09-13-2016 02:51 AM - edited 03-05-2019 07:03 AM
Hello ,
We are working to extend iBGP connectivity. Since have to execute the changes in production environment. Requesting all your help to check & advice.
Current & Working Setup -
We are having three /24 IP pools-
1) 10.10.1.0/24
2) 10.10.2.0/24
3) 10.20.1.0/24
We are connected with two ISPs on two different routers (router-1 and router-2). We are advertising both IP pool#1 and 2 on ISP-1 and ISP-2 both.
Pool # 1 (10.10.1.0/24) is taking ISP-1 path and Pool#2 (10.10.2.0/24) is taking ISP-2 Path & in case of failure of either ISP traffic of respective ip pool has been shifted on other functional ISP. This is achieved through AS path prepend & iBGP.
Scenario is tested and working well.
Pool#3 is advertised on ISP-3 (third router), which is not connected or communicating to Routers 1 or 2. it's running standalone.
Proposed Setup -
Idea is to create iBGP between router -2 and router-3 , such that in case failure of ISP-1 & ISP-2 at same moment ..traffic of Pool#1 & pool#2 can take path for ISP-3. However for reverse case i.e In case of Failover of ISP-3 (router-3) failover of IP pool 10.20.1.0/24 traffic is not require.
Proposed network diagram is attached for more clarity.
We have prepared a configuration, please advice.
Router-A (No Change Require at this Router)
router bgp 100
no bgp log-neighbor-changes
network 10.10.1.0 mask 255.255.255.0
network 10.10.2.0 mask 255.255.255.0
neighbor 172.16.1.1 remote-as 200
neighbor 172.16.1.1 next-hop-self
neighbor 172.16.1.1 soft-reconfiguration inbound
neighbor 172.16.1.1 route-map AS_PREP out
neighbor 172.16.1.1 filter-list 10 out
neighbor 10.10.1.3 remote-as 100
neighbor 10.10.1.3 next-hop-self
neighbor 10.10.1.3 soft-reconfiguration inbound
neighbor 10.10.1.3 prefix-list default out
ip prefix-list POOL1 seq 5 permit 10.10.2.0/24
ip prefix-list POOL2 seq 5 permit 10.10.1.0/24
ip prefix-list block seq 5 deny 0.0.0.0/0 ge 1
ip prefix-list default seq 5 permit 0.0.0.0/0
route-map AS_PREP permit 10
match ip address prefix-list POOL1
set as-path prepend 100 100 100 100 100
route-map AS_PREP permit 20
access-list 10 permit 10.10.1.0 0.0.0.255
access-list 20 permit 10.10.2.0 0.0.0.255
ip as-path access-list 1 permit ^200$
ip as-path access-list 10 permit ^$
+++++++++++++++++++++++++++
Router-B
router bgp 100
no bgp log-neighbor-changes
network 10.10.1.0 mask 255.255.255.0
network 10.10.2.0 mask 255.255.255.0
neighbor 10.10.1.2 remote-as 100
neighbor 10.10.1.2 version 4
neighbor 10.10.1.2 next-hop-self
neighbor 10.10.1.2 soft-reconfiguration inbound
neighbor 10.10.1.2 prefix-list default out
neighbor 172.16.1.5 remote-as 300
neighbor 172.16.1.5 next-hop-self
neighbor 172.16.1.5 soft-reconfiguration inbound
neighbor 172.16.1.5 route-map AS_PREP out
neighbor 172.16.1.5 filter-list 10 out
neighbor 10.50.1.2 remote-as 100
neighbor 10.50.1.2 version 4
neighbor 10.50.1.2 next-hop-self
neighbor 10.50.1.2 soft-reconfiguration inbound
neighbor 10.50.1.2 route-map AS_PREP out
neighbor 10.50.1.2 filter-list 10 out
neighbor 10.50.1.2 filter-list 20 out
!
ip as-path access-list 1 permit ^300$
ip as-path access-list 10 permit ^$
ip prefix-list POOL1 seq 5 permit 10.10.2.0/24
ip prefix-list POOL2 seq 5 permit 10.10.1.0/24
ip prefix-list block seq 5 deny 0.0.0.0/0 ge 1
ip prefix-list default seq 5 permit 0.0.0.0/0
route-map AS_PREP permit 10
match ip address prefix-list POOL2
set as-path prepend 100 100 100 100 100
route-map AS_PREP permit 20
access-list 10 permit 10.10.2.0 0.0.0.255
access-list 20 permit 10.10.1.0 0.0.0.255
++++++++++++++++++++++++
Router - C (New)
router bgp 100
no bgp log-neighbor-changes
network 10.20.1.0 mask 255.255.255.0
network 10.10.1.0 mask 255.255.255.0
network 10.10.2.0 mask 255.255.255.0
neighbor 172.19.1.1 remote-as 200
neighbor 172.19.1.1 next-hop-self
neighbor 172.19.1.1 soft-reconfiguration inbound
neighbor 172.16.1.1 route-map AS_PREP out
neighbor 172.16.1.1 filter-list 10 out
neighbor 10.50.1.1 remote-as 100
neighbor 10.50.1.1 next-hop-self
neighbor 10.50.1.1 soft-reconfiguration inbound
route-map AS_PREP permit 10
match ip address prefix-list POOL1
set as-path prepend 100 100 100 100 100
route-map AS_PREP permit 20
match ip address prefix-list POOL2
set as-path prepend 100 100 100 100 100
route-map AS_PREP permit 30
ip prefix-list POOL1 seq 5 permit 10.10.2.0/24
ip prefix-list POOL2 seq 5 permit 10.10.1.0/24
ip prefix-list POOL3 seq 5 permit 10.20.1.0/24
access-list 10 permit 10.20.1.0 0.0.0.255
ip as-path access-list 1 permit ^200$
ip as-path access-list 10 permit ^$
Rgds
09-13-2016 02:56 AM
please advice
09-13-2016 08:51 PM
Hello All,
Waiting for suggestions..
09-13-2016 09:26 PM
This looks good to me but I have some questions on config.
1) on router B why this command neighbor 10.50.1.2 filter-list 20 out. What you would like to achieve here you already have filter-list 10.
2) Router B must have have route for 10.10.1.0/24 from either any IGP like ospf, eigrp, static or directly connected. I hope you have that.
09-13-2016 09:55 PM
Hi Pawan,
Thanks
I feel, I have not added AS path prepand on Router-1 for third ISP. It should be there.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide