Actually we have two MPLS Connections per location, a primary and a backup.  The AT&T one is the primary and the majority of traffic routes over it.

We actually do have Proxy Servers in Europe and SA and they work great.  But my problem is for protocols like POP3 and other Point-2-Point TCP connections that don't use the Proxy Server.

Now even though I advertise in BGP the default internet gateway at the HQ Data Centers in all three continents, the North American one always seems preferred.  I suspect I could manipulate AS-Path or Local Preference to perfer a certain default-route, but I can't seem to figure how to do that for all sub-locations within a continent so they prefer the local default-gateway of their continent's HQ Data Center.

Hi,

it depends on the number of AS numbers used on the path between your sites.

Are you peering via BGP to AT&T CE router on each site?

IMHO, you should discuss your problem with AT&T - they should know  how they configure the preferences in the backbone.

BR,

Milan

My CE Router at each site is peering with the AT&T PE Router.  Oh I could discuss this with AT&T, but that discussion will cost us probably thousands of dollars in Engineering/Consulting $'s.

There's probably only a single AS # between sites....Remember this is AT&T Private AVPN MPLS Cloud, not the Internet.  And because there's only a single AS #, multiple AS-Path prepends aren't going to help me.......

Hi,

I suppose you are talking about AT&T eVPN MPLS service?

Are you able to issue

sh ip bgp 0.0.0.0

on one of the sites?

That should show you the AS numbers  on the path to the HQ.

You are peering to one PE on each site, i.e., receiving only one default route from the PE, aren't you?

BR,

Milan

Yes I can issue that command and the result is a single best path originating from the PE Router.  I believe AT&T sends the entire routing table not just the default route because if I do a SHOW IP ROUTE BGP I see the routes from all of my CE Routers participating in BGP, not just the default route from the peering AT&T PE Router.

No, I did not mean the PE was sending only the default route to your router.

I mean: The PE router is receiving mutliple vpnv4 default routes (different route distinguishers) from other PE routers.

When imoorting them to your customer VRF routing table, the route distinguisher is removed, so it might be possible to see multiple default routes on the PE using sh ip bgp vpnv4 vrf ... command.

(See  http://www.cisco.com/application/pdf/paws/13733/mpls_vpn_basic.pdf for some details.)

But only the best (from your VRF BGP table point of view) default route is sent to your CE router via the BGP session from the PE.

So I'm afraid you need to discuss with  AT&T how they do chose the best default route in your customer VRF.

BR,

Milan

Is there a pattern to your addressing that would allow you to set a local pref based on source?

that way you could direct by geographic region to a specific exit point.

just thinking out loud.

Setting a local pref based on source is a possibility though what would the syntax be for that??  Each of my locations uses a 16 bit LAN network i.e.....10.65.x.x/16 and a 30 bit AT&T WAN network i.e..... 172.25.65.x/30.

Would it go something like:

route-map blahblah permit 10

match ip address 10

set local-preference 110

route-map blahblah deny 20

ip access-list 10 permit 10.65.0.0 0.0.255.255 any

So do you then apply this local-pref/route map to the CE router at my North American local?

It all depends on if your addressess represent your geography. if it does you will need to test wherever they might land in your network.

it does look a bit messy.

Thank you very much....After reading your email I talked to our AT&T sales rep about "site of origin" and our 3 different Internet Gateways and he said he would put in a change request to have it adjusted.  Hopefully we will be good to go after that!!

Thanks again!!

nice to hear that..:)