cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1039
Views
10
Helpful
15
Replies

BGP & default route/s

louis0001
Level 3
Level 3

Hi,

we have a network with 50 sites all connected via a private MPLS network using BGP.

Our egress to the internet is at one site (SITE A) and we advertise network 0.0.0.0 here.

All is well and all sites can access the internet via SITE A.

We now have another egress point at SITE B.

 

What would happen if we advertise 0.0.0.0 at SITE B?

Is there a way for us to prefer SITE A 0.0.0.0 (via weights?) to SITE B 0.0.0.0 so that SITE B is only used if SITE A is offline?

15 Replies 15

Hi ,

As we are trying to manipulate the outbound traffic, I would recommend increasing the Local preference on the side where you want to be the primary path. 

 

 
switch# configure terminal
switch(config)# route-map test1
switch(config-router)# route-map map-preference
switch(config-route-map)# match as-path 1
switch(config-route-map)# set local-preference 100 
 
Please do not hesitate to click the STAR button if you are satisfied with my answer.

Agreed if all the sites mentioned by Louis are in different AS.

If all the sites are within the same AS, and the 0.0.0.0/0 on edge sites are a static route & being redistributed into BGP, then I think you simply use the metric keyword in redistribution statement is fine.

Hi,

yes they are all different private AS numbers. Answer has gone right over my head lol.

When we put this network in, we simply did the following:

router bgp 65001

log-neighbor-changes
no auto-summary
network 0.0.0.0
network 10.1.1.0 mask 0.0.0.255
redistribute connected
redistribute static
neighbor 10.10.10.1 remote-as 65099  << ISP private network

ip route 0.0.0.0 0.0.0.0 10.1.1.1   << SITE A router to firewall

 

So if I added SITE B:

router bgp 65002
log-neighbor-changes
no auto-summary
network 0.0.0.0
network 10.1.2.0 mask  0.0.0.255
redistribute connected
redistribute static
neighbor 10.10.10.1 remote-as 65099  << ISP private network

ip route 0.0.0.0 0.0.0.0 10.1.2.1  << SITE B router to firewall

 

Currently, our remote sites (all different AS's etc) are configured like so:


router bgp 65003
log-neighbor-changes
no auto-summary
network 10.1.3.0 mask 0.0.0.255
redistribute connected
neighbor 10.10.10.1 remote-as 65099  << ISP private network

ip route 0.0.0.0 0.0.0.0 10.10.10.1 << ISP BGP neighbor

So, assuming I do add SITE B and advertise network 0.0.0.0, how do I get all traffic to flow to SITE A (as it is now) and then go to SITE B if SITE A is offline.
I don't understand the answer above or understand where to apply the local preference. Sorry.

The configuration will be like:

<On SITE C,D,E...>:

access-list 1 permit 0.0.0.0 255.255.255.255

route-map Site_B_LocalPref permit 10
match ip address 1
set local-pref 90

router bgp <AS number>
neighbor <site-B-address> route-map Site_B_LocalPref in

 

Your configurations show the ISP MPLS IP as 10.10.10.1 for all sites, is that really the case ? 

 

If this is a L3 MPLS network where each site peers with an ISP MPLS router then local preference will not work. 

 

Can you confirm that each site peers with an ISP router and not with other sites directly. 

 

Jon

Hi Jon,

apols for late reply. Yes, they all peer to the same ISP AS number but the IP addresses are different (my mistake... sorry)

The IP address we peer with is a private IP eg 10.10.10.2 using a /30 and we use a default route of the neighbor peered address.

All other routers are peered as such with us just incrementing the /30 a subnet at a time.

Hello,

 

you could also just configure two default routes, one pointing to the ISP, the other, with a higer administrative distance, pointing to the eBGP neighbor, and then track the primary route with an IP SLA. If you configure that on both your routers, failover would occur on both routers. If you use NAT, you can also configure an EEM script that clears the NAT table.

 

Here is what the configs would look like:

 

Site A Router

 

track 1 ip sla 1 reachability
!
interface Loopback 0
ip address 1.1.1.1 255.255.255.255
!
interface GigabitEthernet0/0
description eBGP Connection to Site B Router
ip address 192.168.12.1 255.255.255.0
!
interface GigabitEthernet0/1
description eBGP Connection to ISP_A
ip address 100.100.100.1 255.255.255.252
!
router bgp 1
bgp router-id 1.1.1.1
neighbor 192.168.12.2 remote-as 2
neighbor 192.168.12.2 description eBBP to Site B
neighbor 100.100.100.2 remote-as 3
neighbor 100.100.100.2 description eBGP to ISP_A
!
ip route 0.0.0.0 0.0.0.0 100.100.100.2 track 1
ip route 0.0.0.0 0.0.0.0 192.168.12.2 200
!
ip sla 1
icmp-echo 8.8.8.8 source-interface GigabitEthernet0/0
timeout 1000
threshold 2
frequency 3
!
ip sla schedule 1 life forever start-time now
!
event manager applet CLEAR_NAT
event track 1 state any
action 1.0 cli command “enable”
action 2.0 cli command “clear ip nat translation *”
action 3.0 cli command "end"

----------

Site B Router

 

track 1 ip sla 1 reachability
!
interface Loopback 0
ip address 2.2.2.2 255.255.255.255
!
interface GigabitEthernet0/0
description eBGP Connection to Site A Router
ip address 192.168.12.2 255.255.255.0
!
interface GigabitEthernet0/1
description eBGP Connection to ISP_B
ip address 200.200.200.1 255.255.255.252
!
router bgp 2
bgp router-id 2.2.2.2
neighbor 192.168.12.1 remote-as 1
neighbor 192.168.12.1 description eBBP to Site A
neighbor 200.200.200.2 remote-as 4
neighbor 100.100.100.2 description eBGP to ISP_B
!
ip route 0.0.0.0 0.0.0.0 200.200.200.2 track 1
ip route 0.0.0.0 0.0.0.0 192.168.12.1 200
!
ip sla 1
icmp-echo 8.8.8.8 source-interface GigabitEthernet0/0
timeout 1000
threshold 2
frequency 3
!
ip sla schedule 1 life forever start-time now
!
event manager applet CLEAR_NAT
event track 1 state any
action 1.0 cli command “enable”
action 2.0 cli command “clear ip nat translation *”
action 3.0 cli command "end"

could I just set a neighbor statement in each remote site?

eg

router bgp 65010

neighbor 10.10.10.2 as ISP AS Number
neighbor 10.1.1.1 as SITE A AS Number
neighbor 10.1.2.1 as SITE B AS Number

 

or would that confuse everything?

If I am understanding the discussion correctly then both A and B will be advertising a default route into BGP. And if I am understanding the discussion correctly each of the remote sites has a static default route pointing toward A. I am not clear why the remote site has a default route if there is a default route being advertised in BGP.

 

The first step in addressing this question is to decide whether you will keep static default routes at the remote sites. If you decide to keep the remote static default routes then you will need a solution similar to what was suggested about having two static default routes (one with higher AD) and using tracking to determine which static default to use. If you decide to remove the remote static default route then you can use BGP manipulation to make the default from A preferable and the default from B as the backup. Probably using prepending at site B would be more simple but you could use local preference at the remote sites to make the advertised default from A be the primary.

 

HTH

 

Rick

HTH

Rick

Hi, yes your understanding isn't far off. We use a combination of leased lines and vdsl. The larger sites have leased lines and use bgp and the smaller sites use vdsl and have static routes that peer with the ISP. The ISP then advertises these sites into BGP.
The default route for these sites is the ISP peer. There is no config for bgp on these vdsl routers. I'm wondering what would happen if I removed the default route to the ISP (there's no NAT here, just routing using same private subnet eg 10.5.1.0/24) eg SITE C router 10.5.1.1/24, SITE D router 10.5.1.2/24 etc etc

and then brought up bgp on each router and used site A & B as the neigbor's?

Would that work?

Your previous posts have described your network as having BGP at remote sites and I understood that to mean that it had BGP at all remote sites. I now understand that the current network has BGP at some remote sites and static routes at some sites. So, as I said, you need to decide whether you will keep static routes at some sites or whether you will implement BGP at those sites. 

 

I am assuming that a remote site would have only a single outbound connection. Is that the case or do some sites have 2 outbound connections? If every remote sites has a single outbound connection then the routing decision is quite simple. The default route for the remote site would have the ISP router as its next hop - and it does not matter whether that default route is a static route or a BGP route. In this case the decision about whether to use the Internet connection at A or at B is not made at the remote site but is made by the ISP routers in the MPLS cloud and BGP between A and B and the MPLS cloud will take care of which path to use. So in this case I do not see that you need to change anything at the remote sites.

 

You asked about the possibility of adding BGP neighbor statements at the remote sites for A and for B

neighbor 10.10.10.2 as ISP AS Number
neighbor 10.1.1.1 as SITE A AS Number
neighbor 10.1.2.1 as SITE B AS Number

the same kind of logic applies here. There is no need for the remote site to peer with A or with B. The remote sites needs to peer only with its ISP router and to learn a default route from that ISP router. The logic about whether to use A or to use B is made in the MPLS cloud by routers that have learned advertisements from A and from B and will choose depending on how A and B advertise their default routes.

 

HTH

 

Rick

HTH

Rick

Sorry for not being clear:

SITE A = bgp peer to ISP (fibre ethernet)
SITE B = bgp peer to ISP (fibre ethernet)

The above core sites are also linked via a PtP and I've additionally peered those to each other so they can see the remote sites via each other if required ie if SITE A ISP connection drops, SITE A can get to remote sites via SITE B. Not sure if it works yet but I can see the routes between these routers

 

50% remote sites = bgp peer to ISP (fibre ethernet)
50% remote sites = static route to ISP BGP router (VDSL)

 

Without changing the remote sites, how can I change SITE A or SITE B so that remote traffic prefers SITE A to SITE B?

I understand that you do not want to change remote sites. And I believe that there is no need to change the remote sites. You want both A and B to advertise default routes into the MPLS BGP and for the default route through B to be less attractive than the default route through A. That way the ISP routers will prefer to send traffic through A but if A is down or has withdrawn its advertised default for some reason then the ISP routers will send traffic through B. The most common way to do this is to configure B so that it prepends its AS number several times as it advertises its default route.

 

HTH

 

Rick

HTH

Rick

Hi, yes that would be right. Do you have an example of how to do this so I can understand?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: