cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2491
Views
5
Helpful
12
Replies

BGP Outbound traffic preferencein multihomed traffic

viswa sai
Level 1
Level 1

Situation 1:

I have two edge routers each talking EBGP ( ISP -1 and ISP-2) to a different service provider and talking IBGP to each other. i'm  receiving full internet routes from both providers.

In this situation each edge router will have to decide on which route to install (for each internet destination), one available via an EBGP peer and the other via an IBGP peer. Assuming Local Preference is set high (150) for one ISP-1 and Weights are left at default.

My traffic is going out via ISP-1. Now i would like to send outbound traffic for specfic prefixes learned some ases like google & facebook from the ISP - 2 . As the ISP-2 might have a best peering relation.

In such a case, how i can add  the local prefrence to these route learned from the ISP -2 so that my traffic towards these destination traffic goes via ISP -2

Any help would be highly appreciated

Thanks

Viswasai

2 Accepted Solutions

Accepted Solutions

Mark Malone
VIP Alumni
VIP Alumni

Hi

you could use a route-map match the specific ips based on an acl /prefix-list and give them a better preference than ISP 1 or use a route-map and set the nest hop ip for certain traffic again with an acl or prefix list to go by ISP 2 for certain routes learned

couple of examples in this , just make sure to match against an acl or prefix so everything isn't flipped over to ISP 2, always best to use the lower attributes where possible

http://evilrouters.net/2009/03/07/using-bgps-local-preference-to-influence-outbound-routing/

http://evilrouters.net/2009/03/07/using-as-path-prepending-to-influence-inbound-routing/

BGP attribute list in order

https://www.google.com.ph/search?q=cisco+bgp+attributes&biw=1920&bih=1075&site=webhp&source=lnms&tbm=isch&sa=X&ved=0ahUKEwiK0KO-gKLLAhWIcRQKHV7ADlwQ_AUIBigB#imgrc=YZ5TKF_ecEwcJM%3A

View solution in original post

Are there any other AS numbers after the AS numbers you are trying to match because an AS path does not end with _ which is what you have.

You do not need to list all the AS numbers unless you really want to.

So using this as an example -

"ip as-path access-list 28 permit ^9498_7473_"

if the AS path you see with "sh ip bgp" is "9498 7473" and that is it then either  -

".*_7473$" or "^9498_7473$" will be fine.

If the AS path you see is 9498 7473 and then other AS numbers then it would be -

".*_7473_.*$" or "^9498_7473_.*$"

Jon

View solution in original post

12 Replies 12

Mark Malone
VIP Alumni
VIP Alumni

Hi

you could use a route-map match the specific ips based on an acl /prefix-list and give them a better preference than ISP 1 or use a route-map and set the nest hop ip for certain traffic again with an acl or prefix list to go by ISP 2 for certain routes learned

couple of examples in this , just make sure to match against an acl or prefix so everything isn't flipped over to ISP 2, always best to use the lower attributes where possible

http://evilrouters.net/2009/03/07/using-bgps-local-preference-to-influence-outbound-routing/

http://evilrouters.net/2009/03/07/using-as-path-prepending-to-influence-inbound-routing/

BGP attribute list in order

https://www.google.com.ph/search?q=cisco+bgp+attributes&biw=1920&bih=1075&site=webhp&source=lnms&tbm=isch&sa=X&ved=0ahUKEwiK0KO-gKLLAhWIcRQKHV7ADlwQ_AUIBigB#imgrc=YZ5TKF_ecEwcJM%3A

Thanks mark.!.. I will check and revert back, incase need further help!

Hi Mark

I tried the following config in ISP - 2 to implement the above though

However, i have observed that my routes have reduced to only to below networks 

access-list 1 permit 23.35.80.0 0.0.15.255   - Microsoft website ip block
access-list 1 permit 23.207.144.0 0.0.15.255 -Microsoft website ip block

no route-map 18mb-bt-in permit 10
route-map 18mb-bt-in permit 10
match ip address 1
set local-preference 200

access-list 1 permit 23.35.80.0 0.0.15.255
access-list 1 permit 23.207.144.0 0.0.15.255

Sh Ip bgp s - before

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd


12x.1x.0.2xx 4 9498 1651456 11388 6462293 0 0 4d09h 573731

Sh ip bgp s  after


Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

12x.1x.0.2xx 4 9498 1651456 11388 6462293 0 0 4d09h 2

My idea is to receive full routing table and then add the LP to the network received via certain ASes. Is it feasible at all

Any help would be highly appreciated

Your route map needs an empty permit statement to allow all the other routes ie. add this -

"route-map 18mb-bt-in permit 20"

Jon

One other point.

If you are trying to add local preference for all routes received from a certain AS and you know the AS number(s)  you may be better off using an AS path acl that can match on the AS number.

Up to you though as matching on IP prefixes will also work.

Jon

Thanks Jon

can i do the following


ip as-path access-list 28 permit ^9498_3257_
ip as-path access-list 28 permit ^9498_6762_
ip as-path access-list 28 permit ^9498_1299_
ip as-path access-list 28 permit ^9498_2914_

route-map SET_LP permit 10
match ip as-path 28
set local-preference 200

route-map SET_LP permit 20

As i apply this config, i will get full routing table and i will able to add LP 200 for the ASes mentioned in ip as-path

Which AS numbers are you trying to match ?

Jon

i am idea is to match the prefixes learned via te below access-list


ip as-path access-list 28 permit ^9498_3257_
ip as-path access-list 28 permit ^9498_6762_
ip as-path access-list 28 permit ^9498_1299_
ip as-path access-list 28 permit ^9498_2914_

I don't know if that is correct because you haven't answered my question but I suspect it isn't.

When you look at the AS path the AS the routes originated from is on the far right and then each AS adds it's own AS number to the path.

So if you want to match routes originating from a certain AS you would use -

".*<AS no>$"

which says you don't care about what ASs the route has gone through to get to you, all you care about is that the routes originated from the AS listed.

I can't tell from what you have posted whether it will work or not.

Jon

I am taking full routing table from the AS 9498 and then want to match prefixes from certain ASes which the AS 9498 has direct peering so that i can balance outbound traffic on ISP-1 and ISP -2

ip as-path access-list 28 permit ^$
ip as-path access-list 28 permit ^9498$
ip as-path access-list 28 permit ^9498_7473_
ip as-path access-list 28 permit ^9498_3356_
ip as-path access-list 28 permit ^9498_3549_
ip as-path access-list 28 permit ^9498_3561_
ip as-path access-list 28 permit ^9498_15169_
ip as-path access-list 28 permit ^9498_32934_
ip as-path access-list 28 permit ^9498_10310_26101_

These are Ases apart from the all other ASes, i want to add LP 200

Are there any other AS numbers after the AS numbers you are trying to match because an AS path does not end with _ which is what you have.

You do not need to list all the AS numbers unless you really want to.

So using this as an example -

"ip as-path access-list 28 permit ^9498_7473_"

if the AS path you see with "sh ip bgp" is "9498 7473" and that is it then either  -

".*_7473$" or "^9498_7473$" will be fine.

If the AS path you see is 9498 7473 and then other AS numbers then it would be -

".*_7473_.*$" or "^9498_7473_.*$"

Jon

Thanks alot Jon for your timely response for my questions.

One last ques. Any tool to see AS to IP prefixes that you know of..

Review Cisco Networking for a $25 gift card