Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
10289
Views
4
Helpful
5
Replies

BGP next hop selection based on source address

etxnreg
Level 1
Level 1

‎05-09-2009 01:30 AM - edited ‎03-04-2019 04:42 AM

Hi,

I have two eBGP sessions to two different AS's.

Is it possible to select BGP next-hop based on the ip packet source address?

Is it possible to use PBR together with BGP?

If it's possible has somebody any config example?

Labels:
0 Helpful
5 Replies 5

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎05-09-2009 04:35 AM

Hello Niklas,

>> Is it possible to select BGP next-hop based on the ip packet source address?

No, BGP has a lot of policies but still uses destination based routing

>> Is it possible to use PBR together with BGP?

yes, but you can influence the outbound path only.

The return path is still ruled by BGP.

a complex example using VRF aware PBR

http://www.cisco.com/en/US/docs/ios/mpls/configuration/guide/mp_mltvrf_slct_pbr.html#wp1101387

Hope to help

Giuseppe

lamav
Level 8
Level 8
In response to Giuseppe Larosa

‎05-09-2009 06:33 AM

Giuseppe:

Wouldn't it be possible to establish a flow, match on it, and set the next hop accordingly using access lists, a route map and BGP?

access-list 110 permit ip 10.0.0.0 0.0.0.255 any

route-map BGP permit 10

match ip address 110

set ip next-hop 2.2.2.2

router BGP 65000

neighbor 1.1.1.1 remote-as 65001

neighbor 1.1.1.1 route-map BGP

neighbor 2.2.2.2 remote-as 65002

Packets received from neighbor 1.1.1.1 whose source address is 10.0.0.0/8 and heading anywhere, will be forwarded to neighbor 2.2.2.2, according to the route map named BGP.

Is this feasible?

Victor

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to lamav

‎05-09-2009 10:41 PM

Hello Victor,

this is an attempt to advertise a third-party next-hop to Router1 1.1.1.1 but on which routes should be this modified next-hop be associated ?

I don't think this can work.

We can change the BGP next-hop of selected routes in an outbound route-map, but the ACL that we invoke in it has the duty to decide which routes should have the attribute changed

it doesn't apply to live traffic but to routes exchange.

To intercept live traffic you need PBR applied inbound the LAN internal interface.

But this is again PBR, the fact that you have BGP neighbors it is a different matter it is not BGP the one that does source based routing.

However, as you have noted Harold has pointed out that, in an MPLS context PBR can be used to perform source based VRF selection but it still the PBR feature that does source based routing.

Hope to help

Giuseppe

0 Helpful

lamav
Level 8
Level 8
In response to Giuseppe Larosa

‎05-10-2009 06:58 AM

Giuseppe!

Wow, I must have been drunk or on heavy allergy medications when I asked this question! Im serious, the diphenhydramine has me practically hallucinating LOL..How retarded!

A route map applied to a BGP neighbor acts on the control plane to populate the BGP and route table. It is not used for policy routing on the data/forwarding plane. There is no inspection of source and destination addresses of actual traffic and re-routing accordingly.

To implement policy routing, you have to apply the route map to an interface that will receive the data traffic and forward the packet accordingly.

The route map I configured, in and of itself, is syntaxically correct, but of course its execution and application were from outer space.

Thanks for answering my question, as idiotic as it was. lolol

Victor

0 Helpful

Harold Ritter
Cisco Employee
Cisco Employee

‎05-09-2009 12:36 PM

Niklas,

You can use the VRF selection feature to achieve this. You would have each session to the eBGP neighbors in a different VRF. You would then use one VRF or the other based on the source address of the incoming packet.

Refer to the following URL for more information on this feature:

http://www.cisco.com/en/US/docs/ios/mpls/configuration/guide/mp_mltvrf_slct_pbr.html

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card