Inbound traffic to go out via same BGP ASN as it came in on

eger · ‎12-07-2005

I'm wondering if someone could point me in the right direction at least or provide an area I should be looking to accomplish this. Basically i'm trying to get traffic that comes in on one BGP ASN to go out the same. I'm having a problem with traffic coming in on one provider. But going out another. I can verify this by doing a traceroute to an IP address on the network and then from that host on then network do the same traceroute back. Both take different paths.

This is noticed also in the ping times for the hops. Once the hop get up to my router going in, you notice the latency jump (indicating the route coming back is changing).

How can I prevent this from happening or take control of it using ACL's and route-maps?

I'm fairly new to cisco just finished my 3rd CCNA class. Hope this is enough info to understand what I am trying to do.

Thanks for your time!

Georg Pauwen · ‎12-08-2005

Hello Andy,

basically, there are two parameters that you can configure to influence the outbound traffic flow: ´weight´ and ´local-preference´. Without knowing the specifics of your setup, you might want to try and apply the command:

neighbor x.x.x.x weight 200

to the neighbor of the AS which you want the traffic to exit through, and:

neighbor x.x.x.x weight 100

to the neighbor which you do not want the traffic to exit to.

A higher weight is preferred, but this attribute (weight) is only local to your router and only works when both ISP´s are connected to the same router. If that is not your physical setup, you might want to include a drawing of your setup, and we will have to think of something else...)

Regards,

GP

eger · ‎12-08-2005

I see that would definitely help it out one interface or the other. Though I don't necessarily want traffic favoring one provider. BGP seems to be doing a real good job of keeping both lines equal according to route preference.

But once a path has been chosen, i'd like for the reply to come back the same path.

For example: I am in an area where my latency and hop count is much lower to one provider than the other, so this path is used for me when I connect to the network, or ping, or traceroute. But for some reason the replies are coming back through the SECOND provider with a much higher hop count, higher latency, and lower bandwidth.

This seems rather odd behavior to me.

Basically it is a single 7000 series router with 2 providers on 2 FE ports, both speaking BGP, both providers announcing my networks IP's. Shouldn't it be true that packets coming in on one provider would also leave that provider going back to the same destination as they originated? Is it possible one provider is not announcing something or has different costs for something?

If this is BGP functioning normally then my apologies. But I would like to influence traffic to take the same path to and from.

Hope this info helps a little more. Thanks for the reply, I will be looking into weight and local-preference more in depth.

Georg Pauwen · ‎12-08-2005

Hello,

the traffic should indeed flow back the same way, unless the ISP is somehow forcing it to take a different path...

You could try as-path prepending to make traffic coming from that specific AS prefer the outgoing link. Let´s say your configuration looks like this:

router bgp 1

neighor 192.168.1.1 remote-as 2

neighbor 172.16.1.1 remote-as 3

If you want traffic from AS 3 to never take the link through AS 2, you would configure the following:

as-path access-list 1 permit _3$

!

route-map AS3 permit 10

match as-path 1

set as-prepend 2 2 2 2 2

and apply that route-map to your neighbor:

neighor 192.168.1.1 route-map AS3 in

This will cause your router to prepend AS numbers to the path through AS 2, thereby preferring the other link...

Does that make sense ?

Regards,

GP

eger · ‎12-08-2005

Thanks! i think this will help a lot. Going through the BGP configuration now to get this in place.