BGP incoming traffic

Krasnoperov · ‎07-28-2011

Hello, I'm no expert in BGP world, but soon my company will have own AS and own block of IP address.

I know It's quate hard to control all incoming traffic from 2 BGP peers, but I need to be sure that all incoming traffic comes from one ISP only, in case of it fail, then second ISP will accept incoming traffic

So I'll have kind of next model:

2 ISP, 2 different router for each of them, and /23 prefix address block

What if I will advertise to my primary ISP 1 not all my block /23 but just half of this block /24, or two block of /24 of which my AS consist.

And for the second ISP 2 (backup) I will advertise all my /23 prefix.

Will it works for my incoming model?

Peter Paluch · ‎07-28-2011

Hello,

Advertising your IP space subnetted into a number of subnets to one ISP, and advertising the entire space to the second ISP would do the trick. Make sure, however, that it complies with the policies of your preferred ISP to advertise your space split into subnets. Also, if you do not plan doing load balancing, you should advertise all subnets of your IP space to the preferred ISP, not just some of them.

Another way to solve this would be using AS_PATH prepending: you would advertise the same IP space to both your ISPs. Towards the second ISP, however, you would prepend your own AS number several times to all outbound BGP updates. This way, the path through the first ISP would be more preferred because that path would contain less items on the AS_PATH.

Best regards,

Peter

Jon Marshall · ‎07-28-2011

It won't really work because even if you advertise your networks as 2 /24 ISP1 will still summarise that out to the rest of the internet.

A common solution is to use as-path prepending. One of BGPs criteria for choosing the best path is to use the shortest AS PATH attribute so what you can do is add multiple entries of your AS into the AS PATH for the route advertised to ISP2. Then the route going to ISP1 will have a shorter AS PATH.

See this link for config example -

http://blog.ioshints.info/2008/02/bgp-essentials-as-path-prepending.html

Jon

lgijssel · ‎07-28-2011

You also need to establish how many hops (AS's) there are between ISP1 and ISP2 in order to determine how many AS's you need to prepend. You have to add at least that amount, otherwise, the path via ISP2 will still remain preferred for networks from ISP2 or the proximity.

regards,

Leo

nqtran1979 · ‎07-28-2011

Agreed AS Prepend will work.

I'd also go down the Subnetting path if you want to load balance between the two ISP.

Worked with a few ISP, and i don't remember too many that actually summarise PI networks (Which i'm assuming you are getting when you say you are getting your own AS# and Own block of IP addresses).

Marwan ALshawi · ‎07-28-2011

Hi Jon

just about the ISP summarizing the advertised IP range, i think some ISPs they put filtering to allow only what you supposed to to advertise with prefix-list that match your range ( you can request if they dont ) for example

prefix list with range of /24 le 32 which will allow you to advertise any subnet within this range of your IP network, you want for example you might advertise /25 and in the PE they just have a redistribution of this route into the private IPVPN/VRF !

HTH

Jon Marshall · ‎07-29-2011

Marwan and nqtran1979

Just for my info, are you both saying then that if i have PI addressing i can in theory advertise my entire public block as /32s and the ISP would then advertise those out to the rest of the Internet ?

Jon

Marwan ALshawi · ‎07-29-2011

Hi Jon, hope all is good

ok about the BGP prefixes, i had an experience with a client and ISP and the client had class /24 lets say, but they advertising part of it, form the SP we requested to allow the whole range as mentioned above /24 le 32 to let the customer advertise more specific route for route preference, however this is also depends on SP polices, but it can be done if they accept

HTH

nqtran1979 · ‎07-29-2011

Jon,

/32, they'll accept but they most likely won't be sending that out to the rest of the internet (thats just crazy) ... but /24, i don's see why not ... however like Marwan says, its all down to the ISP's policies aswell as the policies between themselves and their Tier 1 Providers.

Danilo Dy · ‎07-29-2011

Hi,

Depends on your ISP policy if you can chop the advertisement to them. Check with your ISP, if they have strict policy, beg them, else hunt for ISP that can do your bidding.

For you backup ISP you can do prepending but choose a small ISP for that. Because it can override your prepend by other metric like local-preference. If its a big ISP and you have huge concentration of user from them, it will eat up your backup pipe.

Dandy