Configuration BGP multi-homing with same ISP

sebastien3 · ‎04-02-2022

Hello,

I have two ASBR routers which are connected to the same ISP AS6939 in BGP full-feed IPV4 and IPV6.

The two ASBR routers are connected in full-mesh.

=> I want to prioritize IN/OUT traffic on Router1
=> Router2 will be used if Router1 goes down

Router1 and Router2 send the default route (0.0.0.0 and ::/0) to other ABR internal routers.
ABR routers have a BGP priority over ASBR Router1 for default gateway 0.0.0.0 and ::/0 :

neighbor RTR-1 route-map SET_LOCALPREF_RTR-1 in
neighbor RTR-2 route-map SET_LOCALPREF_RTR-2 in

route-map SET_LOCALPREF_RTR-1 permit 10
set local-preference 500
!
route-map SET_LOCALPREF_RTR-2 permit 10
set local-preference 50
!

What do you think is the best way to configure BGP with ISP AS6939 so that Internet traffic comes first to Router1 and not to Router 2 ?

Thank you !

Harold Ritter · ‎04-02-2022

Hi @sebastien3 ,

You could just set the MED lower for updates advertised from Router 1 to AS6939. Make sure you discuss it with them to make sure they accept the MED.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

MHM Cisco World · ‎04-02-2022

Your design Need
1-to prefer ASBR to send traffic to ISP1 and make other ASBR send traffic to it instead of using direct connect ISP I prefer config weight.
2-Direct link between two ASBR if ISP link is down in ONE ASBR then the traffic will forward to other ASBR
3-ABR must connect to both ASBR if one "Edge Router" failed then the traffic will forward to other
4-redictriubte from BGP into OSPF is not prefer, Many Cisco Doc. recommend to inject the network directly with Net command OR default information , and if you select this way keep notice to config the metric of 0.0.0.0/0 for one ASBR "you select it" is better than other ASBR.

MHM Cisco World · ‎04-02-2022

Just i want to mention that this control traffic for OUT only.

For IN you need to review all path until other side.

OR

Do this

Split the subnet you advertise to SP,

Each ASBR edge router will advertise split with full subnet,

This give you load balance between both edge router and full subnet give you failover in case that one edge router fialed.

sp2720401 · ‎04-02-2022

You will want to be careful about using prefix length to control inbound selection. Any prefix larger than /24 (/48 IPv6) is normally filtered between AS. The /25 or /28 prefixes on the global BGP table are an experiment to check how far a longer than /24 prefix will propagate.

If you only have a /24, breaking it down further may not even be accepted by your ISP.

https://labs.ripe.net/author/stephen_strowes/visibility-of-ipv4-and-ipv6-prefix-lengths-in-2019/

https://labs.ripe.net/author/emileaben/propagation-of-longer-than-24-ipv4-prefixes/

https://blog.apnic.net/2021/01/05/bgp-in-2020-the-bgp-table/

sp2720401 · ‎04-02-2022

Are you pulling in the whole internet BGP table or just a default route?
Since it is the same ISP will they accept longer length masks for your sites prefix?

Do you own the IP space or did you get it assigned by the ISP?

What does your ISP allow for controlling inbound traffic (MED, Local Preference, Communities, AS-PATH length, prefix lengths)?

There are alot of ways you can accomplish what you want but all of them require finding out what your ISP will accept.

local preference to select outbound and AS-PATH prepending to the ISP to control inbound.

-or-
local preference and advertise your own full prefix to both peers then the primary peer can advertise longer prefix for the same subnet.

-or-
local preference out and send MED to the ISP to control in

-or-

local preference out and have the ISP use local preference on their side.

Then do what MHM mentioned and directly connect your edge routers then establish iBGP over that link.

I would normally prefer to own the IP space and have two different ISPs. One ISP for two links can still be a single point of failure.

Flavio Miranda · ‎04-02-2022

Hi

If you dont want rely on ISP, you can use AS prepending on router 2. That way you make the world think that the path through R1 is more interesting than R2.

router bgp xxxx
bgp log-neighbor-changes

neighbor X.X.X.X remote-as xxxx
neighbor X.X.X.X route-map prepend out
!
route-map prepend permit 10
set as-path prepend xxxx xxxx

sp2720401 · ‎04-02-2022

It is a single ISP. You still need to find out if the ISP will honor your prepend for path selection. Depending on what type of edge device they are using there are things higher up in the path selection order than AS PATH length. Traffic Engineering, Weight, Local Preference, Static, route Policy, or SD path selection.

AS path selection is the method you would use for multiple ISPs since you will be controlling whether their AS will even get the traffic to forward into your AS.

paul driver · ‎04-02-2022

Hello
You could use the main preferred bgp attributes for dual isp peering and ibgp peers - as-prepend (egress prefix advertisement) and local preference (ingress received prefixes) however can you post a topology of your network please?

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

sebastien3 · ‎04-03-2022

Hello all,

Thank for your answer !

Here is a diagram of the network :

IN/OUT traffic uses Router1 and Router3.

Router1 and Router3 receive full-view IPV4/IPV6 and not a default route.

Router1 and Router3 send prefix IPV4 /24 and IPV6 /48 to AS6939/AS174.

Now I want to add Router2 which will receive IPV4 and IPV6 full-view from AS6939. Router2 will be used if Router1 goes down.

ABR1 and ABR2 receive an IPV4 (0.0.0.0) and IPV6 (::/0) default route from the 3 ASBRs.

A preference is given on each ABR to choose the output ASBR router :

neighbor RTR-1 route-map SET_LOCALPREF_RTR-1 in
neighbor RTR-2 route-map SET_LOCALPREF_RTR-2 in

neighbor RTR-3 route-map SET_LOCALPREF_RTR-3 in

route-map SET_LOCALPREF_RTR-1 permit 10
set local-preference 500
!
route-map SET_LOCALPREF_RTR-2 permit 10
set local-preference 50
!

route-map SET_LOCALPREF_RTR-3 permit 10
set local-preference 500
!

I don't really know what to put in place ont ASBR : MED/PREPEND.

For MED it seems to me to use bgp always-compare-med and bgp deterministic-med on all three ASBR routers ??

MHM Cisco World · ‎04-03-2022

bgp always-copamre-med
bgp deterministic-med

these two commend not effect here, It effect for OUT

SiteA-SiteB "your site"
SiteA send MED and you use it to prefer the Path so form your site view it control OUT.

MED or PREPEDN ?

MED use only between two AS, i.e.
AS1-AS2-AS3
MED config in AS1 only AS2 will see this attribute and hence can use it, AS3 never see this value.

Prepend for IN traffic is good choice BUT prepend your AS number not any random number.

NOTE:-some SP have policy to remove/modify the AS-PATH <<here you must contact the SP to see if they accept the prepend or not.

sp2720401 · ‎04-03-2022

It looks like you would do AS Path prepending to control inbound traffic between HE and Cogent.

Hurricane Electric looks like it uses communities to set local preference on paths to your network. You will want to contact them to get what communities equal what local preferences.

Cogen and HE both also offer prefix blackholing communities as a service for /32s, as a security feature.

https://www.he.net/adm/blackhole.html