Re: eBGP with one router and two ISPs - how do I prefer one ISP over the other

sgossen · ‎04-13-2018

I'm running eBGP with two ISPs on a single Cisco 4331. ISP A is a 100Mb connection, ISP B is a 20Mb connection. If I perform a "show ip route" about 60% of my outbound routes route thru ISP B - the smaller connection. How can I force more of my outbound traffic to use ISP A? My current BGP config is below. (scrubbed copy for security purposes)

show run | section bgp
router bgp <MY-ASN>
no bgp fast-external-fallover
bgp log-neighbor-changes
neighbor <ISP-B-IP> remote-as <ISP-B-AS>
neighbor <ISP-B-IP> description ISP B - 20Mb Fiber
neighbor <ISP-B-IP> ebgp-multihop 3
neighbor <ISP-B-IP> timers 15 45
!
neighbor <ISP-A-IP> remote-as <ISP-A-AS>
neighbor <ISP-A-IP> description ISP A - 100Mb Fiber
neighbor <ISP-A-IP> version 4
!
address-family ipv4
network <MY-PUBLIC-IP-BLOCK> mask 255.255.255.0
neighbor <ISP-B-IP> activate
neighbor <ISP-B-IP> soft-reconfiguration inbound
neighbor <ISP-B-IP> prefix-list reserved in
neighbor <ISP-B-IP> prefix-list announce out
neighbor <ISP-B-IP> route-map PREPEND out
neighbor <ISP-A-IP> activate
neighbor <ISP-A-IP> soft-reconfiguration inbound
neighbor <ISP-A-IP> prefix-list reserved in
neighbor <ISP-A-IP> prefix-list announce out
neighbor <ISP-A-IP> route-map PREFROUTE in
maximum-paths 2
exit-address-family

...

route-map PREFROUTE permit 10
set local-preference 500
route-map PREPEND permit 10
set as-path prepend <MY-ASN> <MY-ASN> <MY-ASN> <MY-ASN>

Thanks,

Go0se

Georg Pauwen · ‎04-13-2018

Hello,

post the output of 'show ip route'...

sgossen · ‎04-13-2018

It's 70,000+ lines long. Can I just give you a snippet?

sgossen · ‎04-13-2018

#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR

Gateway of last resort is <ISP-A-IP> to network 0.0.0.0

B* 0.0.0.0/0 [20/0] via <ISP-A-IP>, 19:35:52
S 0.0.0.0/8 is directly connected, Null0
1.0.0.0/8 is variably subnetted, 111 subnets, 10 masks
B 1.1.8.0/24 [20/0] via <ISP-A-IP>, 19:35:33
B 1.2.4.0/24 [20/0] via <ISP-B-IP>, 7w0d
B 1.24.0.0/13 [20/0] via <ISP-B-IP>, 7w0d
B 1.34.0.0/15 [20/0] via <ISP-B-IP>, 2d19h
B 1.34.0.0/16 [20/0] via <ISP-B-IP>, 7w0d
B 1.35.0.0/16 [20/0] via <ISP-B-IP>, 2d19h
B 1.45.0.0/16 [20/0] via <ISP-B-IP>, 7w0d
B 1.45.0.0/17 [20/0] via <ISP-B-IP>, 7w0d
B 1.45.16.0/22 [20/0] via <ISP-B-IP>, 7w0d
B 1.45.20.0/22 [20/0] via <ISP-B-IP>, 6w3d
B 1.45.24.0/22 [20/0] via <ISP-B-IP>, 7w0d
B 1.45.28.0/22 [20/0] via <ISP-B-IP>, 7w0d
B 1.45.32.0/22 [20/0] via <ISP-B-IP>, 6w3d
B 1.45.36.0/22 [20/0] via <ISP-B-IP>, 7w0d
B 1.45.40.0/22 [20/0] via <ISP-B-IP>, 6w3d
B 1.45.44.0/22 [20/0] via <ISP-B-IP>, 6w3d
B 1.45.48.0/22 [20/0] via <ISP-B-IP>, 7w0d
B 1.45.52.0/22 [20/0] via <ISP-B-IP>, 6w3d
B 1.45.56.0/22 [20/0] via <ISP-B-IP>, 7w0d
B 1.45.60.0/22 [20/0] via <ISP-B-IP>, 7w0d
B 1.45.64.0/22 [20/0] via <ISP-B-IP>, 6w3d
B 1.45.68.0/22 [20/0] via <ISP-B-IP>, 7w0d
B 1.45.72.0/22 [20/0] via <ISP-B-IP>, 6w3d
B 1.45.76.0/22 [20/0] via <ISP-B-IP>, 6w3d
B 1.45.80.0/22 [20/0] via <ISP-B-IP>, 7w0d
B 1.45.84.0/22 [20/0] via <ISP-B-IP>, 6w3d
B 1.45.88.0/22 [20/0] via <ISP-B-IP>, 7w0d
B 1.45.92.0/22 [20/0] via <ISP-B-IP>, 7w0d
B 1.45.96.0/22 [20/0] via <ISP-B-IP>, 6w3d
B 1.45.100.0/22 [20/0] via <ISP-B-IP>, 7w0d
B 1.45.104.0/22 [20/0] via <ISP-B-IP>, 6w3d
B 1.45.108.0/22 [20/0] via <ISP-B-IP>, 6w3d
B 1.45.112.0/22 [20/0] via <ISP-B-IP>, 7w0d
B 1.45.116.0/22 [20/0] via <ISP-B-IP>, 6w3d
B 1.45.120.0/22 [20/0] via <ISP-B-IP>, 7w0d
B 1.45.124.0/22 [20/0] via <ISP-B-IP>, 7w0d
B 1.45.128.0/17 [20/0] via <ISP-B-IP>, 7w0d
B 1.45.128.0/22 [20/0] via <ISP-B-IP>, 6w3d
B 1.45.132.0/22 [20/0] via <ISP-B-IP>, 7w0d
B 1.45.136.0/22 [20/0] via <ISP-B-IP>, 6w3d
B 1.45.140.0/22 [20/0] via <ISP-B-IP>, 6w3d
B 1.45.144.0/22 [20/0] via <ISP-B-IP>, 7w0d
B 1.45.148.0/22 [20/0] via <ISP-B-IP>, 6w3d
B 1.45.152.0/22 [20/0] via <ISP-B-IP>, 7w0d
B 1.45.156.0/22 [20/0] via <ISP-B-IP>, 7w0d
B 1.45.160.0/22 [20/0] via <ISP-B-IP>, 6w3d
B 1.45.164.0/22 [20/0] via <ISP-B-IP>, 7w0d
B 1.45.168.0/22 [20/0] via <ISP-B-IP>, 6w3d
B 1.45.172.0/22 [20/0] via <ISP-B-IP>, 6w3d
B 1.45.176.0/22 [20/0] via <ISP-B-IP>, 7w0d
B 1.45.180.0/22 [20/0] via <ISP-B-IP>, 7w0d
B 1.45.184.0/22 [20/0] via <ISP-B-IP>, 6w3d
B 1.45.188.0/22 [20/0] via <ISP-B-IP>, 7w0d
B 1.45.192.0/22 [20/0] via <ISP-B-IP>, 6w3d
B 1.45.196.0/22 [20/0] via <ISP-B-IP>, 6w3d
B 1.45.200.0/22 [20/0] via <ISP-B-IP>, 7w0d
B 1.45.204.0/22 [20/0] via <ISP-B-IP>, 6w3d
B 1.45.208.0/22 [20/0] via <ISP-B-IP>, 7w0d
B 1.48.0.0/15 [20/0] via <ISP-A-IP>, 19:35:35
B 1.50.0.0/16 [20/0] via <ISP-A-IP>, 19:35:35
B 1.56.0.0/13 [20/0] via <ISP-B-IP>, 7w0d
B 1.68.0.0/14 [20/0] via <ISP-A-IP>, 19:35:35
B 1.80.0.0/13 [20/0] via <ISP-A-IP>, 19:35:35
B 1.92.0.0/20 [20/0] via <ISP-A-IP>, 19:35:35
B 1.93.0.0/16 [20/0] via <ISP-B-IP>, 2w1d
B 1.96.0.0/12 [20/0] via <ISP-A-IP>, 19:35:35
B 1.119.192.0/21 [20/0] via <ISP-B-IP>, 7w0d
B 1.119.200.0/22 [20/0] via <ISP-B-IP>, 7w0d
B 1.119.204.0/24 [20/0] via <ISP-B-IP>, 5w4d
B 1.160.0.0/12 [20/0] via <ISP-B-IP>, 2d19h
B 1.160.0.0/16 [20/0] via <ISP-B-IP>, 2d19h
B 1.161.0.0/16 [20/0] via <ISP-B-IP>, 2d19h
B 1.162.0.0/16 [20/0] via <ISP-B-IP>, 7w0d
B 1.163.0.0/16 [20/0] via <ISP-B-IP>, 2d19h
B 1.164.0.0/16 [20/0] via <ISP-B-IP>, 2d19h
B 1.165.0.0/16 [20/0] via <ISP-B-IP>, 2d19h
B 1.166.0.0/16 [20/0] via <ISP-B-IP>, 7w0d

Georg Pauwen · ‎04-13-2018

Hello,

never mind....I was fishing for default routes (which apparently you are not using).

Unless you know which routes are more heavily used than others, splitting the routes with route maps and e.g. as-path prepending won't do you much good either.

Is it an option to just use default routes ? By simply configuring two or three default routes through the 100MB link, and one through the 20MB link, traffic would be load balanced accordingly...

sgossen · ‎04-13-2018

I uploaded a few lines of the "show ip route" output previously. I have a single default route pointed at the larger pipe. Are you suggesting I create a default route to the slower ISP and then add more default routes to the faster ISP? I wasn't even aware I could have multiple default routes to the same IP.

Georg Pauwen · ‎04-14-2018

Hello,

indeed, multiple identical default routes will increase the traffic load. It is actually a quite simple way to use unequal cost links...

Georg Pauwen · ‎04-15-2018

Hello,

regarding the multiple default routes, I remembered there was an additional step to accomplish this. Check the link below:

https://looppacket.wordpress.com/page/2/

Skywalker · ‎04-16-2018

Hello @sgossen,

From the output you shared, seems like you are receiving only a default route from ISP-A and full table from ISP-B(less capacity). So to understand your requirement, are you looking at load balancing or active/standby setup where you want traffic to prefer ISP-B where you have more capacity?
If that's the case, i would do it this way.

I receive only default routes from both ISPs
Then use localpref (you may also use weight) to determine which ISP to use to exit my network.

Unless for some reason you prefer to install a full routing table, according to me i doubt it's really necessary in this case.

__
Regards,

Larry Sullivan · ‎04-13-2018

What does the far end destination say with the "show ip bgp (site IP)" for a route that can transit both ISPs?

Or at this router "show ip bgp x.x.x.x" for a route that transits both ISPs?

Georg Pauwen · ‎04-14-2018

Hello,

I did some further testing...check if your IOS supports the 'dmzlink-bw' feature. If it does, try the config below. Basically, you specify the bandwidth on each interface and activate the feature. Since you are using two different ASs, the hidden command 'bgp bestpath as-path multipath-relax' is required:

interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface GigabitEthernet0/0
description Link to ISP-A
bandwidth 100000
ip address 192.168.12.1 255.255.255.0
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/1
description Link to ISP-B
bandwidth 20000
ip address 192.168.13.1 255.255.255.0
duplex auto
speed auto
media-type rj45
!
router bgp 65001
bgp router-id 1.1.1.1
bgp log-neighbor-changes
bgp bestpath as-path multipath-relax
bgp dmzlink-bw
neighbor 192.168.12.2 remote-as 65002
neighbor 192.168.12.2 description ISP-A 100MB Fiber
neighbor 192.168.12.2 dmzlink-bw
neighbor 192.168.13.2 remote-as 65003
neighbor 192.168.13.2 description ISP-B 20MB Fiber
neighbor 192.168.13.2 dmzlink-bw
maximum-paths 2

sgossen · ‎04-14-2018

Thank you for the suggestion. I will research this Monday and see what I can see, and I'll let you know what I find.

-Go0se

sgossen · ‎04-17-2018

I don't have the "as-path" option (output reformatted for viewing purposes):

#bgp bestpath ?
aigp - if both paths doesn't have aigp ignore on bestpath comparision
compare-routerid - Compare router-id for identical EBGP paths

cost-community - cost community
med - MED attribute

Georg Pauwen · ‎04-17-2018

Hello, it is a hidden command, just type the entire line and hit enter...