Dear Rick, 

Our network is the ISP that have two upstreamers. we have our own AS number and public IPs.

Hope this calrify the pic.

Reg

Hi Alshamlan,

if you are concerned just about link fault, why don’t you use PBR with tracking ? This way you can verify  reachability of the next hop and use the link just if it is up. Otherwise you can use some EEM feature (I don’t know so much about this technology so  this is just an idea).

Another way to balance traffic could be receive a default router from both neighbor (and prefer the one form the old link using some PA, for example local preference) and some specific networks just form the neighbor on the new link. This way traffic to that networks will use the new link, if available. The problem is to predict the path used by remote AS without knowing how upstream1 and upstream2 are connected to Internet.  What are this AS ? How are they connect to Internet ? Moreover: can you ask to upstream1/2 to do some manipulation of your bgp announce ? In this case it is possible to use communities to avoid or change the way your neighbor will propagates your networks  and modify how traffic will flow from Internet to your network

enrico

Hi Enrico,

BPR can be implemented with tracking but In case there is a problem in certain route or marine cable cut. I think this will not be a practical way to implment.

What about if we receive the full BGP route from both upstreamers? In this case, how the traffic can be balanced?

I don’t think it is a good idea, this solution require a lot of CPU and memory on your router and good skills in managing BGP. It is quite simpler  to have some specific network  form one neighbor and using its link to send traffic to that network.  If you carefully choose that network, traffic will be symmetric because of BGP metric and path selection algorithm. For example, if you decide to receive only  network originated in that AS,  traffic will flow back on the new link because of shortest AS-PATH. Another way could be to receive NLRI for international destination from the new link (if your international traffic is less than the national).   Of course you have to sure that the amount of traffic to/from that network is less thatn 150Mbps.

If you prefer to receiving the full routing table form both of your BGP neighbor be sure your router  have enough cpu and memory to manage it (nowadays at least 1GB of RAM is requirement). If it is the case you can balance outgoing traffic modifying some BGP attribute (typically the local preference) for a subset of  networks, for example using an as-path access-list.   Incoming traffic can be balanced using prepend. In any case asymmetric routing may happen in BGP, and avoid it is not easy. Why it is a problem for you ? (NAT, VPN,…).

Tip: conditional advertisng could be a solution in your environment ?

Thanks enrico for you vuable explenation.

Yes our router can handle the Fulll BGP traffic as we have 8GB RAM. In case I got the full BGP traffic then I need a traffic visibility e.g netflow to show how my traffic flow to the internet destination Isnt it?

and based on this then I have to blance my traffic.

Is asymmetric is a normal case in BGP? We have many customer using a VPN, do you mean this will be affect by Assymetric traffic?

Do you mean by conditional advertising that some /24 will be advertise to upstream-1 and some to upstreamer-2?

I think netflow could be useful to know "where" is your traffic directed and the amount of traffic more than the way it flows. The way it flows depends on your routing and bgp tables and you can examine them with a couple of show commands. In any case that's the idea: once you know where is your traffic directed you can choose how to balance it between the links (I mean: which link will be used for certain networks, and which for all the others).

Asymmetric routing could be a problem in case of VPN but, as far as I know,  not in case the VPN concentrator is behind your router. I think it's enough that packets arrives and leaves your VPN concentrator through the same interface to/from the same remote IP address.  

Conditional advertising is a feature that permits to advertise a network to a neighbor if a network exist or not exist in the BGP table. For example, you can advertise a couple of network on the new link and receive just the default network. In case of failure, BGP session will expire, default network will no longer be present in BGP table (at least the default coming from the new link) and this  condition can trigger advertising of that networks on the old link.

Have a look here: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/15-mt/irg-15-mt-book/irg-basic-net.html#GUID-FB7CAC3E-0E43-4B25-85AD-FEC19F5229EE

I made a little Lab to show how this feature works (see architecture.jpg and config.txt):

Look at the first picture: as you can see R3 has some network from R1 but miss 10.1.1.0/24 and 10.1.2.0/24  

Then (Picture 2), I shut down R2 neighborship with R1, and suddenly R3 delete networks form R2. After 30 seconds, R1 send advertisement for net  10.1.1.0/24 and 10.1.2.0/24  and R3 add these net to BGP and routing table

Finally (picture 3 and 4), neighborship between R1 and R2  is restored, R3 receives R2 networks and a little bit later receives withdrawn for  net 10.1.1.0/24 and 10.1.2.0/24  and removes them form BGP and routing table

Bye,

enrico