Solved: Re: BGP two ISP Single router LAN configuration

kazimjhon · ‎08-22-2022

I want to load share and failover on single router with two different isp. I have two /24 prefixes and want to use 103.216.135.0/24 on ISP-1 and 103.158.35.0/24 on isp two. Cisco community send the configuration its ok but issue is pending due to I have only one LAN port and i am using Inter Vlan routing on that. so what will be the configuration of my LAN side beacuase they mentioned

 ( ip policy route-map 158OUT gi2/0 ) and ( ip policy route-map 216OUT gi2/1)

on my lan interfaces.

Below is my InterVLAN Routing configuration

interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
no cdp enable
!
interface GigabitEthernet0/1.1
encapsulation dot1Q 100
ip address 103.216.135.1 255.255.255.240
!
interface GigabitEthernet0/1.2
encapsulation dot1Q 101
ip address 103.158.35.1 255.255.255.240
!
interface GigabitEthernet0/1.3
encapsulation dot1Q 102
ip address 103.216.135.17 255.255.255.240
!
interface GigabitEthernet0/1.4
encapsulation dot1Q 103
ip address 103.216.135.105 255.255.255.248
op
!
interface GigabitEthernet0/1.5
encapsulation dot1Q 104
ip address 103.216.135.249 255.255.255.248
!
interface GigabitEthernet0/1.6
encapsulation dot1Q 105
ip address 103.158.35.209 255.255.255.240
!
interface GigabitEthernet0/1.7
encapsulation dot1Q 106
ip address 103.216.135.177 255.255.255.240
============================================

Cisco Community sends the below configuration for two LAN ports


interface FastEthernet0/0
ip address 103.158.35.1 255.255.255.0
ip policy route-map 158OUT
duplex full
!
interface FastEthernet1/0
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet1/1
ip address 103.216.135.1 255.255.255.0
ip policy route-map 216OUT
speed auto
duplex auto
!
interface FastEthernet2/0
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet2/1
no ip address
shutdown
speed auto
duplex auto
!
interface Serial3/0
ip address 182.176.221.174 255.255.255.252
serial restart-delay 0
!
interface Serial3/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial3/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial3/3
ip address 110.39.166.146 255.255.255.252
serial restart-delay 0
!
interface GigabitEthernet4/0
no ip address
shutdown
negotiation auto
!
router bgp 135384
bgp log-neighbor-changes
network 103.158.35.0 mask 255.255.255.0
network 103.216.135.0 mask 255.255.255.0
neighbor 110.39.166.145 remote-as 38264
neighbor 110.39.166.145 route-map 216Traffic out
neighbor 110.39.166.145 filter-list 382 out
neighbor 182.176.221.173 remote-as 17557
neighbor 182.176.221.173 route-map 158Traffic out
neighbor 182.176.221.173 filter-list 175 out
!
ip forward-protocol nd
!
ip as-path access-list 175 permit ^$
ip as-path access-list 382 permit ^$
!
no ip http server
no ip http secure-server
!
!
ip prefix-list 158Traffic seq 10 permit 103.158.35.0/24
!
ip prefix-list 216Traffic seq 10 permit 103.216.135.0/24
access-list 100 permit ip 103.158.35.0 0.0.0.255 any
access-list 110 permit ip 103.216.135.0 0.0.0.255 any
!
route-map 158Traffic permit 10
match ip address prefix-list 216Traffic
set as-path prepend 135384
!
route-map 158Traffic permit 20
!
route-map 158OUT permit 10
match ip address 100
set interface Serial3/0
!
route-map 216Traffic permit 10
match ip address prefix-list 158Traffic
set as-path prepend 135384
!
route-map 216Traffic permit 20
!
route-map 216OUT permit 10
match ip address 110
set interface Serail3/3

MHM Cisco World · ‎08-23-2022

interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
no cdp enable
!
interface GigabitEthernet0/1.1
encapsulation dot1Q 100
ip address 103.216.135.1 255.255.255.240
ip policy route-map  216OUT
!
interface GigabitEthernet0/1.2
encapsulation dot1Q 101
ip address 103.158.35.1 255.255.255.240
ip policy route-map  158OUT
!
interface GigabitEthernet0/1.3
encapsulation dot1Q 102
ip address 103.216.135.17 255.255.255.240
ip policy route-map  216OUT
!
interface GigabitEthernet0/1.4
encapsulation dot1Q 103
ip address 103.216.135.105 255.255.255.248
ip policy route-map  216OUT
op
!
interface GigabitEthernet0/1.5
encapsulation dot1Q 104
ip address 103.216.135.249 255.255.255.248
ip policy route-map  216OUT
!
interface GigabitEthernet0/1.6
encapsulation dot1Q 105
ip address 103.158.35.209 255.255.255.240
ip policy route-map  158OUT
!
interface GigabitEthernet0/1.7
encapsulation dot1Q 106
ip address 103.216.135.177 255.255.255.240
ip policy route-map  216OUT
============================================

Cisco Community sends the below configuration for two LAN ports
interface FastEthernet0/0
ip address 103.158.35.1 255.255.255.0
ip policy route-map 158OUT
duplex full
!
interface FastEthernet1/0
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet1/1
ip address 103.216.135.1 255.255.255.0
ip policy route-map 216OUT
speed auto
duplex auto
!
interface FastEthernet2/0
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet2/1
no ip address
shutdown
speed auto
duplex auto
!
interface Serial3/0
ip address 182.176.221.174 255.255.255.252
serial restart-delay 0
!
interface Serial3/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial3/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial3/3
ip address 110.39.166.146 255.255.255.252
serial restart-delay 0
!
interface GigabitEthernet4/0
no ip address
shutdown
negotiation auto
!
router bgp 135384
bgp log-neighbor-changes
network 103.158.35.0 mask 255.255.255.0
network 103.216.135.0 mask 255.255.255.0
neighbor 110.39.166.145 remote-as 38264
neighbor 110.39.166.145 route-map 216Traffic out
neighbor 110.39.166.145 filter-list 382 out
neighbor 182.176.221.173 remote-as 17557
neighbor 182.176.221.173 route-map 158Traffic out
neighbor 182.176.221.173 filter-list 175 out
!
ip forward-protocol nd
!
ip as-path access-list 175 permit ^$
ip as-path access-list 382 permit ^$
!
no ip http server
no ip http secure-server
!
!
ip prefix-list 158Traffic seq 10 permit 103.158.35.0/24
!
ip prefix-list 216Traffic seq 10 permit 103.216.135.0/24
access-list 100 permit ip 103.158.35.0 0.0.0.255 any
access-list 110 permit ip 103.216.135.0 0.0.0.255 any
!
route-map 158Traffic permit 10
match ip address prefix-list 216Traffic
set as-path prepend 135384
!
route-map 158Traffic permit 20
!
route-map 158OUT permit 10
match ip address 100
set interface Serial3/0
!
route-map 216Traffic permit 10
match ip address prefix-list 158Traffic
set as-path prepend 135384
!
route-map 216Traffic permit 20
!
route-map 216OUT permit 10
match ip address 110
set interface Serail3/3

View solution in original post

Georg Pauwen · ‎08-23-2022

Hello,

a common alternative for your topology would be to use weight, and split the entire IP address space in two. Have a look at the link below:

https://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/13762-40.html#anc43

kazimjhon · ‎08-23-2022

we are small providers and have our own ASN. Also two /24 prefixes purchased from APNIC and want these to use 103.216.135.0/24 on ISP-1 and 103.158.35.0/24 on isp two. We currently using both prefixes on isp1 ( subneted and assign to sub interfaces for inter vlan routing) now we have isp-2 and want load share plus failover on the mentioned scenario.

If it is clear then share the right configuration.

kazimjhon · ‎08-23-2022

we are receiving only default routes from both ISP's

Georg Pauwen · ‎08-23-2022

Hello,

post your full running configuration

(sh run)

Did you try to implement the split address solution described in the link ?

balaji.bandi · ‎08-23-2022

Your diagram and config not matching, as per the diagram you using Fas 1/0 and Fas 1/1 to connect ISP, config looks as below Serial 3/0 and 3/3 which required to be confirmed.

If the Router connected to switch using Fa0/0

the config looks as below with sub interface.

interface FastEthernet0/0.1
encapsulation dot1Q 100
ip address 103.158.35.1 255.255.255.0
ip policy route-map 158OUT
duplex full
!
interface FastEthernet0/0.2
encapsulation dot1Q 200
ip address 103.216.135.1 255.255.255.0
ip policy route-map 216OUT
speed auto
duplex auto

SWITCH config :
If this is connectd to Fas 0/0
vlan 100, 200

interface fas 0/0
switchport encapsulation dot1Q
switchport mode trunk




After that post output :

show ip bgp

show ip route

show bgp neigh

show IP interface brief

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

kazimjhon · ‎08-23-2022

I copy diagram from the the community which HHM made for me. I will configure my own interfaces.

i have multipale subinterfaces and subnets. so on every sub interface

(ip pollicy route-map will use will must)

kindly guide me

balaji.bandi · ‎08-23-2022

to assits better, we need to know real world config here to assits better.

where you looking to have PBR, you need to setup next hop.

(i have suggested based on the information)

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

MHM Cisco World · ‎08-23-2022

Use PBR under subinterface

kazimjhon · ‎08-23-2022

how to use PBR. as you have that lab so therefore edith for me and send me

MHM Cisco World · ‎08-23-2022

interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
no cdp enable
!
interface GigabitEthernet0/1.1
encapsulation dot1Q 100
ip address 103.216.135.1 255.255.255.240
ip policy route-map  216OUT
!
interface GigabitEthernet0/1.2
encapsulation dot1Q 101
ip address 103.158.35.1 255.255.255.240
ip policy route-map  158OUT
!
interface GigabitEthernet0/1.3
encapsulation dot1Q 102
ip address 103.216.135.17 255.255.255.240
ip policy route-map  216OUT
!
interface GigabitEthernet0/1.4
encapsulation dot1Q 103
ip address 103.216.135.105 255.255.255.248
ip policy route-map  216OUT
op
!
interface GigabitEthernet0/1.5
encapsulation dot1Q 104
ip address 103.216.135.249 255.255.255.248
ip policy route-map  216OUT
!
interface GigabitEthernet0/1.6
encapsulation dot1Q 105
ip address 103.158.35.209 255.255.255.240
ip policy route-map  158OUT
!
interface GigabitEthernet0/1.7
encapsulation dot1Q 106
ip address 103.216.135.177 255.255.255.240
ip policy route-map  216OUT
============================================

Cisco Community sends the below configuration for two LAN ports
interface FastEthernet0/0
ip address 103.158.35.1 255.255.255.0
ip policy route-map 158OUT
duplex full
!
interface FastEthernet1/0
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet1/1
ip address 103.216.135.1 255.255.255.0
ip policy route-map 216OUT
speed auto
duplex auto
!
interface FastEthernet2/0
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet2/1
no ip address
shutdown
speed auto
duplex auto
!
interface Serial3/0
ip address 182.176.221.174 255.255.255.252
serial restart-delay 0
!
interface Serial3/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial3/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial3/3
ip address 110.39.166.146 255.255.255.252
serial restart-delay 0
!
interface GigabitEthernet4/0
no ip address
shutdown
negotiation auto
!
router bgp 135384
bgp log-neighbor-changes
network 103.158.35.0 mask 255.255.255.0
network 103.216.135.0 mask 255.255.255.0
neighbor 110.39.166.145 remote-as 38264
neighbor 110.39.166.145 route-map 216Traffic out
neighbor 110.39.166.145 filter-list 382 out
neighbor 182.176.221.173 remote-as 17557
neighbor 182.176.221.173 route-map 158Traffic out
neighbor 182.176.221.173 filter-list 175 out
!
ip forward-protocol nd
!
ip as-path access-list 175 permit ^$
ip as-path access-list 382 permit ^$
!
no ip http server
no ip http secure-server
!
!
ip prefix-list 158Traffic seq 10 permit 103.158.35.0/24
!
ip prefix-list 216Traffic seq 10 permit 103.216.135.0/24
access-list 100 permit ip 103.158.35.0 0.0.0.255 any
access-list 110 permit ip 103.216.135.0 0.0.0.255 any
!
route-map 158Traffic permit 10
match ip address prefix-list 216Traffic
set as-path prepend 135384
!
route-map 158Traffic permit 20
!
route-map 158OUT permit 10
match ip address 100
set interface Serial3/0
!
route-map 216Traffic permit 10
match ip address prefix-list 158Traffic
set as-path prepend 135384
!
route-map 216Traffic permit 20
!
route-map 216OUT permit 10
match ip address 110
set interface Serail3/3

kazimjhon · ‎08-23-2022

thanks alot