Solved: AS PrePend - Page 2

Network Pro · ‎02-06-2017

Hi

can someone please throw some light on AS Prepend in BGP multi homing. I understand its for forcing traffic through Primary ISP but does the Prepend need to happen on ISP side or customer side routers ? will this work for incoming and outgoing traffic ?

Also what are the other ways to implement the same ?

does anyone has sample config for the above ?

Thanks

Julio E. Moisa · ‎02-06-2017

Here it go,

The path to 4.4.4.4/32, will be preferred through ISP 1 because R1 is announcing to its iBGP domain a local preference of 25000 (greater is better) and R1 is advertising to the ISP1 a smaller ASPath Prepend, so it will desired for the prefixes coming from behind of ISP1 and 2.

The opposite to R2.

R1

router bgp 100
bgp log-neighbor-changes
neighbor 10.12.0.2 remote-as 200
neighbor 10.12.0.2 route-map LP in
neighbor 10.15.0.5 remote-as 100
neighbor 10.15.0.5 next-hop-self
neighbor 10.15.0.5 route-map PREPEND out
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
!
route-map LP permit 5
match ip address 10
set local-preference 25000
!
route-map PREPEND permit 5
match ip address 10
set as-path prepend 400 400
!
!
access-list 10 permit any

R2

router bgp 100
bgp log-neighbor-changes
neighbor 10.15.0.1 remote-as 100
neighbor 10.15.0.1 next-hop-self
neighbor 10.35.0.3 remote-as 300
neighbor 10.35.0.3 route-map LP in
neighbor 10.35.0.3 route-map PREPEND out
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
!
route-map LP permit 5
match ip address 10
set local-preference 5000
!
route-map PREPEND permit 5
match ip address 10
set as-path prepend 400 400 400 400 400

Please check the picture, if you shutdown the P2P between R1 and R5 you will see that the best path to 4.4.4.4/32 changes, Now it is through R5.

:-)

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

Julio E. Moisa · ‎02-06-2017

Also if you are going to connect these BGP routers to Internet, take in consideration this:

http://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/23675-27.html

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

Network Pro · ‎02-07-2017

thanks for lab again - slightly confused in your diagram isnt R1 and R2 customer routers?

so i am talking about a scenario where R1 and R2 are Customer routers connected to each other running HSRP and on same BGP domain.

R3 and R4 are two independant ISP.

Now i want my traffic going through to R3 (primary) and return traffic coming through R3, if R3 is down then i want traffic going through R4 and return traffic coming through R4

Julio E. Moisa · ‎02-07-2017

Hi,

Yes, you can configure HSRP on my topology, where R1 and R2 belong to the same iBGP domain.

To use local preference and as-path to guarantee the symmetric traffic.

With greater local preference and smaller AS-path prepend you are guarantee the traffic go and come back through R3.

With smaller local preference and greater AS-path prepend you are guarantee the back up path.

A highest local preference is always preferred.
A lowest AS-Path prepend is always preferred.

if R3 is down all the traffic will be moved to R4 automatically.

:-)

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

Network Pro · ‎02-07-2017

so as per you diagram R1 and R5 are customer routers, is this correct?

R2 and R3 are ISP routers, is this correct?

do i need any sort of config or AS Prepend onR2 and R3 isp routers

Julio E. Moisa · ‎02-07-2017

Apologies, yes, R1 and R5 are the costumer routers on my diagram :-)

With my config the vendor is not involved, you have the full control to manipulate the traffic, vendor is not involved to decisions.

R2 and R3 have basic configuration, nothing special.

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

Network Pro · ‎02-07-2017

that clears it up - let me lab this up and get back to you - could you please send me the config for R1/R2/R4 and R5 please?

Thanks

Julio E. Moisa · ‎02-07-2017

Sure, I will share it with you

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

Julio E. Moisa · ‎02-07-2017

R1

router bgp 100
bgp log-neighbor-changes
neighbor 10.12.0.2 remote-as 200
neighbor 10.12.0.2 route-map LP in
neighbor 10.12.0.2 route-map PREPEND out
neighbor 10.15.0.5 remote-as 100
neighbor 10.15.0.5 next-hop-self

!

!
route-map LP permit 5
match ip address 10
set local-preference 25000
!
route-map PREPEND permit 5
match ip address 10
set as-path prepend 400 400
!
!
access-list 10 permit any

R2

router bgp 200
bgp log-neighbor-changes
neighbor 10.12.0.1 remote-as 100
neighbor 10.24.0.4 remote-as 400

R3

router bgp 300
bgp log-neighbor-changes
neighbor 10.34.0.4 remote-as 400
neighbor 10.35.0.5 remote-as 100

R4

router bgp 400
bgp log-neighbor-changes
network 4.4.4.4 mask 255.255.255.255
neighbor 10.24.0.2 remote-as 200
neighbor 10.34.0.3 remote-as 300

R5

router bgp 100
bgp log-neighbor-changes
neighbor 10.15.0.1 remote-as 100
neighbor 10.15.0.1 next-hop-self
neighbor 10.35.0.3 remote-as 300
neighbor 10.35.0.3 route-map LP in
neighbor 10.35.0.3 route-map PREPEND out
!
!
!
route-map LP permit 5
match ip address 10
set local-preference 5000
!
route-map PREPEND permit 5
match ip address 10
set as-path prepend 400 400 400 400 400
!
!
access-list 10 permit any

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

Network Pro · ‎02-07-2017

Thanks will lab it up and get back to you :)

Network Pro · ‎02-09-2017

i labbed it up but cant seem to ping 4.4.4.4 from R1 - i could from R5

checked the routing from R5 says - it goes through R1 but for some reason cant ping from R1 ?

Julio E. Moisa · ‎02-09-2017

Hi

On R1 advertise the loopback 0 on its BGP process, the same for R5, R5's loopback must be advertised under the BGP of R5

and try:

R1
ping 4.4.4.4 source 1.1.1.1

R5

ping 5.5.5.5 source 4.4.4.4

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

Network Pro · ‎02-09-2017

just wondering why does the failover take a long time (around a minute) from when i shutdown R2 (Primary ISP) router ?

fallback is quick

Julio E. Moisa · ‎02-09-2017

Hi,

BGP usually takes a long time to terminate the session, you could use fall over. You can also use: clear bgp * soft to make a soft refresh on the RIB.

Please see this link:

http://www.cisco.com/c/en/us/td/docs/ios/12_0s/feature/guide/cs_bsfda.html

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

Network Pro · ‎02-09-2017

Thanks, i was thinking of BGP timer

how quick does the fallover command reduce to ? is this needed on both routers?