Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
609
Views
15
Helpful
4
Replies

Same as with different locations and prefixes

Go to solution
darwick
Level 1
Level 1

‎07-19-2020 10:17 PM - edited ‎07-19-2020 10:23 PM

Hello,

 

Let say I have one public AS number (AS1234 in this case) and have routers on 2 different datacenters. In both datacenters, there is a 6500 series (SUP2T) router, each one will announce 1-1 /24 prefixes. Datacenter A router announce 11.22.33.0/24 via eBGP, datacenter B router announce 44.55.66.0/24 In both datacenters, the ISP (uplink provider) is different, but both of them announces me only a default route (0.0.0.0/0) In both datacenters, there are not any iBGP configuration, link, or anything. Please look for the attached diagram.

 

diag.png

My questions are:

 

- Will that configuration work and will that prefixes reachable in the world?

- Because there is no any iBGP related configuration, would I reach one host in the another datacenter? Let say if I have an IP 11.22.33.44 which is reachable from outside, will I reach it from 44.55.66.77 from the other datacenter?

- If not, which kind of extra configuration do I need?

 

My configuration in both sides are simple now:

 

Datacenter A:

 

router bgp 1234

address-family ipv4

network 11.22.33.0 mask 255.255.255.0

 

Datacenter B:

 

router bgp 1234

address-family ipv4

network 44.55.66.0 mask 255.255.255.0

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame

‎07-20-2020 06:55 AM

Hello @darwick ,

in order to accept the prefix coming from the other DC and originated in the same BGP AS 1234 you need a trick

DC A

router bgp 1234

address-family ipv4 unicast

neighbor <ISP-DC-A> allowas-in

 

DC B

router bgp 1234

address-family ipv4 unicast

neighbor <ISP-DC-B> allowas-in

 

this command allows to accept an incoming BGP advertisement that already contains your own AS number.

The command has a parameter that specifies up to how many times your AS number appear in the AS path attribute to handle cases where AS path prepending is used.

 

However, as noted by @Jon Marshall the network design misses in redundancy and fault tolerance.

 

Adding a L2 MPLS or carrier ethernet service between the two datacenters would be a great improvement.

 

Hope to help

Giuseppe

 

View solution in original post

4 Replies 4

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎07-20-2020 06:39 AM

 

Yes it will work but you have no redundancy.

 

The DCs are not connected so not sure how you expect to reach 11.22.33.44 from the other DC unless I have misunderstood ? 

 

You need a link between your DCs otherwise there is no point in advertising both subnets from each DC. 

 

Jon

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame

‎07-20-2020 06:55 AM

Hello @darwick ,

in order to accept the prefix coming from the other DC and originated in the same BGP AS 1234 you need a trick

DC A

router bgp 1234

address-family ipv4 unicast

neighbor <ISP-DC-A> allowas-in

 

DC B

router bgp 1234

address-family ipv4 unicast

neighbor <ISP-DC-B> allowas-in

 

this command allows to accept an incoming BGP advertisement that already contains your own AS number.

The command has a parameter that specifies up to how many times your AS number appear in the AS path attribute to handle cases where AS path prepending is used.

 

However, as noted by @Jon Marshall the network design misses in redundancy and fault tolerance.

 

Adding a L2 MPLS or carrier ethernet service between the two datacenters would be a great improvement.

 

Hope to help

Giuseppe

 

Go to solution
darwick
Level 1
Level 1
In response to Giuseppe Larosa

‎07-20-2020 08:54 AM

Hello,

 

Both of you are right, thank you to help me pointing out how does this work.

However, it looks like if I get a default route in both sides, I don't need allowas-in configuration. As soon as I have peerings (with exchanges) where the other datacenter's prefixes are announced, it will need the allowas-in configuration. (because suddenly I got a testing /24 prefix from my ISP, I made a quick test right now) But, it opens me other questions based on this:

 

- Do I need this allowas-in set in both routers, or I only need to set that side where I have other peerings (other then default route)?

- I need to set it only to that negihbour, where the other datacenter's prefixes are announced, am I right? And if it is not prepended, only 1 times?

 

Actually you are right that if I don't link DC A and DC B then it will not redundant, but the optical link setup will be there soon and then I can make it redundant.

It is only a theoretical question, a bit out of this topic, but I'm curious about you opinion: How would you setup this kind of link? A native L2 trunk port between the sites, with all prefixes announced on both DCs? Or an iBGP session between datacenters? In this scenario, then it will possible to use one DC's IP addresses in the other DC as well. Am I right?

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to darwick

‎07-20-2020 10:06 AM - edited ‎07-20-2020 10:07 AM

 

If you want each DC to receive the advertisement for the other DC subnet you need allowas-in on both DC routers. 

 

A simple setup could be to connect the DCs using a L2 link as Giuseppe suggests and then run IBGP across and advertise the default routes across the link to each DC router using local preference so that each DC chooses it's ISP default route unless the ISP link is down. 

 

If you also advertise both subnets from each DC but use AS prepending you should have a relatively simple but redundant solution. 

 

Jon

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card