Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1677
Views
0
Helpful
6
Replies

BGP Question: Can I advertise a BGP prefix provided by one carrier out to another carrier?

Go to solution
jgesualdi
Level 1
Level 1

‎08-10-2020 06:01 PM

I will have redundant Internet connections from 2 different carriers. For example one could be China Telecom and the other China Mobile.  From the first carrier I will get some address space ( a prefix ) to be used at my site .  The question I have is can I advertise that prefix out to the other carrier  via BGP? 

 

The reason why I want to do this is for redundancy. If the first carrier Internet connection goes down I want people on the Internet to access my site via the secondary carrier.

 

Thanks

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
paul driver
VIP
VIP
In response to jgesualdi

‎08-12-2020 01:21 AM

Hello

Not sure if this question has been asked but is there a reason why you cannot procure addressing from each provider then engineer your Lan traffic between the two ISPs'?


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Richard Burts
Hall of Fame
Hall of Fame

‎08-10-2020 08:44 PM

From a technical perspective this question has a simple answer: yes you can receive an IP address block from one provider and advertise that address block to another provider. But there are several conditions that must be met. One condition is that the address block must be at least a /24. Most provider will not accept an advertisement smaller than/24. Another condition is that the provider who provides the address block must give permission for you to advertise the address block. Typically this is a letter of authorization. I worked with a customer who did this and it was quite successful. 

HTH

Rick
0 Helpful

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame

‎08-10-2020 11:17 PM

Hello @jgesualdi ,

if the prefix  belongs to the address space of ISP1 you need to make agreements with both ISP1 and ISP2 in order to have ISP2 to accept the prefix and to propagate it.

Do you have your own public BGP AS number ?

This is also an advantage for this setup to work.

As noted by Richard the prefix should be at least a /24 .

 

Hope to help

Giuseppe

 

 

0 Helpful

Go to solution
jgesualdi
Level 1
Level 1
In response to Giuseppe Larosa

‎08-11-2020 04:12 AM

I do have my own BGP AS and usually I advertise my own public address space. Actually that's how it's working today but I have been told to stop using my public IP's and use address space provided by the carrier  in China.  That's another story I don't want to get into. My plan was two get two small subnets from one carrier  and re ip my DMZ's with it. This would work great for everyone reaching my network from Carrier A. For the other circuit other carrier  I would advertise that space to them via BGP. Each circuit has it's own router. Maybe I try to get a /24 and break it into two smaller subnets.

 

Is there something else I should consider to solve this problem? I'm thinking this is the only solution.

 

Thanks.

 

 

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to jgesualdi

‎08-11-2020 12:26 PM

Thanks for the additional explanation. I do have some comments:

- glad that you do have your own AS #. That makes it easier to communicate with 2 ISP.

- surprising that you have public IP address space but will stop using it. But if that is a story you do not want to get into then we will not go there. You asked a question about how to make it work and we will concentrate on that part.

- you comment that "My plan was two get two small subnets from one carrier" Be very careful about the size of the subnets. As we have commented if it is not at least a /24 then it will not be accepted by most ISP.

- it is not clear whether you want to use the 2 ISP as primary/backup (easier to accomplish when you are using address space from one of them) or to use as load sharing (both actively carrying traffic - more of a challenge to accomplish). 

- you should have pretty good control over traffic originated from your internal network to the Internet. But responses from the Internet to your internal network might come back through ISP A, but also it might come back through ISP B. Would that be an issue?

- it is not clear whether you have been doing address translation for traffic originated from your internal network going to the Internet or whether you have been using Public IP (which does not need translation). I am guessing that when you switch to IP addresses from ISP A that you will need to implement address translation to use those addresses. 

- dynamic address translation using the addresses from ISP A should be fairly straightforward and should take case of traffic initiated from your internal network to the Internet and responses from the Internet to your internal network. If there are devices in your internal network which need to be accessed from the Internet you would need static address translation for them, which might be a bit more of a challenge.

- there is another alternative that you might consider. Rather than use one address block from ISP A and advertising it to ISP B you might consider getting an address block from each of them. Set up routing in your internal network to decide whether to forward traffic to ISP A or to ISP B (might be done as primary/backup or done as both active/load sharing) and do address translation on your edge routers, so that traffic forwarded to ISP A was translated by those addresses, and traffic forwarded to ISP B was translated by those addresses. This approach could work well for traffic initiated from your internal network to the Internet and responses (and would eliminate any issue of asymmetric routing) but would present a challenge if some of your internal devices need to be accessible to traffic initiated from the Internet to them.

HTH

Rick
0 Helpful

Go to solution
jgesualdi
Level 1
Level 1
In response to Richard Burts

‎08-11-2020 04:32 PM

I will ask for a /24 and break it into 3 or 4 smaller subnets for my DMZ's but when I advertise it out via BGP it will be a /24.

 

I plan on using both links in and out

 

I can control outbound traffic flows using MHSRP on the routers and two default routes on the FW pointing to the 2 MHSRP vips. I will load balance outbound.

 

Inbound both links will be used as I'm planning on advertising the /24 from carrier A out both links. I don't see any issue with traffic leaving ISPA and coming bak on ISPB.

 

Yes I will use address translation using the IP space from ISP A.

 

I don't think I can use your last suggestion. I will be hosting services in that location. 

 

Appreciate the input. Thank you.

0 Helpful

Go to solution
paul driver
VIP
VIP
In response to jgesualdi

‎08-12-2020 01:21 AM

Hello

Not sure if this question has been asked but is there a reason why you cannot procure addressing from each provider then engineer your Lan traffic between the two ISPs'?


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card