Solved: BGP Path Selection Issue

DavidGIP · ‎01-05-2024

Hello. I am a beginner with BGP and I am running into an issue.

We currently have two ASR 9000s (each in a different POP) connected via iBGP. We have two 10gig links going out of one 9000 (Main RT) and one going out of our second 9000 (Second RT).

The links going out of Main RT are going to different ASNs (XX and YY). The Second RT link is going out to ASN XX but in a different direction.

The issue we are having is that the XX link in the Main RT has no traffic going through it. All of our traffic is going out through the other two links. When checking the BGP pathson the Main RT I see that the link is essentially the third choice between ASN YY on the Main RT and the iBGP path. I want to make the that third link the primary link on the router... Or have BGP choose that path over the iBGP link.

I am writing this on my phone so I cannot provide router configs right now, but I will add that as soon as I can, because I am not sure if I explained the issue clearly enough.

Thank you for any help you can provide.

paul driver · ‎01-08-2024

Hello
First please be careful when you append any changes to an existing production network you are not familiar with.
Now based on your topology diagram and the partial configuration output , They doesn't not seem to have parity, I dont see any ibgp peering?

router bgp 11111

neighbor 12.0.0.1
remote-as 22222
description iBGP

neighbor 13.0.0.1
remote-as 00000

neighbor 14.0.0.1
remote-as 44444

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

David Ruess · ‎01-05-2024

Hello,

The easiest and fastest way to make a router choose one link over another is using the weight attribute. Since its the fist decision in the path selection. A couple things to note:

1. You can configure it per neighbor and even narrow it down to specific routes per neighbor as well.

2. Higher is better. If a router is learning a route the weight is 0 by default and if the route is locally originated the weight is 32768

3. Its a non-transitive attribute which means its locally significant and only affects the outbound traffic of the local router.

Command to implement:

router bpg 100

neighbor 1.1.1.1 weight 3000

This will give a weight of 3000 to all routes learned from the specified neighbor. You cna configure the neighbor with a route-map and in the route-map match on certain prefixes and set a weight there if you only want certain routes affected. You can do this on both routers. Or you cna use the next decision in the path selection of local preference.

This is like the weight attribute but it affects all iBGP neighbors and isnt shared with eBGP neighbors. Son on the router you want to use as your primary tou can configure a higher weight on one router and the other router (iBGP neighbor) should use that path for traffic.

rout-map LOCAL_PREF permit 10

set local preference 500

router bgp 100

neighbor 1.1.1.1 route-map LOCAL_PREF in

-David

M02@rt37 · ‎01-06-2024

Hello @DavidGIP

To influence BGP path selection on your Main RT, you can use various methods. Consider adjusting the BGP attributes like AS Path, Local Preference, or Weight to make the desired link more favorable.

https://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/13753-25.html

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

paul driver · ‎01-06-2024

Hello
Can you post a topology diagram it would be much easier to visualise and understand your network so to provide a positive solution

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

MHM Cisco World · ‎01-06-2024

show bgp ipv4 unicast x.x.x.x <<- share this

MHM

DavidGIP · ‎01-06-2024

I am posting the config for the router as well as the topology. Thank you for the help and replies last night.

I implemented the weight on the neighbor and outbound traffic from that router started flowing through the link, which is great! The inbound traffic is still going through that first link. I want to be able to move the inbound traffic to ASN XX, while also getting inbound traffic through our second router also connected to ASN XX.

MHM Cisco World · ‎01-06-2024

M02@rt37 · ‎01-07-2024

Hello @DavidGIP

-- For Inbound traffic --

AS-path prepending is a common BGP technique to influence inbound traffic. By adding your own AS number multiple times to the AS-path attribute of routes advertised to a specific neighbor, you make those routes less preferable for inbound traffic. Use route-map or route-policy applied to the neighbor to achieve this.

If you want to make a link less preferable as an inbound route, you would perform AS-path prepending on the routes you advertise to that neighbor. This encourages other BGP routers to choose alternate paths, making the link with AS-path prepending less attractive for incoming traffic.

https://blog.ipspace.net/2009/03/as-path-prepending-technical-details.html

Remember to carefully plan and test such changes to avoid unintended consequences on your network's BGP routing.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

Georg Pauwen · ‎01-07-2024

Hello,

in order to get the AS-PATH working, you need to add it to the two links you do NOT want to use for inbound traffic. The config would look something like the below (replace the 'xxxx' with the AS you want to use for prepending):

prefix-set PS_COM
10.0.0.0/20 le 24,
11.0.0.0/22 le 24
end-set
!
prefix-set PS_BOGONS
0.0.0.0/8 le 32,
10.0.0.0/8 le 32,
127.0.0.0/8 le 32,
169.254.0.0/16 le 32,
172.16.0.0/12 le 32,
192.0.0.0/24 le 32,
192.0.2.0/24 le 32,
192.168.0.0/16 le 32,
198.18.0.0/15 le 32,
198.51.100.0/24 le 32,
203.0.113.0/24 le 32,
224.0.0.0/4 le 32
end-set
!
route-policy RPL_WAN_IN1
apply RPL_DENY_COM
apply RPL_DENY_BOGONS
pass
end-policy
!
route-policy RPL_DENY_COM
if destination in PS_COM then
drop
else
pass
endif
end-policy
!
route-policy RPL_WAN_OUT1
apply RPL_PERMIT_COM
drop
end-policy
!
route-policy RPL_WAN_OUT2
if destination in PS_COM then
pass
else
drop
endif
end-policy
!
route-policy RPL_PERMIT_COM
if destination in PS_COM then
pass
endif
end-policy
!
route-policy RPL_DENY_BOGONS
if destination in PS_BOGONS then
drop
else
pass
endif
end-policy

router bgp 11111
address-family ipv4 unicast
network 10.0.0.0/20
network 11.0.0.0/22
!
neighbor 12.0.0.1
remote-as 22222
description iBGP
address-family ipv4 unicast
next-hop-self
soft-reconfiguration inbound always
-->send-community-ebgp
--> route-policy AS_PATH_POLICY
!
neighbor 13.0.0.1
remote-as 00000
description Original IP Transit
address-family ipv4 unicast
route-policy RPL_WAN_IN1 in
route-policy RPL_WAN_OUT2 out
next-hop-self
soft-reconfiguration inbound always
-->send-community-ebgp
--> route-policy AS_PATH_POLICY
!
neighbor 14.0.0.1
remote-as 44444
password encrypted 10425A0D08444305
description New IP Transit
address-family ipv4 unicast
weight 500
route-policy RPL_WAN_IN1 in
maximum-prefix 1600000 80 warning-only
route-policy RPL_WAN_OUT2 out
next-hop-self
soft-reconfiguration inbound always
!
--> route-policy AS_PATH_POLICY
--> pass
--> as-path prepend xxxx
--> end-policy

DavidGIP · ‎01-07-2024

Thank you for the information. I will try to make the changes tonight during a maintenance and see if this has the effects we are hoping for.

Just to make sure, if I I implement the as-path prepend on the link on Main RT, it will make the inbound traffic flow through the new link? This won't affect the inbound traffic coming into the Second RT?

paul driver · ‎01-08-2024

Hello
First please be careful when you append any changes to an existing production network you are not familiar with.
Now based on your topology diagram and the partial configuration output , They doesn't not seem to have parity, I dont see any ibgp peering?

router bgp 11111

neighbor 12.0.0.1
remote-as 22222
description iBGP

neighbor 13.0.0.1
remote-as 00000

neighbor 14.0.0.1
remote-as 44444

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

DavidGIP · ‎01-10-2024

Example of sho ip bgp:

Network Next Hop Metric LocPrf Weight Path
*> 1.0.0.0/24 14.0.0.1 16030 500 174 13335 i
* 13.0.0.1 0 31877 13335 i
* i 12.0.0.1 1010 100 0 174 13335 i
*> 1.0.4.0/22 14.0.0.1 73090 500 174 7545 2764 38803 i
* 13.0.0.1 0 31877 1299 7545 2764 38803 i
* i 12.0.0.1 58070 100 0 174 7545 2764 38803 i
*> 1.0.5.0/24 14.0.0.1 73090 500 174 7545 2764 38803 i
* 13.0.0.1 0 31877 1299 7545 2764 38803 i
* i 12.0.0.1 58070 100 0 174 7545 2764 38803 i

MHM Cisco World · ‎01-10-2024

friend it not hard
the best path selection criteria are (most use)
1-Weight

2-LP

3- AS-PATH (the empty is default 100)

Network Next Hop Metric LocPrf Weight Path
*> 1.0.0.0/24 14.0.0.1 16030 100 500 174 13335 i
* 13.0.0.1 100 0 31877 13335 i
* i 12.0.0.1 1010 100 0 174 13335

so weight here bgp select first one since it weight is higher 500
I need to change this
make the weight of other path highest than this path

DavidGIP · ‎01-10-2024

I understand that prepending the neighbors I don't want to use will push the traffic to that one neighbor. What I am trying to do now is get inbound traffic coming into Neighbor 14.0.0.1, while possibly keeping inbound traffic going across the other neighbors as well.

MHM Cisco World · ‎01-10-2024

I confuse here
but let simplest the issue
you have three neighbor 14.0.0.1 13.0.0.1 12.0.0.1
any traffic to 1.0.0.0 will pass though 14.0.0.0
any traffic toward your network must via one of them (the show ip bgp dont show the network you advertise to these neighbor, so I will assume it 5.5.5.5)
so any traffic toward your 5.5.5.5 is effect by
1- AS-Prepend <<- this can use via RPL and send as-prepend
2- MED <<- this not recommend in many cases

the effect of as-prepend you will see in neighbor show ip bgp not in your router
MHM