04-02-2019 05:55 AM
Hi,
I need some help / advice, I try to influence my inbound traffic I know this is not easy but there is surely a way to do it.
I have 2 routers (AS1) each of them connected BGP with 1 different ISP( ISP1 and ISP2) ( see attachment))
whatever I do ( AS path prepending , MED , BGP communities) nothing works, 75% of my traffic goes through ISP2.
R1
neighbor y.y.y.y activate
neighbor y.y.y.y send-community
neighbor y.y.y.y slow-peer detection
neighbor y.y.y.y remove-private-as all
neighbor y.y.y.y soft-reconfiguration inbound
neighbor y.y.y.y prefix-list deny-sua in
neighbor y.y.y.y prefix-list deny-sua out
neighbor y.y.y.y route-map ASYYYY-IMPORT-RM in
neighbor y.y.y.y route-map ASYYYY-EXPORT-RM out
neighbor y.y.y.y maximum-prefix 160000 90
route-map ASYYYY-EXPORT-RM permit 100
match ip address HE-ASYYYY-EXPORT CUSTOMERS-EXPORT
!
route-map ASYYYY-EXPORT-RM permit 110
match ip address VTL-ASXXXX-EXPORT
R2
neighbor x.x.x.x activate
neighbor x.x.x.x send-community
neighbor x.x.x.x remove-private-as all
neighbor x.x.x.x soft-reconfiguration inbound
neighbor x.x.x.x prefix-list deny-sua in
neighbor x.x.x.x prefix-list deny-sua out
neighbor x.x.x.x route-map ASXXXX-IMPORT-RM in
neighbor x.x.x.x route-map ASXXXX-EXPORT-RM out
neighbor x.x.x.x maximum-prefix 100000 warning-only
route-map ASXXXX-EXPORT-RM permit 100
description Route Envoyer A VTL
match ip address VTL-ASXXXX-EXPORT
!
route-map ASXXXX-EXPORT-RM permit 110
description Route Envoyer A VTL
match ip address HE-ASYYYY-EXPORT CUSTOMERS-EXPORT
set as-path prepend AS1 AS1 AS1 AS1
set community 3257:1970 3356:80 6453:80 7922:100
AS1 R1 and AS1 R2 I do not have filter I announce all route
thanks in advance
Solved! Go to Solution.
04-02-2019 10:58 AM
should a announce for ISP2 for exemple
network x.x.x.x mask 255.255.224.0
network y.y.y.y mask 255.255.240.0
aggregate-address x.x.x.x 255.255.224.0 summary-only <<------ add this
aggregate-address y.y.y.y 255.255.240.0 summary-only <<------ add this
for now I announce /24 , /20 , /19 etc.. each side and I send like 125 prefix on ISP1 and 50 prefix on ISP2 ( with route map and ACL) and ISP2 have always more traffic than ISP1
04-02-2019 06:14 AM
Pascal Faucher,
Do you use a private AS number to peer with your ISPs? I see you use a remove-private-as command under your neighbour. If it is private, then your prepending won't work, as it will all be stripped away. Also, there is very little you can really do to influence inbound traffic. Your neighbour can override any attributes. One thing you can do though is to advertise different length prefixes to your different neighbours. Like summarise for one neighbour and not summarise for another.
04-02-2019 09:04 AM
Hi Sergey,
no I dont use private AS witch my ISP, I put this command because I have multiple BGP connection under ASr1 and ASr2.
I never summarise do you have a exemple ?
thanks
04-02-2019 06:30 AM
Hello
Have you made your isps aware your using bgp PAs to path manipulation
They are probably overwriting your setting?
04-02-2019 10:54 AM
Hello
Yes my ISP know for my AS prepend
thnaks
04-02-2019 10:58 AM
should a announce for ISP2 for exemple
network x.x.x.x mask 255.255.224.0
network y.y.y.y mask 255.255.240.0
aggregate-address x.x.x.x 255.255.224.0 summary-only <<------ add this
aggregate-address y.y.y.y 255.255.240.0 summary-only <<------ add this
for now I announce /24 , /20 , /19 etc.. each side and I send like 125 prefix on ISP1 and 50 prefix on ISP2 ( with route map and ACL) and ISP2 have always more traffic than ISP1
04-03-2019 01:35 AM
Pascal,
The aggregated addresses should have broader subnet masks, than original "network" statements. So if your network has a subnet mask of /24, then aggregate should have a mask of at most /23.
Another thing to keep in mind is that subnets you advertise might have different levels of traffic specific to them. For example, a subnet that has for example a busy FTP server will have more traffic to it, than a subnet that has NTP or light web-server. It might be that routing is not the primary cause of your issue, but rather actual applications and their traffic patterns that define network load.
04-04-2019 04:51 AM
Hi
aggregated addresses works, thanks
04-03-2019 03:32 AM
Hello
What are your access-lists relating to?
I dont see any ibgp peering between your wan rtrs?
What routes are yor receiving from the isp's (full-partial-default)?
How are you advertising you internal networks to the isp?
Can you post the full configuration lease if applicable?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide