Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
10332
Views
0
Helpful
6
Replies

Forcing a single subnet in and out one BGP peer

Go to solution
kevin_spies
Level 1
Level 1

‎08-11-2010 07:38 AM - edited ‎03-04-2019 09:22 AM

I have been reading all over trying to learn as much as I can about routing a single subnet in and out a single BGP peer but I am running out of time.

We have a single 6500 with sup720 running BGP between 2 ISP peers. We advertise all out subnets to both but now we need to force a single one to only use one of the peers. Attached is the BGP config.. IP addresses have been changed to protect the innocent.

Any help would be awesome!

Thanks!

Kevin

Labels:
70312-bgp_example.txt.zip
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
arun kumar
Level 1
Level 1
In response to kevin_spies

‎08-12-2010 04:27 AM

Hi Kevin,

I presume you want to use only one ISP peer for both forward and reverse traffic. If that peer fails the traffic should fall back to other peer. If this is correct, then there are ways you can achieve:

1. For outbound, you can influence the traffic by manipulating BGP attributes as you said weight, local preference. You have to set the peer where you want your traffic to flow by configuring higher value of weight and local preference. These attributes can be set to group of prefixes or for all prefixes received by that peero. By this the outbound traffic prefers the peer.

router bgp xxx

neighbor a.b.c.d weight --- for all prefrixes received

neighbor a.b.c.d route-map test in -- for specific prefixes with acl testacl

route-map test permit 10

match ip address testacl

set weight /set local-preference

2. For inbound, it depends how you advertise the prefixes to both peers. One common way people do is to prepend your own as number while you advertise the prefix to your secondary peers. To primary peers you can advertise without any your own as prepending.

router bgp xxx

neighbor a.b.c.d route-map test out ----- secondary peer

neighbor e.f.g.h remote-as yyy ------- primary peer

route-map test permit 10

match ip address testacl

set as-path prepend

3. The drawback of the above method is when the internet chooses the best path to your prefixes they usually choose the shortest as path. Though you prepend you AS many times to your secondary peer, chances are there that your secondary peer can be preferred from some ISP. This all depends from that particular ISP point of view as internet is interconnection of ISP's. There is a feature where you can advertise your prefixes only to one ISP. Only if that ISP fails you can advertise the prefixes to your secondary ISP. In this way, secondary ISP only receive when your primary ISP goes down.  This feature is called "BGP Conditional Advertisement'.

Please refer the below link:

http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a0080094309.shtml

Hope this helps

Arun

View solution in original post

0 Helpful
6 Replies 6

Go to solution
gatlin007
Level 4
Level 4

‎08-11-2010 08:02 AM

When you say force do you mean influencing routing based on source address rather than destination address?



Thanks,


Chris

0 Helpful

Go to solution
kevin_spies
Level 1
Level 1
In response to gatlin007

‎08-11-2010 08:13 AM

The source address would be a local x.x.x.x IP going to any destination and can only use one BGP peer. Is there a way to static route outgoing and incoming traffic for the single subnet using only one BGP peer?

I have seen people say you can use local-pref and weights but I'm not sure how that is done.

Did I answer your question correctly?

Thanks again!

Kevin

0 Helpful

Go to solution
u1kumar2002
Level 1
Level 1
In response to kevin_spies

‎08-11-2010 09:35 AM

Hi,

      Answer to "Is there a way to static route outgoing and incoming traffic for the single subnet using only one BGP peer?" yes, you can route a particular subnet from one peer and other from other peer. but its not static routing. You have to first classify which prefixes will use which peer. Then you can configure it. Here is example : http://showipbgp.com/bgp-configurations/40-cisco/72-3-2-1-cisco-dual-bgp-with-prefix-length-load-balancing.html

Same time other link : http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a00800945bf.shtml

Hope this information will help you.

Uttam

http://www.startnetworks.blogspot.com/

0 Helpful

Go to solution
khearn8
Level 1
Level 1
In response to u1kumar2002

‎08-11-2010 10:09 AM

I would use a prefix list in conjuction with a route-map to a

specific neighbor and block what you don't want going to that neighbor.

0 Helpful

Go to solution
arun kumar
Level 1
Level 1
In response to kevin_spies

‎08-12-2010 04:27 AM

Hi Kevin,

I presume you want to use only one ISP peer for both forward and reverse traffic. If that peer fails the traffic should fall back to other peer. If this is correct, then there are ways you can achieve:

1. For outbound, you can influence the traffic by manipulating BGP attributes as you said weight, local preference. You have to set the peer where you want your traffic to flow by configuring higher value of weight and local preference. These attributes can be set to group of prefixes or for all prefixes received by that peero. By this the outbound traffic prefers the peer.

router bgp xxx

neighbor a.b.c.d weight --- for all prefrixes received

neighbor a.b.c.d route-map test in -- for specific prefixes with acl testacl

route-map test permit 10

match ip address testacl

set weight /set local-preference

2. For inbound, it depends how you advertise the prefixes to both peers. One common way people do is to prepend your own as number while you advertise the prefix to your secondary peers. To primary peers you can advertise without any your own as prepending.

router bgp xxx

neighbor a.b.c.d route-map test out ----- secondary peer

neighbor e.f.g.h remote-as yyy ------- primary peer

route-map test permit 10

match ip address testacl

set as-path prepend

3. The drawback of the above method is when the internet chooses the best path to your prefixes they usually choose the shortest as path. Though you prepend you AS many times to your secondary peer, chances are there that your secondary peer can be preferred from some ISP. This all depends from that particular ISP point of view as internet is interconnection of ISP's. There is a feature where you can advertise your prefixes only to one ISP. Only if that ISP fails you can advertise the prefixes to your secondary ISP. In this way, secondary ISP only receive when your primary ISP goes down.  This feature is called "BGP Conditional Advertisement'.

Please refer the below link:

http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a0080094309.shtml

Hope this helps

Arun

0 Helpful

Go to solution
kevin_spies
Level 1
Level 1
In response to arun kumar

‎08-16-2010 11:50 AM

I was able to get it to work by setting up 2 new ANNOUNCE lists one for each peer. I use the permit statement for the peer I want the traffic to use and used the deny statement on the peer I do not want to use for the traffic. I then soft reset out for both peers.

It seems to be working fine now.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card