06-17-2018 07:32 AM - edited 03-05-2019 10:36 AM
Hi Guys, We could use a little help developing a BGP solution. Here's the scenario:
We hired West to provide a service. They connected into our network at 6 HQ sites. Our network is somewhat complex. For some apps it's one big flat network. So a server at one site can push data out to all other sites on the network. For other apps, there are 3 groups. There is a primary HQ, a backup HQ, and approximately 5 remote sites for each group, There is a Cisco router at each site.
ATT provides the WAN (MPLS) that connects all the sites, and they require that we speak BGP to them.
We built a physical connection to West at each of the HQ sites similar to this:
HQA1
interface FastEthernet0/1/0
description Connected to West
ip address 100.1.1.1 255.255.255.248
HQA2
interface FastEthernet0/1/0
description Connected to West
ip address 100.1.2.1 255.255.255.248
We added West as a neighbor into each of the Host BGP routing statements - like this:
router bgp 65xxx
no synchronization
bgp log-neighbor-changes
network 10.x.x.x mask 255.255.254.0
network 10.x.x.x mask 255.255.254.0
network 192.168.x.x mask 255.255.255.252
redistribute ospf 100
neighbor 100.1.1.x remote-as 36xxx
neighbor 192.168.x.x remote-as 13xxx
no auto-summary
That gives us a route in each of the remote routers to West via the ATT BGP neighbor:
64.0.0.0/28 is subnetted, 2 subnets
B 64.1.1.144 [20/0] via 192.168.1.2, 00:00:11
B 64.1.1.160 [20/0] via 192.168.1.2, 00:00:04
The problem is the traffic from all remote sites is routed back to the same HQ site (HQB1).
RTC1#trace 64.1.1.173 source 10.1.1.254
Type escape sequence to abort.
Tracing the route to 64.1.1.173
1 192.168.1.2 4 msec 8 msec 8 msec
2 192.168.12.2 [AS 13111] [MPLS: Label 28015 Exp 3] 12 msec 8 msec 8 msec
3 192.168.2.1 [AS 13111] 8 msec 8 msec 8 msec
4 * * *
5 * * *
RTC3#trace 64.1.1.173 source 10.3.3.254
Type escape sequence to abort.
Tracing the route to 64.1.1.173
1 192.168.3.2 4 msec 8 msec 8 msec
2 192.168.13.2 [AS 13111] [MPLS: Label 28015 Exp 3] 12 msec 8 msec 8 msec
3 192.168.2.1 [AS 13111] 8 msec 8 msec 8 msec
4 * * *
5 * * *
West requires that
the 5 remotes for group 1 reply to them thru one of the HQ sites for group 1.
the 5 remotes for group 2 reply to them thru one of the HQ sites for group 2.
the 5 remotes for group 3 reply to them thru one of the HQ sites for group 3.
06-17-2018 11:11 AM
Hi!
Can you post the full config on the all routers which is participating BGP, use x the octet ip address you don´t want to public? Don´t forget to use .txt file when you are posting config:::
Can you draw how the connection is look like?
If you hide AS number in the beginning, please remember to hide when you running trace-route also and so on....
/Mohammed
06-18-2018 03:52 AM - edited 06-18-2018 04:02 AM
06-18-2018 04:07 AM
Hi!
Can you post the full config on the all routers which is participating BGP, use x the octet ip address you don´t want to public? Don´t forget to use .txt file when you are posting config:::
/Mohammed
06-18-2018 05:05 AM
I would just put route-maps on the bgp neighbours in each group. and associate these routemaps containing prefix lists to each neighbour.in each group the routers between west and ATT only advertise the west routes out to their group's remote sites, do the same for the other groups.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide