cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3977
Views
1
Helpful
25
Replies

BGP routes in edge route connected to ISP

interfacedy
Spotlight
Spotlight

Hi there is a router connected to ISP. BGP in the router can allow all bgp routes in from ISP or none of them. What is benefit if we allow all bgp routes into the router from ISP? I know some of them. Anyone can mention all of them? Thanks

25 Replies 25

Leftz
Level 4
Level 4

@Kanan Huseynli When you said LX and IX, what does mean? routes exchange? 

Routes and traffic.

Policies for both often are found being used at exchanges.

Suggest you search Internet for more information (as there's likely to much of).

Hi,

there are the same as "local internet exchange points" and "internet exchange points".

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

Leftz
Level 4
Level 4

When there is full bgp, public ip address within client can be used to create tunnel such as gre or vpn to outside devices. this way we do not have to create the tunnel on edge router or firewall.  

Hmm, unclear how that's true.  Could you further explain?

Leftz
Level 4
Level 4

R1(with public ip address) -----R2-------ISP------R3(another client edge router)

R1 is internal router and R2 is edge router. If R1 has public ip address, vpn tunnel can be setup between R1 and R3. otherwise the vpn has to be setup between R2 and R3. But R1 cannot has public ip address unless R2 has full bgp or partial. can we say it like this?  

No, don't believe you can say, in your example, R2 needs full or partial BGP Internet routes.

R1 and R2 only need default routes pointing toward Internet.  ISP only needs route to R1's public IP(s).

I do agree R1 needs public IP.

@Leftz suggests a topology with R1 and R2 going through Internet to get to R3 and asks about a vpn between R1 and R3. I agree with @Joseph W. Doherty that it is easier to do the vpn if R1 has a public IP. But that is not a requirement. If R2 has an appropriate static NAT it can forward the vpn traffic between R3 and R1. I have set this up for customers and it does work.

@Leftz asks " But R1 cannot has public ip address unless R2 has full bgp or partial". That is not correct. It is quite possible that R1 could have a Public IP address and R2 receives only a default route from the ISP. The ISP will provide a Public IP to be used on the interface for the transit link connecting the customer to the ISP. If the customer negotiates for it the ISP can also provide another Public IP (or block of Public IPs) for use inside the customer network. All the ISP needs to know is that to forward traffic to the assigned additional IP(s) it forwards the traffic to the transit address. So R1 could work just fine with only a default route.

HTH

Rick

"I agree with @Joseph W. Doherty that it is easier to do the vpn if R1 has a public IP. But that is not a requirement."

Nitpicking  (laugh) but question was posed with R1 having a public IP, i.e. "R1(with public ip address)"

Although that posting specifically also mentioned using a VPN tunnel from R1 to R3, I didn't specifically write that the tunnel's termination IP needs be a public IP.  (I do agree with Rick, though, it would be easier if it was, but as Rick also described, it could be behind a NAT [BTW public] IP too.)

The basic premise of @Leftz's post, is BGP, specifically with partial or full Internet route tables, is required, and as Rick also writes "That is not correct."  Rick also further describes why @Leftz premise is incorrect.

Leftz
Level 4
Level 4

So whether or not R1 has public IP has nothing related with full bgp or partial.

default bgp at edge router also allow internal device to own public ip address? 

"So whether or not R1 has public IP has nothing related with full bgp or partial."

Correct, at least on CE side.  Also true for your R2 and R3.

"default bgp at edge router also allow internal device to own public ip address?"

It can, but again, BGP, on CE (your side), doesn't need BGP at all.  Like Rick, there can be advantages to BGP peering with ISP, if only to obtain a default route via BGP, but it's not required.  In fact, often for a single and/or low-end ISP connection, ISP often will not want to BGP peer with customer, because it offers so little benefit to customer vs. work the ISP must do to provide and support it.

BTW, in the examples we're discussing, generally its the ISP who "owns" the public IP.  To "own" your own public IPs you need to obtain your own AS with its own IP allocations.  (Also BTW, obtaining your own AS isn't easy, as they too are limited in quantity.)