Showing results for 
Search instead for 
Did you mean: 

BGP Load balance



Hi, I have 2 Routers (2911), 2 ISP Connection, 1 /24 IP Block and AS Number. Indivitually, I did the BGP estbilishment with ISP. Now I trying achieve the load balancing as show in the above figure.

1. Is it possible to split the /24 IP Block into 2 /25 and advertize with 2 ISPs?

2. Is it possible to config the routers take-care routes handled by other router, in case of link failure?

3. iBGP/HSRP, which one to choose?

4. Currently my router is holding very big routing table. But my concern is only incoming traffic to my servers. I don't care about the out going traffic. I hope, ISP will takecare of it. In this case, How can I reduce the no of routes managed by my router?

8 Replies 8



before going into a technical discussion about how do it, the first thing to check is if your ISP's let you

announce /25 prefix. The greatest prefix than some ISP's let is /24. Some ISP let you lower prefix but

they don't propagate the prefix to their carriers. Think in a routing table where /32 or /30 prefix exist. So

/24 is usually the most specific prefix allowed and I see that /25 would be filtered for your ISP. Please,

contact your ISP.

If we suppose that your ISP let you /25 prefixes (and propagate to uplink carriers) then you should announce:

ISP A: and

ISP B: and

The most specific prefix is prefered and then you can balance the download traffic. The longer prefix

is for backup in case of troubles with some ISP.

iBGP is needed if you want to have the best PATH for each prefix. If you configure iBGP, then for each prefix the

best path will selected and the path can be through ISP A or B, depending on AS numbers in the path. So a packet

can arrive from your firewall to a router (link to ISP A), and forwarding to the other router (link to ISP B) because of

the path is better througn ISP B. The cross-link between routers let exchange the packets to use the best path.

HSRP is a level 2 protocol that let you have a virtual IP as gateway for your firewall. So, you firewall always forward

traffic to this ip that can be in router A or B. If your firewall does not speak BGP, you need it. Read this:

And finally, if you want to reduce your routing table you can filter routes with a prefix-list.

For example (only prefixes /24 are allowed):

ip prefix-list Allow-prefix-24 seq 5 permit ge 24 le 24

router bgp as-number

neighbor distribute-list Allow-prefix-24 in


Notice that if there are greaters prefix your router will not learn them and you can have some connectivity problems.

Anyway, if you do not care the upstream traffic and you do not configure iBGP to use the best path

for each prefix, you can filter all prefixes and allow only one classful prefix (A, B or C). Then use the command

"ip default-nework ". This is the same if you ISP send you an default-route in the BGP peering.