07-18-2020 10:30 AM
Hi Everyone,
I have a question regarding inbound BGP traffic engineering.
Diagram is attached.
Brief overview.
Edge-1 is peering with ISP1
Edge-2 is peering with ISP2
Edge-1 and Edge-2 are iBGP neighbors and is receiving a Default route to both ISP
Owned public IP block of /23, /23 subdivided into two /24
Edge-1 and Edge-2 is advertising the parent prefix of /23 for failover purposes
Edge-1 is advertising the first block of /24
Edge-2 is advertising the second block of /24.
In an event the the ISP2 has some internal outage, and the Administrator will be shutting down the BGP neighbor of Edge-2 to ISP2, Will there be a noticeable downtime as inbound traffic of /24 second block transitions to Edge-1 as inbound, route will be use will be the /23 advertised by Edge-1.
Solved! Go to Solution.
07-19-2020 07:52 AM
@ngkin2010 the original post suggests a scenario where the problem is with ISP 2, not with ISP 1 as your response suggests. I do agree with your conclusion that there will be some failover delay.
The original poster asks this question"will it cause an outage / timeouts / blackhole (as upstream routers of ISP are still reconverging the BGP table) for the prefixes that fall into the second /24 as it transitions to the aggregated block being advertised to ISP1?" . Assuming that the issue is with ISP 2 which advertises the second /24 block, then I believe that yes there will be outage/timeout/blackhole for the addresses in the second /24 as the Internet goes through convergence and begins to use the /23 to forward traffic for the second /24. I do not believe that there would be any impact for users in the first /24 but there would be some impact for users in the second /24.
07-18-2020 10:39 AM
I believe that you would experience:
- some delay while the problem symptoms begin at ISP2 and the administrator shuts down the connection to ISP2. Note that shut down of connection to ISP2 will cause ISP2 to withdraw its advertisement of its /23 and the second /24 to upstream routers.
- some delay while Internet BGP converges based on ISP2 no longer advertising the second /24 and the Internet begins to use the /23 to ISP1.
So there will be some delay. It is difficult to say how noticeable it would be.
07-18-2020 06:58 PM
- some delay while Internet BGP converges based on ISP2 no longer advertising the second /24 and the Internet begins to use the /23 to ISP1.
So there will be some delay. It is difficult to say how noticeable it would be.
Hi Rick,
Lets say as a scenario that the ISP2 advertising the second /24 is the one being used as Inbound by the Internet for the second block of /24 due to route specificity. I agree that there will be some form of delay due to the nature of BGP updates. However, will it cause an outage / timeouts / blackhole (as upstream routers of ISP are still reconverging the BGP table) for the prefixes that fall into the second /24 as it transitions to the aggregated block being advertised to ISP1?
07-19-2020 06:27 AM - edited 07-19-2020 06:28 AM
Hi Dabechu,
Outage on ISP1 should not affect the second block of /24 which are advertising through ISP2; that's talking about incoming traffic. For outgoing traffic, you may experience failover delay depend on your failover method.
You can also check your second block of /24 is seen on the Internet through BGP looking glass.
07-19-2020 07:52 AM
@ngkin2010 the original post suggests a scenario where the problem is with ISP 2, not with ISP 1 as your response suggests. I do agree with your conclusion that there will be some failover delay.
The original poster asks this question"will it cause an outage / timeouts / blackhole (as upstream routers of ISP are still reconverging the BGP table) for the prefixes that fall into the second /24 as it transitions to the aggregated block being advertised to ISP1?" . Assuming that the issue is with ISP 2 which advertises the second /24 block, then I believe that yes there will be outage/timeout/blackhole for the addresses in the second /24 as the Internet goes through convergence and begins to use the /23 to forward traffic for the second /24. I do not believe that there would be any impact for users in the first /24 but there would be some impact for users in the second /24.
07-19-2020 09:12 AM
@Richard Burts wrote:@ngkin2010 the original post suggests a scenario where the problem is with ISP 2, not with ISP 1 as your response suggests. I do agree with your conclusion that there will be some failover delay.
The original poster asks this question"will it cause an outage / timeouts / blackhole (as upstream routers of ISP are still reconverging the BGP table) for the prefixes that fall into the second /24 as it transitions to the aggregated block being advertised to ISP1?" . Assuming that the issue is with ISP 2 which advertises the second /24 block, then I believe that yes there will be outage/timeout/blackhole for the addresses in the second /24 as the Internet goes through convergence and begins to use the /23 to forward traffic for the second /24. I do not believe that there would be any impact for users in the first /24 but there would be some impact for users in the second /24.
Hi Rick,
Thank you for this, just wanted to make sure since a 1 second blackout is a huge problem for an enterprise, will just have to provision a Site so it will have a connection to both /24s and implement SLAs.
Thank You everyone
07-19-2020 09:47 AM
I am glad that my suggestions have been helpful. The design described in your original post with both edges advertising the /23 and each edge advertising a /24 is a very common design and is effective in achieving load sharing of both ISP connections and in achieving failover in case of a problem with a single ISP.
I appreciate that any delay or black hole is problematic for an Enterprise. But fundamentally if the Internet is operating with 2 /24 networks being advertised, and if there is a problem and one of the /24 needs to be withdrawn and the routing begins to use the /23 there is going to be some amount of delay and black hole. I am not sure what you could do with SLAs or anything else to change the fundamental fact that the Internet routing tables are going to need to converge.
Thank you for marking this question as solved. This will help other participants in the community to identify discussions which have helpful information. This community is an excellent place to ask questions and to learn about networking. I hope to see you continue to be active in the community.
07-19-2020 09:08 AM
@ngkin2010 wrote:Hi Dabechu,
Outage on ISP1 should not affect the second block of /24 which are advertising through ISP2; that's talking about incoming traffic. For outgoing traffic, you may experience failover delay depend on your failover method.
You can also check your second block of /24 is seen on the Internet through BGP looking glass.
Hi ngkin, thanks for the help, in the scenario there is no outage in ISP1, outage is on ISP2 which will force the administrator to shut its BGP peering with ISP2, for the outbound traffic I can control my outbound with no problem at all. Also second block of /24 should not be seen on the looking glass as its already removed once I shut the BGP Peering on ISP2. My concern is if there's a timeout of a blackhole of traffic for a short period of time as upstream routers will remove the second /24 and use the aggregated /23.
Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide