Transcription
BGP MultihomingTechniquesPhilip Smithphilip@apnic.netMENOG 1022nd April – 1st May 2012Dubai
Presentation Slidesp Available onn n p ltihoming.pdfAnd on the MENOG10 websiteFeel free to ask questions any time
Preliminariesp Presentation has many configurationexamplesn p Uses Cisco IOS CLIAimed at Service Providersn Techniques can be used by many enterprisestoo
BGP Multihoming TechniquesWhy Multihome?p Definition & Optionsp How to Multihomep Principles & Addressingp Basic Multihomingp Service Provider Multihomingp Using Communitiesp
Why Multihome?It’s all about redundancy,diversity & reliability
Why Multihome?p Redundancyn One connection to internet means the networkis dependent on:p p p Local router (configuration, software, hardware)WAN media (physical failure, carrier failure)Upstream Service Provider (configuration, software,hardware)
Why Multihome?p Reliabilityn n Business critical applications demandcontinuous availabilityLack of redundancy implies lack of reliabilityimplies loss of revenue
Why Multihome?p Supplier Diversityn n Many businesses demand supplier diversity asa matter of courseInternet connection from two or more suppliersp p p p With two or more diverse WAN pathsWith two or more exit pointsWith two or more international connectionsTwo of everything
Why Multihome?Not really a reason, but oft quoted p Leverage:p n Playing one ISP off against the other for:p p p Service QualityService OfferingsAvailability
Why Multihome?p Summary:n n Multihoming is easy to demand as requirementfor any service provider or end-site networkBut what does it really mean:p p p n In real life?For the network?For the Internet?And how do we do it?
BGP Multihoming TechniquesWhy Multihome?p Definition & Optionsp How to Multihomep Principles & Addressingp Basic Multihomingp Service Provider Multihomingp Using Communitiesp
Multihoming: Definitions& OptionsWhat does it mean, what do weneed, and how do we do it?
Multihoming Definitionp More than one link external to the localnetworkn n p two or more links to the same ISPtwo or more links to different ISPsUsually two external facing routersn one router gives link and provider redundancyonly
Autonomous System Number(ASN)p Two rangesn n p (original 16-bit range)(32-bit range – RFC4893)Usage:n n n n n n n p 0-6553565536-42949672950 and 65552-4294967295(reserved)(public Internet)(documentation – RFC5398)(private use only)(represent 32-bit range in 16-bit world)(documentation – RFC5398)(public Internet)32-bit range representation specified in RFC5396n Defines “asplain” (traditional format) as standard notation
Autonomous System Number(ASN)p ASNs are distributed by the Regional InternetRegistriesn n p p Current 16-bit ASN allocations up to 59391 havebeen made to the RIRsEach RIR has also received a block of 32-bit ASNsn p They are also available from upstream ISPs who aremembers of one of the RIRsAround 39700 are visible on the InternetOut of 2100 assignments, around 1700 are visible onthe InternetSee www.iana.org/assignments/as-numbers
Private-AS – Applicationp Applicationsn n n An ISP with customersmultihomed on theirbackbone (RFC2270)-orA corporate networkwith several regionsbut connections to theInternet only in thecore-orWithin a /22 188016
Private-AS – Removalp Private ASNs MUST be removed from allprefixes announced to the public Internetn p As with RFC1918 address space, privateASNs are intended for internal usen p Include configuration to remove private ASNsin the eBGP templateThey should not be leaked to the publicInternetCisco IOSneighbor x.x.x.x remove-private-AS
Transit/Peering/Defaultp Transitn n p Peeringn n n p Carrying traffic across a networkUsually for a feeExchanging locally sourced routing informationand trafficUsually for no feeSometimes called settlement free peeringDefaultn Where to send traffic when there is no explicitmatch in the routing table
Configuring Policyp Three BASIC Principles for IOSconfiguration examples throughoutpresentation:n n n p prefix-lists to filter prefixesfilter-lists to filter ASNsroute-maps to apply policyRoute-maps can be used for filtering, butthis is more “advanced” configuration
Policy Toolsp Local preferencen p Metric (MED)n p inbound traffic flows (local scope)AS-PATH prependn p outbound traffic flowsinbound traffic flows (Internet scope)Communitiesn specific inter-provider peering
Originating Prefixes: AssumptionsMUST announce assigned address block toInternetp MAY also announce subprefixes –reachability is not guaranteedp Current minimum allocation is from /20to /24 depending on the RIRp n n n Several ISPs filter RIR blocks on this boundarySeveral ISPs filter the rest of address spaceaccording to the IANA assignmentsThis activity is called “Net Police” by some
Originating Prefixesp The RIRs publish their minimum allocation sizes per /8 address blockn n n n n n p IANA publishes the address space it has assigned to end-sites andallocated to the RIRs:n p N:www.arin.net/reference/ip lRIPE mlNote that AfriNIC only publishes its current minimum allocation size, notthe allocation size for its address everal ISPs use this published information to filter prefixes on:n n What should be routed (from IANA)The minimum allocation size from the RIRs
“Net Police” prefix list issuesp p p p p Meant to “punish” ISPs who pollute the routing table withspecifics rather than announcing aggregatesImpacts legitimate multihoming especially at the Internet’sedgeImpacts regions where domestic backbone is unavailable orcosts compared with international bandwidthHard to maintain – requires updating when RIRs startallocating from new address blocksDon’t do it unless consequences understood and you areprepared to keep the list currentn n Consider using the Team Cymru or other reputable bogon rver.html
BGP Multihoming TechniquesWhy Multihome?p Definition & Optionsp How to Multihomep Principles & Addressingp Basic Multihomingp Service Provider Multihomingp Using Communitiesp
How to MultihomeChoosing between transit andpeer
Transitsp Transit provider is another autonomous systemwhich is used to provide the local network withaccess to other networksn n p Might be local or regional onlyBut more usually the whole InternetTransit providers need to be chosen wisely:n Only onep n Too manyp p p p no redundancymore difficult to load balanceno economy of scale (costs more per Mbps)hard to provide service qualityRecommendation: at least two, no morethan three
Common Mistakesp ISPs sign up with too many transit providersn n n p Lots of small circuits (cost more per Mbps than largerones)Transit rates per Mbps reduce with increasing transitbandwidth purchasedHard to implement reliable traffic engineering thatdoesn’t need daily fine tuning depending on customeractivitiesNo diversityn n Chosen transit providers all reached over same satelliteor same submarine cableChosen transit providers have poor onward transit andpeering
Peersp p A peer is another autonomous system with whichthe local network has agreed to exchange locallysourced routes and trafficPrivate peern p Public peern p Private link between two providers for the purpose ofinterconnectingInternet Exchange Point, where providers meet andfreely decide who they will interconnect withRecommendation: peer as much as possible!
Common MistakesMistaking a transit provider’s “Exchange”business for a no-cost public peering pointp Not working hard to get as much peeringas possiblep n n p Physically near a peering point (IXP) but notpresent at it(Transit sometimes is cheaper than peering!!)Ignoring/avoiding competitors becausethey are competitionn Even though potentially valuable peeringpartner to give customers a better experience
Multihoming ScenariosStub networkp Multi-homed stub networkp Multi-homed networkp Multiple sessions to another ASp
Stub NetworkAS101AS100p p p p No need for BGPPoint static default to upstream ISPUpstream ISP advertises stub networkPolicy confined within upstream ISP’s policy
Multi-homed Stub NetworkAS65530AS100p p p p Use BGP (not IGP or static) to loadshareUse private AS (ASN 64511)Upstream ISP advertises stub networkPolicy confined within upstream ISP’s policy
Multi-homed NetworkGlobal InternetAS200AS300AS100p Many situations possiblen n n n multiple sessions to same ISPsecondary for backup onlyload-share between primary and secondaryselectively use different ISPs
Multiple Sessions to an AS– ebgp multihopp Use ebgp-multihopn n p Run eBGP between loopback addresseseBGP prefixes learned with loopback address asnext hopCisco IOSrouter bgp 100neighbor 1.1.1.1neighbor 1.1.1.1!ip route 1.1.1.1ip route 1.1.1.1ip route 1.1.1.1p AS 2001.1.1.1remote-as 200ebgp-multihop 2B255.255.255.255 serial 1/0255.255.255.255 serial 1/1255.255.255.255 serial 1/2Common error made is to point remoteloopback route at IP address rather thanspecific linkAAS 100
Multiple Sessions to an AS– ebgp multihopp One serious eBGP-multihopcaveat:n n R1 and R3 are eBGP peersthat are loopback peeringConfigured with:neighbor x.x.x.x ebgp-multihop 2n p If the R1 to R3 link goesdown the session couldestablish via R2Usually happens whenrouting to remote loopbackis dynamic, rather thanstatic pointing at a linkR1R3AS 100AS 200R2Desired PathUsed Path
Multiple Sessions to an ISP– ebgp multihopp Try and avoid use of ebgp-multihopunless:n n p It’s absolutely necessary –or–Loadsharing across multiple linksMany ISPs discourage its use, forexample:We will run eBGP multihop, but do not support it as a standard offeringbecause customers generally have a hard time managing it due to: routing loops failure to realise that BGP session stability problems are usually dueconnectivity problems between their CPE and their BGP speaker36
Multiple Sessions to an AS– bgp multi pathp p p Three BGP sessions requiredPlatform limit on number of paths(could be as little as 6)Full BGP feed makes this unwieldyn AS 2003 copies of Internet Routing Tablegoes into the FIBrouter bgp 100neighbor 1.1.2.1 remote-as 200neighbor 1.1.2.5 remote-as 200neighbor 1.1.2.9 remote-as 200maximum-paths 3AS 100
Multiple Sessions to an AS– bgp attributes & filtersp p p Simplest scheme is to usedefaultsLearn/advertise prefixes forbetter controlPlanning and some workrequired to achieve loadsharingn n n p Point default towards one ISPLearn selected prefixes fromsecond ISPModify the number of prefixeslearnt to achieve acceptable loadsharingNo magic solutionAS 200CDABAS 201
BGP Multihoming TechniquesWhy Multihome?p Definition & Optionsp How to Multihomep Principles & Addressingp Basic Multihomingp Service Provider Multihomingp Using Communitiesp
Basic Principles ofMultihomingLet’s learn to walk before we tryrunning 40
The Basic Principlesp Announcing address space attracts trafficn (Unless policy in upstream providersinterferes)Announcing the ISP aggregate out a linkwill result in traffic for that aggregatecoming in that linkp Announcing a subprefix of an aggregateout a link means that all traffic for thatsubprefix will come in that link, even if theaggregate is announced somewhere elsep n The most specific announcement wins!41
The Basic Principlesp To split traffic between two links:n n n p Announce the aggregate on both links - ensuresredundancyAnnounce one half of the address space on each link(This is the first step, all things being equal)Results in:n n n Traffic for first half of address space comes in first linkTraffic for second half of address space comes in secondlinkIf either link fails, the fact that the aggregate isannounced ensures there is a backup path42
The Basic Principlesp The keys to successful multihomingconfiguration:n n n n n Keeping traffic engineering prefixannouncements independent of customer iBGPUnderstanding how to announce aggregatesUnderstanding the purpose of announcingsubprefixes of aggregatesUnderstanding how to manipulate BGPattributesToo many upstreams/external paths makesmultihoming harder (2 or 3 is enough!)43
IP Addressing &MultihomingHow Good IP Address Plansassist with Multihoming44
IP Addressing & Multihomingp p IP Address planning is an important part ofMultihomingPreviously have discussed separating:n n n n Customer address spaceCustomer p-t-p link address spaceInfrastructure p-t-p link address spaceLoopback address space101.10.0.0/21101.10.0.1101.10.5.255Customer Address & p-t-p links101.10.6.255 /24Infrastructure Loopbacks45
IP Addressing & Multihomingp ISP Router loopbacks and backbone point to pointlinks make up a small part of total address spacen p Links from ISP Aggregation edge to customerrouter needs one /30n n p And they don’t attract traffic, unlike customer addressspaceSmall requirements compared with total address spaceSome ISPs use IP unnumberedPlanning customer assignments is a veryimportant part of multihomingn Traffic engineering involves subdividing aggregate intopieces until load balancing works46
Unplanned IP addressingp ISP fills up customer IP addressing from one endof the range:101.10.0.0/2112345Customer Addressesp ISPCustomers generate trafficn n n Dividing the range into two pieces will result in one /22with all the customers, and one /22 with just the ISPinfrastructure the addressesNo loadbalancing as all traffic will come in the first /22Means further subdivision of the first /22 harder work47
Planned IP addressingp If ISP fills up customer addressing from bothends of the range:101.10.0.0/21p 135792 4 6 810Customer AddressesCustomer AddressesScheme then is:n p ISPFirst customer from first /22, second customer fromsecond /22, third from first /22, etcThis works also for residential versus commercialcustomers:n n Residential from first /22Commercial from second /2248
Planned IP AddressingThis works fine for multihoming betweentwo upstream links (same or differentproviders)p Can also subdivide address space to suitmore than two upstreamsp n p Follow a similar scheme for populating eachportion of the address spaceDon’t forget to always announce anaggregate out of each link49
BGP Multihoming TechniquesWhy Multihome?p Definition & Optionsp How to Multihomep Principles & Addressingp Basic Multihomingp Service Provider Multihomingp Using Communitiesp
Basic MultihomingLet’s try some simple workedexamples
Basic MultihomingNo frills multihomingp Will look at two cases:p n n p Multihoming with the same ISPMultihoming to different ISPsWill keep the examples easyn n Understanding easy concepts will make themore complex scenarios easier to comprehendAll assume that the site multihoming has a /19address block
Basic Multihomingp This type is most commonplace at theedge of the Internetn n p Networks here are usually concerned withinbound traffic flowsOutbound traffic flows being “nearest exit” isusually sufficientCan apply to the leaf ISP as well asEnterprise networks
Basic MultihomingMultihoming to the Same ISP
Basic Multihoming:Multihoming to the same ISPp Use BGP for this type of multihomingn n use a private AS (ASN 64511)There is no need or justification for a publicASNp p Making the nets of the end-site visible gives no usefulinformation to the InternetUpstream ISP proxy aggregatesn in other words, announces only your addressblock to the Internet from their AS (as wouldbe done if you had one statically routedconnection)
Two links to the same ISPOne link primary, the other linkbackup only
Two links to the same ISP(one as backup only)p Applies when end-site has bought a largeprimary WAN link to their upstream asmall secondary WAN link as the backupn For example, primary path might be an E1,backup might be 64kbps
Two links to the same ISP(one as backup only)primaryCAAS 100Ep AS 65534DBbackupAS100 removes private AS and anycustomer subprefixes from Internetannouncement
Two links to the same ISP(one as backup only)p Announce /19 aggregate on each linkn primary link:p p n backup link:p p p Outbound – announce /19 unalteredInbound – receive default routeOutbound – announce /19 with increased metricInbound – received default, and reduce localpreferenceWhen one link fails, the announcement ofthe /19 aggregate via the other linkensures continued connectivity
Two links to the same ISP(one as backup only)p Router A Configurationrouter bgp 65534network 121.10.0.0 mask 255.255.224.0neighbor 122.102.10.2 remote-as 100neighbor 122.102.10.2 description RouterCneighbor 122.102.10.2 prefix-list aggregate outneighbor 122.102.10.2 prefix-list default in!ip prefix-list aggregate permit 121.10.0.0/19ip prefix-list default permit 0.0.0.0/0!ip route 121.10.0.0 255.255.224.0 null060
Two links to the same ISP(one as backup only)p Router B Configurationrouter bgp 65534network 121.10.0.0 mask 255.255.224.0neighbor 122.102.10.6 remote-as 100neighbor 122.102.10.6 description RouterDneighbor 122.102.10.6 prefix-list aggregate outneighbor 122.102.10.6 route-map routerD-out outneighbor 122.102.10.6 prefix-list default inneighbor 122.102.10.6 route-map routerD-in in!.next slide61
Two links to the same ISP(one as backup only)ip prefix-list aggregate permit 121.10.0.0/19ip prefix-list default permit 0.0.0.0/0!ip route 121.10.0.0 255.255.224.0 null0!route-map routerD-out permit 10set metric 10!route-map routerD-in permit 10set local-preference 90!62
Two links to the same ISP(one as backup only)p Router C Configuration (main link)router bgp 100neighbor 122.102.10.1 remote-as 65534neighbor 122.102.10.1 default-originateneighbor 122.102.10.1 prefix-list Customer inneighbor 122.102.10.1 prefix-list default out!ip prefix-list Customer permit 121.10.0.0/19ip prefix-list default permit 0.0.0.0/063
Two links to the same ISP(one as backup only)p Router D Configuration (backup link)router bgp 100neighbor 122.102.10.5 remote-as 65534neighbor 122.102.10.5 default-originateneighbor 122.102.10.5 prefix-list Customer inneighbor 122.102.10.5 prefix-list default out!ip prefix-list Customer permit 121.10.0.0/19ip prefix-list default permit 0.0.0.0/064
Two links to the same ISP(one as backup only)p Router E Configurationrouter bgp 100neighbor 122.102.10.17neighbor 122.102.10.17neighbor 122.102.10.17!ip prefix-list Customerp p remote-as 110remove-private-ASprefix-list Customer outpermit 121.10.0.0/19Router E removes the private AS and customer’ssubprefixes from external announcementsPrivate AS still visible inside AS10065
Two links to the same ISPWith Loadsharing
Loadsharing to the same ISPMore common casep End sites tend not to buy circuits andleave them idle, only used for backup asin previous examplep This example assumes equal capacitycircuitsp n Unequal capacity circuits requires morerefinement – see later
Loadsharing to the same ISPLink oneCAAS 100Ep AS 65534DBLink twoBorder router E in AS100 removes private AS and anycustomer subprefixes from Internet announcement68
Loadsharing to the same ISPp p Announce /19 aggregate on each linkSplit /19 and announce as two /20s, one on eachlinkn n p p basic inbound loadsharingassumes equal circuit capacity and even spread of trafficacross address blockVary the split until “perfect” loadsharing achievedAccept the default from upstreamn n basic outbound loadsharing by nearest exitokay in first approx as most ISP and end-site traffic isinbound
Loadsharing to the same ISP(with redundancy)p Router A Configurationrouter bgp 65534network 121.10.0.0 mask 255.255.224.0network 121.10.0.0 mask 255.255.240.0neighbor 122.102.10.2 remote-as 100neighbor 122.102.10.2 prefix-list routerC outneighbor 122.102.10.2 prefix-list default in!ip prefix-list default permit 0.0.0.0/0ip prefix-list routerC permit 121.10.0.0/20ip prefix-list routerC permit 121.10.0.0/19!ip route 121.10.0.0 255.255.240.0 null0ip route 121.10.0.0 255.255.224.0 null070
Loadsharing to the same ISP(with redundancy)p Router C Configurationrouter bgp 100neighbor 122.102.10.1 remote-as 65534neighbor 122.102.10.1 default-originateneighbor 122.102.10.1 prefix-list Customer inneighbor 122.102.10.1 prefix-list default out!ip prefix-list Customer permit 121.10.0.0/19 le 20ip prefix-list default permit 0.0.0.0/0p p Router C only allows in /19 and /20 prefixes fromcustomer blockRouter D configuration is identical71
Loadsharing to the same ISP(with redundancy)p Router E Configurationrouter bgp 100neighbor 122.102.10.17neighbor 122.102.10.17neighbor 122.102.10.17!ip prefix-list Customerp remote-as 110remove-private-ASprefix-list Customer outpermit 121.10.0.0/19Private AS still visible inside AS10072
Loadsharing to the same ISP(with redundancy)p Default route for outbound traffic?n n Use default-information originate for the IGPand rely on IGP metrics for nearest exite.g. on router A:router ospf 65534default-information originate metric 2 metric-type 173
Loadsharing to the same ISPLoadsharing configuration is only oncustomer routerp Upstream ISP has top n n p remove customer subprefixes from externalannouncementsremove private AS from externalannouncementsCould also use BGP communities
Two links to the same ISPMultiple Dualhomed Customers(RFC2270)
Multiple Dualhomed Customers(RFC2270)p Unusual for an ISP just to have onedualhomed customern n p Valid/valuable service offering for an ISP withmultiple PoPsBetter for ISP than having customer multihomewith another provider!Look at scaling the configurationn n n Simplifying the configurationUsing templates, peer-groups, etcEvery customer has the same configuration(basically)
Multiple Dualhomed Customers(RFC2270)CAS 100EA1AS 65534B1DA2AS 65534B2A3p Border router E in AS100 removesprivate AS and any customersubprefixes from InternetannouncementAS 65534B377
Multiple Dualhomed Customers(RFC2270)Customer announcements as per previousexamplep Use the same private AS for eachcustomerp n n n p documented in RFC2270address space is not overlappingeach customer hears default onlyRouter An and Bn configuration same asRouter A and B previously
Multiple Dualhomed Customers(RFC2270)p Router A1 Configurationrouter bgp 65534network 121.10.0.0 mask 255.255.224.0network 121.10.0.0 mask 255.255.240.0neighbor 122.102.10.2 remote-as 100neighbor 122.102.10.2 prefix-list routerC outneighbor 122.102.10.2 prefix-list default in!ip prefix-list default permit 0.0.0.0/0ip prefix-list routerC permit 121.10.0.0/20ip prefix-list routerC permit 121.10.0.0/19!ip route 121.10.0.0 255.255.240.0 null0ip route 121.10.0.0 255.255.224.0 null079
Multiple Dualhomed Customers(RFC2270)p Router C Configurationrouter bgp 100neighbor bgp-customers peer-groupneighbor bgp-customers remote-as 65534neighbor bgp-customers default-originateneighbor bgp-customers prefix-list default outneighbor 122.102.10.1 peer-group bgp-customersneighbor 122.102.10.1 description Customer Oneneighbor 122.102.10.1 prefix-list Customer1 inneighbor 122.102.10.9 peer-group bgp-customersneighbor 122.102.10.9 description Customer Twoneighbor 122.102.10.9 prefix-list Customer2 in80
Multiple Dualhomed Customers(RFC2270)neighbor 122.102.10.17 peer-group bgp-customersneighbor 122.102.10.17 description Customer Threeneighbor 122.102.10.17 prefix-list Customer3 in!ipipipipp er1 permit 121.10.0.0/19 le 20Customer2 permit 121.16.64.0/19 le 20Customer3 permit 121.14.192.0/19 le 20default permit 0.0.0.0/0Router C only allows in /19 and /20 prefixes fromcustomer block81
Multiple Dualhomed Customers(RFC2270)p Router E Configurationassumes customer address space is not part ofupstream’s address blockrouter bgp 100neighbor 122.102.10.17 remote-as 110neighbor 122.102.10.17 remove-private-ASneighbor 122.102.10.17 prefix-list Customers out!ip prefix-list Customers permit 121.10.0.0/19ip prefix-list Customers permit 121.16.64.0/19ip prefix-list Customers permit 121.14.192.0/19n p Private AS still visible inside AS10082
Multiple Dualhomed Customers(RFC2270)p If customers’ prefixes come from ISP’s addressblockn n p do NOT announce them to the Internetannounce ISP aggregate onlyRouter E configuration:router bgp 100neighbor 122.102.10.17 remote-as 110neighbor 122.102.10.17 prefix-list my-aggregate out!ip prefix-list my-aggregate permit 121.8.0.0/1383
Multihoming SummaryUse private AS for multihoming to thesame upstreamp Leak subprefixes to upstream only to aidloadsharingp Upstream router E configuration isidentical across all situationsp 84
Basic MultihomingMultihoming to different ISPs
Two links to different ISPsp Use a Public ASn n p Address space comes fromn n p Or use private AS if agreed with the other ISPBut some people don’t like the “inconsistentAS” which results from use of a private-ASboth upstreams orRegional Internet RegistryConfiguration concepts very similar
Inconsistent-AS?p Viewing the prefixesoriginated by AS65534 inthe Internet shows theyappear to be originatedby both AS210 andAS200n n p This is NOT badNor is it illegalIOS command isAS 65534AS 200AS 210show ip bgp inconsistent-asInternet87
Two links to differentISPsOne link primary, the other linkbackup only
Two links to different ISPs(one as backup only)InternetAS 100AS 120CAnnounce /19 blockDABAnnounce /19 blockwith longer AS PATHAS 13089
Two links to different ISPs(one as backup only)p Announce /19 aggregate on each linkn n p primary link makes standard announcementbackup link lengthens the AS PATH by usingAS PATH prependWhen one link fails, the announcement ofthe /19 aggregate via the other linkensures continued connectivity
Two links to different ISPs(one as backup only)p Router A Configurationrouter bgp 130network 121.10.0.0 mask 255.255.224.0neighbor 122.102.10.1 remote-as 100neighbor 122.102.10.1 prefix-list aggregate outneighbor 122.102.10.1 prefix-list default in!ip prefix-list aggregate permit 121.10.0.0/19ip prefix-list default permit 0.0.0.0/0!ip route 121.10.0.0 255.255.224.0 null091
Two links to different ISPs(one as backup only)p Router B Configurationrouter bgp 130network 121.10.0.0 mask 255.255.224.0neighbor 120.1.5.1 remote-as 120neighbor 120.1.5.1 prefix-list aggregate outneighbor 120.1.5.1 route-map routerD-out outneighbor 120.1.5.1 prefix-list default inneighbor 120.1.5.1 route-map routerD-in in!ip prefix-list aggregate permit 121.10.0.0/19ip prefix-list default permit 0.0.0.0/0!route-map routerD-out permit 10set as-path prepend 130 130 130!route-map routerD-in permit 10set local-preference 8092
Two links to different ISPs(one as backup only)p Not a common situation as most sites tendto prefer using whatever capacity theyhaven p (Useful when two competing ISPs agree toprovide mutual backup to each other)But it shows the basic concepts of usinglocal-prefs and AS-path prepends forengineering traffic in the chosen direction
Two links to differentISPsWith Loadsharing
Two links to different ISPs(with loadsharing)InternetAS 100AS 120CAnnounce first/20 and /19 blockDABAnnounce second/20 and /19 blockAS 13095
Two links to different ISPs(with loadsharing)Announce /19 aggregate on each linkp Split /19 and announce as two /20s, oneon each linkp n p basic inbound loadsharingWhen one link fails, the announcement ofthe /19 aggregate via the other ISPensures continued connectivity
Two links to different ISPs(with loadsharing)p Router A Configurationrouter bgp 130network 121.10.0.0 mask 255.255.224.0network 121.10.0.0 mask 255.255.240.0neighbor 122.102.10.1 remote-as 100neighbor 122.102.10.1 prefix-list firstblock outneighbor 122.102.10.1 prefix-list default in!ip prefix-list default permit 0.0.0.0/0!ip prefix-list firstblock permit 121.10.0.0/20ip prefix-list firstblock permit 121.10.0.0/1997
Two links to different ISPs(with loadsharing)p Router B Configurationrouter bgp 130network 121.10.0.0 mask 255.255.224.0network 121.10.16.0 mask 255.255.240.0neighbor 120.1.5.1 remote-as 120neighbor 120.1.5.1 prefix-list secondblock outneighbor 120.1.5.1 prefix-list default in!ip prefix-list default permit 0.0.0.0/0!ip prefix-list secondblock permit 121.10.16.0/20ip prefix-list secondblock permit 121.10.0.0/1998
Two links to different ISPs(with loadsharing)Loadsharing in this case is very basicp But shows the first steps in designing aload sharing solutionp n n Start with a simple conceptAnd build on it !
Two links to differentISPsMore Controlled Loadsharing
Loadsharing with different ISPsInternetAS 100AS 120CAnnounce /19 blockDABAnnounce /20 subprefix,and /19 block withlonger AS pathAS 130101
Loadsharing with different ISPsp Announce /19 aggregate on each linkn n On first link, announce /19 as normalOn second link, announce /19 with longer ASPATH, and announce one /20 subprefixp controls loadsharing between upstreams and theInternetVary the subprefix size and AS PATHlength until “perfect” loadsharing achievedp Still require redundancy!p
Loadsharing with different ISPsp Router A Configurationrouter bgp 130network 121.10.0.0 mask 255.255.224.0neighbor 122.102.10.1 remote-as 100neighbor 122.102.10.1 prefix-list default inneighbor 122.102.10.1 prefix-list aggregate out!ip prefix-list aggregate permit 121.10.0.0/19ip prefix-list default permit 0.0.0.0/0!ip route 121.10.0.0 255.255.224.0 null0103
Loadsharing with different ISPsp Router B Configurationrouter bgp 130network 121.10.0.0 mask 255.255.224.0netwo
- bgp multi path ! Three BGP sessions required ! Platform limit on number of paths (could be as little as 6) ! Full BGP feed makes this unwieldy " 3 copies of Internet Routing Table goes into the FIB router bgp 100 neighbor 1.1.2.1 remote-as 200 neighbor 1.1.2.5 remote-as 200 neighbor 1.1.2.9 remote-as 200 maximum-paths 3
