Solved: Re: BGP Maximum Paths is not working

Dunner1991 · ‎11-04-2020

Hi All,

I have attempted to use maximum-paths command under my bgp config

I have DNS servers I would like to load balance traffic across however after adding the command, the traffic doe not seem to be load balanced across the intended servers

I have posted the config and relevant commands below:

vrf gi
router-id X.X.X.X
address-family ipv4 unicast
redistribute direct route-map X
redistribute static route-map X
maximum-paths eibgp 2

neighbor PeerIP remote-as 65375
description GI_TEST2
address-family ipv4 unicast
route-map XI in
route-map X out
default-originate route-map GI-DEFAULTROUTE-ATTRIBUTES
next-hop-self
soft-reconfiguration inbound

neighbor PeerIP remote-as ASN
description GI_DNS3
address-family ipv4 unicast
route-map XI in
route-map X out
default-originate route-map X
next-hop-self
soft-reconfiguration inbound

DUB1-00-DC-CSW1# sh bgp ipv4 unicast PublicIP vrf Name

BGP routing table information for VRF gi, address family IPv4 Unicast
BGP routing table entry for Public IP/32, version 109603
Paths: (2 available, best #2)
Flags: (0x800001a) on xmit-list, is in urib, is best urib route
Multipath: eiBGP

Path type: external, path is valid, received and used, not best reason: newer EBGP path
AS-Path: 65375 , path sourced external to AS
PeerIP (metric 0) from PeerIP (PublicIP)
Origin IGP, MED 0, localpref 100, weight 0

Advertised path-id 1
Path type: external, path is valid, received and used, is best path
AS-Path: ASN , path sourced external to AS
PeerIP (metric 0) from PeerIP (PublicIP)
Origin IGP, MED 0, localpref 100, weight 0

Path-id 1 advertised to peers:
1.1.1.1 2.2.2.2

I can see that the same routes are received on both peerings

This is the new Peering:

show ip bgp vrf gi neighbors PeerIP received-routes

Peer 192.168.202.66 routes for address family IPv4 Unicast:
BGP table version is 109604, local router ID is 11.11.11.11
Status: s-suppressed, x-deleted, S-stale, d-dampened, h-history, *-valid, >-best
Path type: i-internal, e-external, c-confed, l-local, a-aggregate, r-redist, I-injected
Origin codes: i - IGP, e - EGP, ? - incomplete, | - multipath, & - backup

Network Next Hop Metric LocPrf Weight Path
* ePublicLoopback X.X.X.X 0 0 ASN i
*>ePrivateLoopback X.X.X.X 0 0 ASN i

The route is still preferred over this peering:

show ip bgp vrf gi neighbors PeerIP received-routes

Peer Peer IP routes for address family IPv4 Unicast:
BGP table version is 109604, local router ID is 11.11.11.11
Status: s-suppressed, x-deleted, S-stale, d-dampened, h-history, *-valid, >-best
Path type: i-internal, e-external, c-confed, l-local, a-aggregate, r-redist, I-injected
Origin codes: i - IGP, e - EGP, ? - incomplete, | - multipath, & - backup

Network Next Hop Metric LocPrf Weight Path
*>ePublicLoopback/32 PeerIP 0 0 ASN i
*>ePrivateLoopback/32 PeerIP 0 0 ANS i

paul driver · ‎11-04-2020

Hello

What does the actual RIB table look like?
Try the same command without specifying on ebgp or ibgp prefixes
no maximum-paths eibgp x
maximum-paths x

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

Georg Pauwen · ‎11-04-2020

Hello,

are the two eBGP peers in different ASs ? If so, try the command:

bgp bestpath as-path multipath-relax

Dunner1991 · ‎11-04-2020

HI @Georg Pauwen,

The 2 BGP paths are the same Private ASN, they are Primary DNS nodes which I am trying to load balance incoming queries over.

But after I added the maximum paths command under the related vrf, traffic still only flows to the first node (second node was only built recently)

paul driver · ‎11-04-2020

Hello

What does the actual RIB table look like?
Try the same command without specifying on ebgp or ibgp prefixes
no maximum-paths eibgp x
maximum-paths x

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Dunner1991 · ‎11-04-2020

Hi @paul driver

I have tried to change the configuration baed on yuor recommendations but unffortunatlety there has been no change.

I still see that the preferred path is going over the older server and while it receives the same route via the newer server it is not injected into the RIB for bgp

Dunner1991 · ‎11-05-2020

@paul driver changing to maximum-paths 2 actually did work, my apologies for my earlier comment

Georg Pauwen · ‎11-04-2020

Hello,

can you post the full configs of all three routers so we can lab this ?

Dunner1991 · ‎11-04-2020

Hi @Georg Pauwen

Do you require the full config or just the relevant bgp configs?

vrf gi
router-id X.X.X.X
address-family ipv4 unicast
redistribute direct route-map GI-DIRECT-NET
redistribute static route-map GI-STATIC-NET
maximum-paths 2
address-family ipv6 unicast

neighbor OLDDNSPEERIP remote-as DNS ASN
description GI_DNS1
address-family ipv4 unicast
route-map DNS_PREFIX_OUT--GI out
default-originate route-map GI-DEFAULTROUTE-ATTRIBUTES
next-hop-self
soft-reconfiguration inbound

neighbor NEWDNSPEERIP remote-as DNS ASN
description Name
address-family ipv4 unicast
route-map DNS_PREFIX_IN--GI in
route-map DNS_PREFIX_OUT--GI out
default-originate route-map GI-DEFAULTROUTE-ATTRIBUTES
next-hop-self
soft-reconfiguration inbound

With regards to the peers they are linux hosts running quagga routers (virtual routers) posted below:

New Server:

router bgp DNS ASN
bgp router-id PublicIP
network PublicIP/32
network LoopbackIP/32
neighbor DUB1-WGW peer-group
neighbor DUB1-WGW remote-as Company ASN
neighbor DUB1-WGW soft-reconfiguration inbound
neighbor DUB1-WGW route-map DNS_TO_GI out
neighbor CSW1PeerIP peer-group DUB1-WGW
neighbor CSW2PeerIP peer-group DUB1-WGW
!
ip prefix-list GI-DNS seq 5 permit PublicDNSIP/32
ip prefix-list GI-DNS seq 10 permit Privateloopback/32
!
route-map DNS_TO_GI permit 10
match ip address prefix-list GI-DNS
!
line vty
!

OLDER Server:

router bgp DNS ASN
bgp router-id PUBLICIP
network PUBLICIP/32
network loopbackIP/32
neighbor DUB1-WGW peer-group
neighbor DUB1-WGW remote-as Company ASN
neighbor DUB1-WGW soft-reconfiguration inbound
neighbor DUB1-WGW route-map DNS_TO_GI out
neighbor CSW1PeerIP peer-group DUB1-WGW
neighbor CSW2PeerIP peer-group DUB1-WGW
!
ip prefix-list GI-DNS seq 5 permit PublicIP/32
ip prefix-list GI-DNS seq 10 permit LoopbackIP/32
!
route-map DNS_TO_GI permit 10
match ip address prefix-list GI-DNS
!
line vty
!
end

jlodwick · ‎01-13-2021

We were scratching our heads on why this wasn't working until I found this! It worked in our lab from the same AS, but not in production from different AS's. After we added the command "bgp bestpath as-path multipath-relax" it worked! Thanks for posting this! Super cool command!

Jeff

kubn2 · ‎11-04-2020

Hi,

For loadbalancing applications like DNS I would use hardware load balancers (F5), both DNS nodes have the same IP address? Also did you considered to build a cluster which could load balance the load as intended?

Dunner1991 · ‎11-04-2020

Hi @kubn2

I have looked at nginx as a possible solution for this however I wanted to see if using bgp as a load balancer would a) work effective and b) removed the need to add in an additonal POF.

Yes each Peer advertises the same DNS Public IP, it works fine on the older server just not on the new one ive built using almost exactly the same config