cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
850
Views
0
Helpful
3
Replies

BGP with 2 ISP and load sharing

Sameer Vashisth
Level 1
Level 1

Hello All,

We are having 2 ISP, have configured BGP for both the links on the same router, created vlans. We want traffic from selected vlans to go through ISP 1 and the rest all vlans to ISP 2, vlan 703 and vlan 801 to go through ISP 1 and rest all vlans to go through ISP 2

Router Configuration:

interface GigabitEthernet0/1.700
encapsulation dot1Q 700
ip address x.x.x.1 255.255.255.252
!
interface GigabitEthernet0/1.701
encapsulation dot1Q 701
ip address x.x.x.25 255.255.255.252
rate-limit input 8192000 224200 224288 conform-action transmit exceed-action drop
rate-limit output 8192000 224200 224288 conform-action transmit exceed-action drop
!
interface GigabitEthernet0/1.702
encapsulation dot1Q 702
ip address y.y.y.5 255.255.255.252
rate-limit input 1192000 224200 224288 conform-action transmit exceed-action drop
rate-limit output 1192000 224200 224288 conform-action transmit exceed-action drop
!
interface GigabitEthernet0/1.703
description WSC
encapsulation dot1Q 703
ip address y.y.y.9 255.255.255.252
rate-limit input 8192000 224200 224288 conform-action transmit exceed-action drop
rate-limit output 8192000 224200 224288 conform-action transmit exceed-action drop
!
interface GigabitEthernet0/1.801
encapsulation dot1Q 801
ip address z.z.z.33 255.255.255.248
rate-limit input 3192000 224200 224288 conform-action transmit exceed-action drop
rate-limit output 3192000 224200 224288 conform-action transmit exceed-action drop
!
interface GigabitEthernet0/1.802
encapsulation dot1Q 802
ip address z.z.z.41 255.255.255.248
rate-limit input 4288000 444200 444288 conform-action transmit exceed-action drop
rate-limit output 4288000 444200 444288 conform-action transmit exceed-action drop
!
interface GigabitEthernet0/1.803
encapsulation dot1Q 803
ip address z.z.z.1 255.255.255.240
!

router bgp 33333
no synchronization
bgp log-neighbor-changes
bgp bestpath as-path multipath-relax
network x.x.x.0 mask 255.255.255.0
network y.y.y.0 mask 255.255.255.0
network z.z.z.0 mask 255.255.255.0
redistribute static
neighbor a.a.a.a remote-as 1111
neighbor a.a.a.a soft-reconfiguration inbound
neighbor a.a.a.a weight 30000
neighbor b.b.b.b remote-as 2222
neighbor b.b.b.b soft-reconfiguration inbound
neighbor b.b.b.b weight 30000
maximum-paths 2
no auto-summary
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 a.a.a.a
ip route 0.0.0.0 0.0.0.0 b.b.b.b
ip route x.x.x.0 255.255.255.0 Null0
ip route y.y.y.0 255.255.255.0 Null0
ip route z.z.z.0 255.255.255.0 Null0
no ip http server
no ip http secure-server

3 Replies 3

e.ciollaro
Level 4
Level 4

Hi,

there are multiple possible solutions based on many technologies, for example PBR, VRF, IGP metric,..

To understand which is the best, or at least which one I would use, I need some more information.

Really I didn't understand if ISPs connect you to Internet or to two MPLS network. In the first scenario are you using ISP's public address or have you got your AS and public IP ?

In the second scenario  it could be useful to know if remote sites are connected to both ISP or just one and if you need interVLAN routing or VLANs just need to send traffic to ISP but not between them (if intervlan routing is not required you can assign VLAN interf to different VRF)

Finally: do you want that each ISP could be used as a backup of the other ISP or not ?

Let me know, bye

enrico

Hello Enrico,

Thanks for your reply. We are using 2 ISP's to connect to internet, both have provided us a /30 subnet. We have our own AS and a /22 Pool.

We want to bind the vlan to a particular ISP, for eg. traffic from vlan 700 should go through ISP 1 and Vlan 802 to go through ISP 2, if any of the ISP is down then the other link can be used as a backup link.

Regards

Sameer

Well, in this scenario I think that the best thing to do is subnetting your /22 and use a part for IP-hosts that have to use ISP1 and the other for hosts that have to use ISP2.

For outgoing traffic you can balance using PBR 

For incoming traffic advertise both subnet to each ISP but using different BGP PA ( typically making prepend) so that traffic form Internet is correctly load balanced.

Another architecture (more robust) can be based on a couple of routers, an HSRP groups for each VLAN so that router 1 is active for VLANs that have to use ISP1 and router 2 is active for VLANs that have to use ISP2. iBGP configured between router 1 and 2 (advertising default route only) to forward traffic in case of WAN failure

e

Review Cisco Networking for a $25 gift card