03-28-2012 04:55 AM - edited 03-04-2019 03:50 PM
Hi all
I would like to know what most people do when having 2 internet connections to 2 different providers.
I spoke to somebody, they said that normally its best to get the full internet bgp table from both provider so the router can load share for different prefixes, as ISPA might have a lower AS path to a certain prefix.
- How do I make sure that im not a transit network between the providers? I saw something like a filter list saying permit ^$, Does that mean only advertise local originated networks to both providers ?
Also whats the best way of influencing the decision, would it be to use local pref or MED fro each prefix ?
cheers
Solved! Go to Solution.
03-29-2012 02:34 AM
Hi Carl
You can find below the syntax of the command
ip as-path access-list access-list-number {permit | deny} as-regular-expression
neighbor {ip-address | peer-group-name} filter-list access-list-number {in | out}
The config could be the next
Router A config (e.g AS 300)
router bgp 300
neighbor 1.1.1.1 remote-as 100 ->ISP A
neighbor 1.1.1.1 filter-list 5 out
neighbor 2.2.2.2 remote-as 200 -> ISP B
neighbor 2.2.2.2 filter-list 5 out
ip as-path access-list 5 permit ^$
This config permits only paths with no AS path. So only the routes advertised by this router e.g. via network command, redistibution or via iBGP can be sent to the ISP routers. All the routes sent by the ISP have at least their AS number and so are not advertised by the customer router.
Hope that helps
Vasilis
03-28-2012 05:27 AM
Yes, that is done with careful BGP configuration including but not limited to the techniques you mentioned.
A complete discussion really doesn't belong here as it fully covered in many books, documentation, white papers, training, etc.
03-28-2012 03:26 PM
Hi Carl
Yes, the ^$ means that you advertise the BGP routes without any AS to the AS PATH. Since the internet routes pass via several AS the AS path have many entries. So, you filter the internet routes and to become your router transit.
To get the full internet routing depends on many parameters such as the CPU & memory of the router etc.
Hope that helps,
Vasilis
03-29-2012 01:51 AM
hi Vasilis
Can you please explain a little more?, what this command does, say my router is router A, and I have router B which is ISP 1 and router B which is ISP 2, How would I only advertise the network I own to both providers, and not advertise each others, please explain using my scenario if possible, or a sample config
cheers
03-29-2012 02:34 AM
Hi Carl
You can find below the syntax of the command
ip as-path access-list access-list-number {permit | deny} as-regular-expression
neighbor {ip-address | peer-group-name} filter-list access-list-number {in | out}
The config could be the next
Router A config (e.g AS 300)
router bgp 300
neighbor 1.1.1.1 remote-as 100 ->ISP A
neighbor 1.1.1.1 filter-list 5 out
neighbor 2.2.2.2 remote-as 200 -> ISP B
neighbor 2.2.2.2 filter-list 5 out
ip as-path access-list 5 permit ^$
This config permits only paths with no AS path. So only the routes advertised by this router e.g. via network command, redistibution or via iBGP can be sent to the ISP routers. All the routes sent by the ISP have at least their AS number and so are not advertised by the customer router.
Hope that helps
Vasilis
03-29-2012 05:40 AM
Is this normal practice when dual homing to 2 seperate isp's?
thanks for your help by the way, much appreciated
03-29-2012 07:00 AM
You are welcome.
This is one of the common methods. You can also use and other route filters such as prefix-list with route-maps, to the ISP BGP neighbor peers or with filtering of BGP assigned communities.
Thanks for the rate
Regards,
Vasilis
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide