Solved: Question on AS-PATH vs MED

news2010a · ‎03-17-2010

Hi, imagine I have edge RouterA-->CorporateRouter1 and RouterB->CorporateRouter2 running BGP.

RouterA and RouterB AS = 100.

CorporateRouter1 and CorporateRouter2 AS = 200.

I prefer that inbound traffic from CorporateRouters flows via RouterA and use RouterB as backup.

So I successfully configured MED like shown below.

Question:

Instead of using MED, would it be more robust if I use AS-PATH instead? The question that I have is, what happens if someday people decide to allow more prefixes or delete some prefixes from the list of allowed networks. It seems to me that AS-PATH would be a cleaner way to configure this inbound route path selection for that reason since it does not rely on network range specification. Please let me know your thoughts on this.

RouterA

router bgp 100

neig <corporaterouter1> route-map SETMED out

(...)

route-map SETMED permit 10

  match ip address prefix-list PFX

!

route-map SETMED permit 100

!

ip prefix-list PFX seq 5 permit 10.1.0.0/16

ip prefix-list PFX seq 10 permit 10.22.0.0/23

!

Jon Marshall · ‎03-17-2010

Marlon

When you say AS-PATH do you mean AS-PATH prepending ie adding multiple instances of your AS to the AS-PATH ?

If so the key difference between MED and path prepending is that MED is only relevant to the neighboring AS ie. it does not go beyond that. Path prepending does. So if you wanted to influence routing beyond your neighboring AS path prepending would be the one to use.

Jon

View solution in original post

Giuseppe Larosa · ‎03-17-2010

Hello Marlon,

but if the prefixes are locally generated the as path access-list should match the empty AS path string.

This would allow you to avoid to advertise to ISP y what you have learned from ISP x and in addition to set a MED

ip as-path access-list 11 permit ^$




! matching the empty AS path




route-map SETMED permit 10

match as-path 11

set metric

Hope to help

Giuseppe

View solution in original post

Jon Marshall · ‎03-17-2010

Marlon

When you say AS-PATH do you mean AS-PATH prepending ie adding multiple instances of your AS to the AS-PATH ?

If so the key difference between MED and path prepending is that MED is only relevant to the neighboring AS ie. it does not go beyond that. Path prepending does. So if you wanted to influence routing beyond your neighboring AS path prepending would be the one to use.

Jon

news2010a · ‎03-17-2010

Yes, as-path prepending.

In my case I do not see a need to influence beyound peers.

Jon Marshall · ‎03-17-2010

Then MED will work fine and i can't see a reason to change it. Yes you need to remember to update with any new subnets but if you are summarising address ranges chances are a new subnet you add will still be part of the summarised range so you will not need any modifications.

Jon

news2010a · ‎03-17-2010

Actually, now I see that my concern is not about MED, but in reality which 'match' I am using to determine which route to take.

So I could use MED and do:

route-map SETMED permit 10

match as-path...

So my question is, is it a better approach match the 'as-path' instead of filtering based on prefix-lists? Since the prefix-list I imagine could be something changing down the road. My rationale is that as-path seems to be a parameter that should rarely change.

Giuseppe Larosa · ‎03-17-2010

Hello Marlon,

but if the prefixes are locally generated the as path access-list should match the empty AS path string.

This would allow you to avoid to advertise to ISP y what you have learned from ISP x and in addition to set a MED

ip as-path access-list 11 permit ^$




! matching the empty AS path




route-map SETMED permit 10

match as-path 11

set metric

Hope to help

Giuseppe

news2010a · ‎03-17-2010

Eh, eh. It seems this one did it.

Thanks al!!