04-30-2020 08:36 AM
Hi All,
I have two different internet links however have only one /24 public IP segment. How do we configure the BGP load-sharing. We want to make use of both the internet links. The ISP's wont allow the the prefix length less than /24 so i can't break it /25 then advertising in to both the links.
do we have any other solution?
Naga
04-30-2020 08:47 AM - edited 04-30-2020 08:54 AM
Hi,
Are both ISP links (or the eBGP neighbor) from different AS?
As for the outgoing traffic, it easy to load balance between two ISP.
This configure allow you to accept and install two 0.0.0.0/0 from two different AS respectively.
bgp bestpath as-path multipath-relax
maximum-paths 2
As for the incoming traffic, it's harder to control. But when advertise your /24 to both of your ISPs, then it somehow is load balancing/shared. For example, ISP A's customer will prefer ISP A link to reach you, while ISP B's customer will prefer ISP B link to reach you.
===
On the other hand, you could try to configure 1.0.0.0/8 to 128.0.0.0/8 to ISP A, and rest forward to ISP B. This could make use of both ISP link.
04-30-2020 10:07 AM
Are both ISP links (or the eBGP neighbor) from different AS? : YES. Two different ISP's. It is terminated in two different ASR routers. running iBGP between two routers.
04-30-2020 12:08 PM
Naga
When you are looking at BGP and load sharing you really need to think of 2 separate aspects of it. You have several options to influence outbound traffic to achieve load sharing. You have few options to influence inbound traffic, especially true when you have a /24 Public IP block.
@ngkin2010 has presented 2 good options, accepting default routes from both ISP, and using Policy Based Routing to send class A traffic to one ISP and class B and C traffic to the other ISP. I have a couple of other suggestions that you might consider. You might have both ISP send you selected routes along with a default (typically that would be their directly connected customers or perhaps 2 or 3 levels deep customer relationship). Another option to consider would be to use the weight attribute on each of your routers so that each router then prefers to use the default route it learned from its neighbor but would use the other ISP if there were a problem. This could work especially if you have any way in your network to send some of your outbound traffic to one router and to send the outbound traffic to the other router.
For inbound traffic there is not much that you can do to influence how traffic is sent to you. I believe that it is likely that you will get some load sharing because networks more closely connected to ISP A will use that path while other networks more closely connected to ISP B will use that path. Beyond that you do not have much option.
04-30-2020 12:38 PM
I agree with @Richard Burts and @ngkin2010 . However, I have seen problems in trying loadshare over two ISP connections. There is a good chance, which has been alluded to above, that you may have asynchronous routing, because the return path through through one ISP may be more preferred than the other ISP. Asynchronous routing in itself is not necessarily bad, but I have had certain applications that have been latency sensitive and the asynchronous route on the return path has caused performance issues. Usually because the inbound ISP had a higher amount of latency then the outbound. Overall, it made the issue more difficult to troubleshoot. On the other hand, you may not have any issue, but just be aware that it can happen and it is something to consider.
At any rate that's my 2 cents :)
Thanks,
Barry
04-30-2020 01:23 PM
Hello
Just like to add you also should make sure that you don't become a transit path for either ISP so make sure you only advertise locally originated routes to either ISP which can be accomplished with a simple as-path filter.
ip as-path access-list 10 permit ^$
neighbour <isp> filter-list 10 out
05-01-2020 06:35 AM
04-30-2020 08:38 PM
Hi @NAGA1
Others already have presented you many valid options, here another option that might help to more or less achieve load-balancing but in outbound direction.
ASR-1 ip as-path access-list 11 permit [02468]$ route-map Link-1-in permit 10 match as-path 11 set local-preference 200 ! router bgp <AS> address-family ipv4 unicast neighbor ISP-1 route-map Link-1-in in ! ASR-2 ip as-path access-list 12 permit [13579]$ ! route-map Link-2-in permit 10 match as-path 12 set local-preference 200 ! router bgp <AS> address-family ipv4 unicast neighbor ISP-2 route-map Link-2-in in !
It won't be 50/50 load-sharing but some amount of traffic will preferable over ISP-1 and ISP-2 respectively on ASRs.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide