-list aggregate permit 221.10.0.0/19ip prefix-list default permit 0.0.0.0/0!APRICOT2003 2003, Cisco Systems, Inc. All rights reserved.29

Two links to the same ISP(one as backup only) Router B Configurationrouter bgp 65534network 221.10.0.0 mask 255.255.224.0neighbor 222.222.10.6 remote-as 100neighbor 222.222.10.6 description RouterDneighbor 222.222.10.6 prefix-list aggregate outneighbor 222.222.10.6 route-map routerD-out outneighbor 222.222.10.6 prefix-list default inneighbor 222.222.10.6 route-map routerD-in in!.next slideAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.30

Two links to the same ISP(one as backup only)ip prefix-list aggregate permit 221.10.0.0/19ip prefix-list default permit 0.0.0.0/0!route-map routerD-out permit 10match ip address prefix-list aggregateset metric 10route-map routerD-out permit 20!route-map routerD-in permit 10set local-preference 90!APRICOT2003 2003, Cisco Systems, Inc. All rights reserved.31

Two links to the same ISP(one as backup only) Router C Configuration (main link)router bgp 100neighbor 222.222.10.1 remote-as 65534neighbor 222.222.10.1 default-originateneighbor 222.222.10.1 prefix-list Customer inneighbor 222.222.10.1 prefix-list default out!ip prefix-list Customer permit 221.10.0.0/19ip prefix-list default permit 0.0.0.0/0APRICOT2003 2003, Cisco Systems, Inc. All rights reserved.32

Two links to the same ISP(one as backup only) Router D Configuration (backup link)router bgp 100neighbor 222.222.10.5 remote-as 65534neighbor 222.222.10.5 default-originateneighbor 222.222.10.5 prefix-list Customer inneighbor 222.222.10.5 prefix-list default out!ip prefix-list Customer permit 221.10.0.0/19ip prefix-list default permit 0.0.0.0/0APRICOT2003 2003, Cisco Systems, Inc. All rights reserved.33

Two links to the same ISP(one as backup only) Router E Configurationrouter bgp 100neighbor 222.222.10.17 remote-as 110neighbor 222.222.10.17 remove-private-ASneighbor 222.222.10.17 prefix-list Customer out!ip prefix-list Customer permit 221.10.0.0/19 Router E removes the private AS andcustomer’s subprefixes from externalannouncements Private AS still visible inside AS100APRICOT2003 2003, Cisco Systems, Inc. All rights reserved.34

Loadsharing to the same ISPLink oneCAAS 100EAS 65534DBLink two AS100 removes private AS and any customersubprefixes from Internet announcementAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.36

Loadsharing to the same ISP Announce /19 aggregate on each link Split /19 and announce as two /20s, one on each linkbasic inbound loadsharingassumes equal circuit capacity and even spread of traffic acrossaddress block Vary the split until “perfect” loadsharing achieved Accept the default from upstreambasic outbound loadsharing by nearest exitokay in first approx as most ISP and end-site traffic is inboundAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.37

Loadsharing to the same ISP Router A Configurationrouter bgp 65534network 221.10.0.0 mask 255.255.224.0network 221.10.0.0 mask 255.255.240.0neighbor 222.222.10.2 remote-as 100neighbor 222.222.10.2 prefix-list routerC outneighbor 222.222.10.2 prefix-list default in!ip prefix-list default permit 0.0.0.0/0ip prefix-list routerC permit 221.10.0.0/20ip prefix-list routerC permit 221.10.0.0/19!ip route 221.10.0.0 255.255.240.0 null0ip route 221.10.0.0 255.255.224.0 null0Router B configuration is similar but with the other /20APRICOT2003 2003, Cisco Systems, Inc. All rights reserved.38

Loadsharing to the same ISP Router C Configurationrouter bgp 100neighbor 222.222.10.1 remote-as 65534neighbor 222.222.10.1 default-originateneighbor 222.222.10.1 prefix-list Customer inneighbor 222.222.10.1 prefix-list default out!ip prefix-list Customer permit 221.10.0.0/19 le 20ip prefix-list default permit 0.0.0.0/0 Router C only allows in /19 and /20 prefixes fromcustomer block Router D configuration is identicalAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.39

Loadsharing to the same ISP Loadsharing configuration is only on customerrouter Upstream ISP has toremove customer subprefixes from externalannouncementsremove private AS from external announcements Could also use BGP communitiesAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.40

Multiple Dualhomed Customers (RFC2270)CAS 100EA1AS 65534B1DA2AS 65534B2 AS100 removes private AS andany customer subprefixes fromInternet announcementAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.A3AS 65534B342

Multiple Dualhomed Customers Customer announcements as per previousexample Use the same private AS for each customerdocumented in RFC2270address space is not overlappingeach customer hears default only Router An and Bn configuration same as RouterA and B previouslyAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.43

Two links to the same ISP Router A1 Configurationrouter bgp 65534network 221.10.0.0 mask 255.255.224.0network 221.10.0.0 mask 255.255.240.0neighbor 222.222.10.2 remote-as 100neighbor 222.222.10.2 prefix-list routerC outneighbor 222.222.10.2 prefix-list default in!ip prefix-list default permit 0.0.0.0/0ip prefix-list routerC permit 221.10.0.0/20ip prefix-list routerC permit 221.10.0.0/19!ip route 221.10.0.0 255.255.240.0 null0ip route 221.10.0.0 255.255.224.0 null0Router B1 configuration is similar but for the other /20APRICOT2003 2003, Cisco Systems, Inc. All rights reserved.44

Multiple Dualhomed Customers Router C Configurationrouter bgp 100neighbor bgp-customers peer-groupneighbor bgp-customers remote-as 65534neighbor bgp-customers default-originateneighbor bgp-customers prefix-list default outneighbor 222.222.10.1 peer-group bgp-customersneighbor 222.222.10.1 description Customer Oneneighbor 222.222.10.1 prefix-list Customer1 inneighbor 222.222.10.9 peer-group bgp-customersneighbor 222.222.10.9 description Customer Twoneighbor 222.222.10.9 prefix-list Customer2 inAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.45

Multiple Dualhomed Customersneighbor 222.222.10.17 peer-group bgp-customersneighbor 222.222.10.17 description Customer Threeneighbor 222.222.10.17 prefix-list Customer3 in!ip prefix-list Customer1 permit 221.10.0.0/19 le 20ip prefix-list Customer2 permit 221.16.64.0/19 le 20ip prefix-list Customer3 permit 221.14.192.0/19 le 20ip prefix-list default permit 0.0.0.0/0 Router C only allows in /19 and /20 prefixesfrom customer block Router D configuration is almost identicalAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.46

Multiple Dualhomed Customers Router E Configurationassumes customer address space is not part ofupstream’s address blockrouter bgp 100neighbor 222.222.10.17 remote-as 110neighbor 222.222.10.17 remove-private-ASneighbor 222.222.10.17 prefix-list Customers out!ip prefix-list Customers permit 221.10.0.0/19ip prefix-list Customers permit 221.16.64.0/19ip prefix-list Customers permit 221.14.192.0/19 Private AS still visible inside AS100APRICOT2003 2003, Cisco Systems, Inc. All rights reserved.47

Multiple Dualhomed Customers If customers’ prefixes come fromISP’s address blockdo NOT announce them to the Internetannounce ISP aggregate only Router E configuration:router bgp 100neighbor 222.222.10.17 remote-as 110neighbor 222.222.10.17 prefix-list my-aggregate out!ip prefix-list my-aggregate permit 221.8.0.0/13APRICOT2003 2003, Cisco Systems, Inc. All rights reserved.48

Two links to different ISPs Use a Public ASor use private AS if agreed with the other ISP Address space comes fromboth upstreams orRegional Internet Registry Configuration concepts very similarAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.51

Two links to different ISPs (one asbackup only) Announce /19 aggregate on each linkprimary link makes standard announcementbackup link lengthens the AS PATH by using ASPATH prepend When one link fails, the announcement of the/19 aggregate via the other link ensurescontinued connectivityAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.53

Two links to different ISPs (one asbackup only) Router A Configurationrouter bgp 130network 221.10.0.0 mask 255.255.224.0neighbor 222.222.10.1 remote-as 100neighbor 222.222.10.1 prefix-list aggregate outneighbor 222.222.10.1 prefix-list default in!ip prefix-list aggregate permit 221.10.0.0/19ip prefix-list default permit 0.0.0.0/0APRICOT2003 2003, Cisco Systems, Inc. All rights reserved.55

Two links to different ISPs (one asbackup only) Router B Configurationrouter bgp 130network 221.10.0.0 mask 255.255.224.0neighbor 220.1.5.1 remote-as 120neighbor 220.1.5.1 prefix-list aggregate outneighbor 220.1.5.1 route-map routerD-out outneighbor 220.1.5.1 prefix-list default inneighbor 220.1.5.1 route-map routerD-in in!ip prefix-list aggregate permit 221.10.0.0/19ip prefix-list default permit 0.0.0.0/0!route-map routerD-out permit 10set as-path prepend 130 130 130!route-map routerD-in permit 10set local-preference 80APRICOT2003 2003, Cisco Systems, Inc. All rights reserved.56

Two links to different ISPs (withloadsharing) Announce /19 aggregate on each link Split /19 and announce as two /20s, one oneach linkbasic inbound loadsharing When one link fails, the announcement of the/19 aggregate via the other ISP ensurescontinued connectivityAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.58

Two links to different ISPs (withloadsharing) Router A Configurationrouter bgp 130network 221.10.0.0 mask 255.255.224.0network 221.10.0.0 mask 255.255.240.0neighbor 222.222.10.1 remote-as 100neighbor 222.222.10.1 prefix-list firstblock outneighbor 222.222.10.1 prefix-list default in!ip prefix-list default permit 0.0.0.0/0!ip prefix-list firstblock permit 221.10.0.0/20ip prefix-list firstblock permit 221.10.0.0/19APRICOT2003 2003, Cisco Systems, Inc. All rights reserved.60

Two links to different ISPs (withloadsharing) Router B Configurationrouter bgp 130network 221.10.0.0 mask 255.255.224.0network 221.10.16.0 mask 255.255.240.0neighbor 220.1.5.1 remote-as 120neighbor 220.1.5.1 prefix-list secondblock outneighbor 220.1.5.1 prefix-list default in!ip prefix-list default permit 0.0.0.0/0!ip prefix-list secondblock permit 221.10.16.0/20ip prefix-list secondblock permit 221.10.0.0/19APRICOT2003 2003, Cisco Systems, Inc. All rights reserved.61

Loadsharing with different ISPs Announce /19 aggregate on each linkOn first link, announce /19 as normalOn second link, announce /19 with longer ASPATH, and announce one /20 subprefixcontrols loadsharing between upstreams and theInternet Vary the subprefix size and AS PATH lengthuntil “perfect” loadsharing achieved Still require redundancy!APRICOT2003 2003, Cisco Systems, Inc. All rights reserved.63

Loadsharing with different ISPs Router A Configurationrouter bgp 130network 221.10.0.0 mask 255.255.224.0neighbor 222.222.10.1 remote-as 100neighbor 222.222.10.1 prefix-list default inneighbor 222.222.10.1 prefix-list aggregate out!ip prefix-list aggregate permit 221.10.0.0/19APRICOT2003 2003, Cisco Systems, Inc. All rights reserved.65

Loadsharing with different ISPs Router B Configurationrouter bgp 130network 221.10.0.0 mask 255.255.224.0network 221.10.16.0 mask 255.255.240.0neighbor 220.1.5.1 remote-as 120neighbor 220.1.5.1 prefix-list default inneighbor 220.1.5.1 prefix-list subblocks outneighbor 220.1.5.1 route-map routerD out!route-map routerD permit 10match ip address prefix-list aggregateset as-path prepend 130 130route-map routerD permit 20!ip prefix-list subblocks permit 221.10.0.0/19 le 20ip prefix-list aggregate permit 221.10.0.0/19APRICOT2003 2003, Cisco Systems, Inc. All rights reserved.66

Service Provider Multihoming Previous examples dealt with loadsharinginbound trafficOf primary concern at Internet edgeWhat about outbound traffic? Transit ISPs strive to balance traffic flows in bothdirectionsBalance link utilisationTry and keep most traffic flows symmetricAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.69

Service Provider Multihoming Balancing outbound traffic requires inboundrouting informationCommon solution is “full routing table”Rarely necessaryWhy use the “routing mallet” to try solve loadsharingproblems?“Keep It Simple” is often easier (and cheaper) thancarrying N-copies of the full routing tableAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.70

Service Provider Multihoming ExamplesOne upstream, one local peerOne upstream, local exchange pointTwo upstreams, one local peerTier-1 and regional upstreams, with local peersDisconnected BackboneIDC Multihoming All examples require BGP and a public ASNAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.71

One Upstream, One Local Peer Announce /19 aggregate on each link Accept default route only from upstreamEither 0.0.0.0/0 or a network which can be used asdefault Accept all routes from local peerAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.73

One Upstream, One Local Peer Router A Configurationrouter bgp 110network 221.10.0.0 mask 255.255.224.0neighbor 222.222.10.2 remote-as 120neighbor 222.222.10.2 prefix-list my-block outneighbor 222.222.10.2 prefix-list AS120-peer in!ip prefix-list AS120-peer permit 222.5.16.0/19ip prefix-list AS120-peer permit 221.240.0.0/20ip prefix-list my-block permit 221.10.0.0/19!ip route 221.10.0.0 255.255.224.0 null0APRICOT2003 2003, Cisco Systems, Inc. All rights reserved.75

One Upstream, One Local Peer Router A – Alternative Configurationrouter bgp 110network 221.10.0.0 mask 255.255.224.0neighbor 222.222.10.2 remote-as 120neighbor 222.222.10.2 prefix-list my-block outneighbor 222.222.10.2 filter-list 10 in!ip as-path access-list 10 permit (120 ) !ip prefix-list my-block permit 221.10.0.0/19!ip route 221.10.0.0 255.255.224.0 null0APRICOT2003 2003, Cisco Systems, Inc. All rights reserved.76

One Upstream, One Local Peer Router C Configurationrouter bgp 110network 221.10.0.0 mask 255.255.224.0neighbor 222.222.10.1 remote-as 130neighbor 222.222.10.1 prefix-list default inneighbor 222.222.10.1 prefix-list my-block out!ip prefix-list my-block permit 221.10.0.0/19ip prefix-list default permit 0.0.0.0/0!ip route 221.10.0.0 255.255.224.0 null0APRICOT2003 2003, Cisco Systems, Inc. All rights reserved.77

One Upstream, One Local Peer Two configurations possible for Router AFilter-lists assume peer knows what they aredoingPrefix-list higher maintenance, but saferSome ISPs use both Local traffic goes to and from local peer,everything else goes to upstreamAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.78

One Upstream, Local Exchange Point Announce /19 aggregate to everyneighbouring AS Accept default route only from upstreamEither 0.0.0.0/0 or a network which can be used asdefault Accept all routes from IXP peersAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.80

One Upstream, Local Exchange Point Router A Configurationinterface fastethernet 0/0description Exchange Point LANip address 220.5.10.1 mask 255.255.255.224ip verify unicast reverse-pathno ip directed-broadcastno ip proxy-arpno ip redirects!router bgp 110network 221.10.0.0 mask 255.255.224.0neighbor ixp-peers peer-groupneighbor ixp-peers soft-reconfiguration inneighbor ixp-peers prefix-list my-block out.next slideAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.82

One Upstream, Local Exchange Pointneighbor 220.5.10.2 remote-as 100neighbor 222.5.10.2 peer-group ixp-peersneighbor 222.5.10.2 prefix-list peer100 inneighbor 220.5.10.3 remote-as 101neighbor 222.5.10.3 peer-group ixp-peersneighbor 222.5.10.3 prefix-list peer101 inneighbor 220.5.10.4 remote-as 102neighbor 222.5.10.4 peer-group ixp-peersneighbor 222.5.10.4 prefix-list peer102 inneighbor 220.5.10.5 remote-as 103neighbor 222.5.10.5 peer-group ixp-peersneighbor 222.5.10.5 prefix-list peer103 in.next slideAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.83

One Upstream, Local Exchange Pointip route 221.10.0.0 255.255.224.0 null0!ip prefix-list my-block permit 221.10.0.0/19ip prefix-list peer100 permit 222.0.0.0/19ip prefix-list peer101 permit 222.30.0.0/19ip prefix-list peer102 permit 222.12.0.0/19ip prefix-list peer103 permit 222.18.128.0/19!APRICOT2003 2003, Cisco Systems, Inc. All rights reserved.84

One Upstream, Local Exchange Point Router C Configurationrouter bgp 110network 221.10.0.0 mask 255.255.224.0neighbor 222.222.10.1 remote-as 130neighbor 222.222.10.1 prefix-list default inneighbor 222.222.10.1 prefix-list my-block out!ip prefix-list my-block permit 221.10.0.0/19ip prefix-list default permit 0.0.0.0/0!ip route 221.10.0.0 255.255.224.0 null0APRICOT2003 2003, Cisco Systems, Inc. All rights reserved.85

One Upstream, Local Exchange Point Note Router A configurationPrefix-list higher maintenance, but saferuRPF on the FastEthernet interface IXP traffic goes to and from local IXP,everything else goes to upstreamAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.86

Two Upstreams, One Local Peer Announce /19 aggregate on each link Accept default route only from upstreamsEither 0.0.0.0/0 or a network which can be used asdefault Accept all routes from local peerAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.88

Two Upstreams, One Local Peer Router ASame routing configuration as in example withone upstream and one local peerSame hardware configurationAPRICOT2003 2003, Cisco Systems, Inc. All rights reserved.90

Two Upstreams, One Local Peer Router C Configurationrouter bgp 110network 221.10.0.0 mask 255.255.224.0neighbor 222.222.10.1 remote-as 130neighbor 222.222.10.1 prefix-list default inneighbor 222.222.10.1 prefix-list my-block out!ip prefix-list my-block permit 221.10.0.0/19ip prefix-list default permit 0.0.0.0/0!ip route 221.10.0.0 255.255.224.0 null0APRICOT2003 2003, Cisco Systems, Inc. All rights reserved.91

Two Upstreams, One Local Peer Router D Configurationrouter bgp 110network 221.10.0.0 mask 255.255.224.0neighbor 222.222.10.5 remote-as 140neighbor 222.222.10.5 prefix-list default inneighbor 222.222.10.5 prefix-list my-block out!ip prefix-list my-block permit 221.10.0.0/19ip prefix-list default permit 0.0.0.0/0!ip route 221.10.0.0 255.255.224.0 null0APRICOT2003 2

Multihoming to the same ISP Use BGP for this type of multihoming use a private AS (ASN 64511) upstream ISP proxy aggregates in other words, announces only your address block to the Internet (as would be done if you had one statically routed connection)