Solved: Thanks for clarifying that

nany96901 · ‎12-23-2014

i have one router connected to two ISPs links(Airtel and Reliance), both are of same link speed (310 Mbps each),

With below configuration (example), outbound traffic and inbound traffic is through reliance link.

When i shutdown reliance link, only outbound traffic is moving through Airtel but no inbound traffic from Airtel isp even though clearing BGP Sessions

MY QUESTION IS THAT : what are configuration changes to be made for making both links for transmitting oubound traffic, but make reliance as primary link and Airtel as secondary link for inbound ..

router bgp ****
no bgp default ipv4-unicast
no bgp enforce-first-as
bgp log-neighbor-changes
bgp bestpath as-path multipath-relax
neighbor 192.168.1.2 remote-as 1234
neighbor 192.168.1.2 description Airtel
neighbor 192.168.1.2 timers 10 30 20
neighbor 172.16.1.2 remote-as 56789
neighbor 172.16.1.2 description RELIANCE
!
address-family ipv4
no synchronization
bgp dmzlink-bw
network 1.1.1.0
network 2.1.1.0
neighbor 192.168.1.2 activate
neighbor 192.168.1.2 route-map PREPEND out
neighbor 192.168.1.2 dmzlink-bw
neighbor 172.16.1.2 activate
neighbor 172.16.1.2 weight 10
neighbor 172.16.1.2 dmzlink-bw
maximum-paths 2
no auto-summary
exit-address-family

!

route-map PREPEND permit 10
set as-path prepend 1234 1234 1234

!

blau grana · ‎12-25-2014

As Rick pointed out, this command:

neighbor 172.16.1.2 weight 10

is preventing BGP to use both links for outband traffic.

But I'm also concerned by your statement that:

"When i shutdown reliance link, only outbound traffic is moving through Airtel but no inbound traffic from Airtel isp even though clearing BGP Sessions"

This is definitely not good and I think this is caused by your route-map. Your AS prepending is WRONG:

neighbor 192.168.1.2 description Airtel
neighbor 192.168.1.2 route-map PREPEND out

route-map PREPEND permit 10
set as-path prepend 1234 1234 1234

You can't use peer AS to prepend, you need to use your own local AS. Your prepending is causing Airtel to drop this route because peer is seeing own AS in BGP update.

So to accomplish your goals please remove weight command and modify prepend route-map. If you see any issues after that please provide output of show ip bgp

Best Regards Please rate all helpful posts and close solved questions

View solution in original post

nany96901 · ‎12-23-2014

Please help, i have stuck in this siuation, i need to make use of both the links..

Richard Burts · ‎12-23-2014

One thing that must be taken into consideration when establishing BGP with 2 ISP is what address space are you using in your network? Do you have your own Provider Independent address space? Or are you using address space assigned to you by one of the ISP? And from the made up addresses in your post we can tell what you really have.

When you are using address space assigned to you by one ISP the other ISP may not accept the advertisement of the other ISP address space. It sounds like this may be your situation.

HTH

Rick

HTH

Rick

nany96901 · ‎12-24-2014

Dear Sir,

our address pool was not given by any of these ISPs..(taken seperately from APNIC). and those address pools were advertised to both the links...

Richard Burts · ‎12-24-2014

Thanks for clarifying that you have Provider Independent address space. We still do not have enough information to determine why there was no inbound traffic when RELIANCE was down.

One thing that prevents you from using both links for transmitting outbound is this

neighbor 172.16.1.2 weight 10

HTH

Rick

HTH

Rick

nany96901 · ‎12-24-2014

neighbor 172.16.1.2 weight 10

neighbor 192.168.1.2 route-map PREPEND out

Before configuring the above statement, the actual traffic flow (both inbound and outbound ) was through airtel link, and little bit of traffic (only inbound) was through reliance link.

{example: if Airtel inbound was 310 Mbps, only 10 - 15 Mbps inbound was through reliance link}

so to make use of reliance , i used neighbor 172.16.1.2 weight 10 .......... to make reliance link for outbound. but still max inbound was through airtel link

so i made use of route-map for making reliance for inbound.

but now whats happening is, even though if reliance reached its max limit , no inbound through airtel.

if i remove reliance link, no inbound through airtel but only outbound

Is route-map creating any issues..?

blau grana · ‎12-25-2014

As Rick pointed out, this command:

neighbor 172.16.1.2 weight 10

is preventing BGP to use both links for outband traffic.

But I'm also concerned by your statement that:

"When i shutdown reliance link, only outbound traffic is moving through Airtel but no inbound traffic from Airtel isp even though clearing BGP Sessions"

This is definitely not good and I think this is caused by your route-map. Your AS prepending is WRONG:

neighbor 192.168.1.2 description Airtel
neighbor 192.168.1.2 route-map PREPEND out

route-map PREPEND permit 10
set as-path prepend 1234 1234 1234

You can't use peer AS to prepend, you need to use your own local AS. Your prepending is causing Airtel to drop this route because peer is seeing own AS in BGP update.

So to accomplish your goals please remove weight command and modify prepend route-map. If you see any issues after that please provide output of show ip bgp

Best Regards Please rate all helpful posts and close solved questions

nany96901 · ‎12-26-2014

I changed the route-map to my local AS value , now i could see inbound traffic from both the links.(max through Reliance ) as required.

if i remove neighbor 172.16.1.2 weight 10 , outbound traffic is taking through Airtel link. reason is Airtel's AS path metric is less compared to Reliance..

for me, outbound traffic should be through reliance, so i made use of weight 10

Airtel link is working fine when Reliance is down.

Thanks Rick and Blau grana , now everything is working as required for me..

one disadvantage is that outbound traffic is not shared between the links when i remove neighbor 172.16.1.2 weight 10

Thank u all

Narayan

Need to configure BGP between primary and secondary circuit to two ISP's