cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
889
Views
5
Helpful
2
Replies

Optimizing Internet Bound Routing Path

pat.mchenry
Level 1
Level 1

Hi,

 

wanted to get some advice/opinions on Internet path when working with 2 routers.

 

Currently, we have 2, ASRs connecting via BGP accepting a full BGP feed to one provider each. Also, we are running iBGP between the 2, ASRs and exchanging iBGP routes between them.

 

The Internet routers internal interfaces(connecting to our FWs) are running VRRP.  

 

After looking at stats from our network monitor we noticed one provider is used much more frequently in the inbound direction and the other is used more frequently in the outbound direction. I thought this was odd until I noticed the router with the most inbound traffic is in the backup VRRP state by design/config. So, it appears Internet bound traffic is leaving the router that is not the preferred router coming back inbound. Seems appears to be not ideal as we are creating an asymmetrical path.

 

Would you agree the router that experiences the most inbound traffic should be the VRRP master?

 

Or, is using one Internet connection for most outbound traffic and the other Internet connection for inbound traffic and letting VRRP and BGP do its thing, making use of both circuits?

 

I'd like to hear any thoughts on this...

 

Thank you, Pat

 

1 Accepted Solution

Accepted Solutions

Joseph W. Doherty
Hall of Fame
Hall of Fame

"Seems appears to be not ideal as we are creating an asymmetrical path."

With IP, that's not really a bad thing.

The only really bad thing about what you describe might be either your two links are not getting utilized, both in and out, equally, leading to possible more congestion on the busier path or one or both paths get charged for actually usage and you're trying to minimize such charges.

As to VRRP and BGP, eBGP has preference (for equal path) over iBGP, so traffic that hits your VRRP active gateway will use that router's equal cost BGP paths rather than jump to the other router.  I.e. the other router, than you VRRP gateway, will only be used, outbound, if it has a "better" eBGP path.  So, if you move your VRRP active gateway, like the outbound traffic will become even more unequal in volume although it will decrease your cross router traffic (which depending on your interior topology, might be a good thing).

For inbound, much depends on how both you and your ISP are advertising your network(s).

If your concern is just asymmetrical traffic, I wouldn't worry about that.

If your concern is link usage, and link usage charges, then you might want to make some adjustment, including to BGP.

PS:

BTW, in usage, if one Internet BGP path is better than another, it may very well not be.  So, often using full BGP tables buys you little.  If you really want optimal Internet performance, you need something like Cisco's PfR, that actually monitors performance across the Internet.

View solution in original post

2 Replies 2

Joseph W. Doherty
Hall of Fame
Hall of Fame

"Seems appears to be not ideal as we are creating an asymmetrical path."

With IP, that's not really a bad thing.

The only really bad thing about what you describe might be either your two links are not getting utilized, both in and out, equally, leading to possible more congestion on the busier path or one or both paths get charged for actually usage and you're trying to minimize such charges.

As to VRRP and BGP, eBGP has preference (for equal path) over iBGP, so traffic that hits your VRRP active gateway will use that router's equal cost BGP paths rather than jump to the other router.  I.e. the other router, than you VRRP gateway, will only be used, outbound, if it has a "better" eBGP path.  So, if you move your VRRP active gateway, like the outbound traffic will become even more unequal in volume although it will decrease your cross router traffic (which depending on your interior topology, might be a good thing).

For inbound, much depends on how both you and your ISP are advertising your network(s).

If your concern is just asymmetrical traffic, I wouldn't worry about that.

If your concern is link usage, and link usage charges, then you might want to make some adjustment, including to BGP.

PS:

BTW, in usage, if one Internet BGP path is better than another, it may very well not be.  So, often using full BGP tables buys you little.  If you really want optimal Internet performance, you need something like Cisco's PfR, that actually monitors performance across the Internet.

Thank you, Joseph for you thoughtful post.

 

You've given me some inspiration for design changes when we go to replace our Internet routers soon.

 

Thank you, Pat

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco