Re: [nsp] BGP routing questions

• Next message: Steve Meuse: "Re: [nsp] BGP routing questions"
• Previous message: dave o'leary: "Re: [nsp] BGP routing questions"
• In reply to: I Stong: "[nsp] BGP routing questions"
• Next in thread: Danny McPherson: "Re: [nsp] BGP routing questions"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

Thus spake I Stong (routerman@briefcase.com):

> One T3 is a full T3 flat rate and the other is a falt fee at 15MB but burstable to 100MB (supposedly) with added cost over 15MB. Anyway our traffic currently is split about 50/50 load wise between those two circuits - at roughly 20MB per circuit outbound.
>

    Ok. First thing. T3 == Max 45Mbps. :)

> We want to influence traffic so it goes over the full T3 to more fully utilize that paid for bandwidth.

  Very common and actually very easy. Cisco Web site does give some examples
   tho they are buried.. and take some finding.

 *******IMPORTANT******** This is by no means totally accurate. Please
                          read up on any part you dont understand or you
                          dont think I explained correctly. ie. I dont claim
                          to know it all :) This was also put together
                          on the fly, so there are bound to be errors.

   Basically, you'll want to read up on BGP and how it chooses a route.
   Once you know that better, you can then twiddle with the example Im
   gonna give below.

   1st we are gonna set the INCOMING route prefence. ie. which ISP do
   we want over another. The example Im gonna give you, assumes that
   regardless, you want:
      a) to traverse the shortest AS path
      b) that you have a default for all else.

   The method I use is route-maps. You use the route-map to select based
   on how many AS hops away the other network is. In the below config, if
   its directly connected to your neighbor AS or neighbor +1, then I set
   the prefence very high. This ensures your dont waste time getting somewhere.
   I also apply a route-map to the IBGP to ensure that there isnt a
   good path via the other router.

   Once you have your INBOUND routes set to the prefence you want... we
   need to INFLUENCE the OUTBOUND routes. These are the routes you advertise
   and other will use to get back to you. You can again do this via route-maps.
   
   The basic method Ive seen best used, is to FOOL BGP by prepending your
   AS multiple times.

    ex. say the remote site sees.. 129.130.0.0 via AS 1 via AS10000
                   and it sees 129.130.0.0 via AS 7132 via AS10000

   BGP will do its best.. but a large percentage of the time it will default
   to the next hop with the LOWEST AS#, if the AS hop count is equal.
   *NOTE* There are actually more tests cases, but this is basic... go read
          for the rest.

   The AS prepend, allows you to increase the AS HOP count without using
   an illegal AS. The below example would make the above look like

ex. say the remote site sees.. 129.130.0.0 via AS 1 via AS10000 via AS10000
                   and it sees 129.130.0.0 via AS 7132 via AS10000

   This would cause the remote site to by default take the shortest hop count.
   Thus you influence the path they take.

   This also assumes:

      a) ROUTER A == 129.130.1.1
      b) ROUTER B == 129.130.1.2
      c) ISP1 == GTEi == AS 1
      d) ISP2 == SWBi == AS 7132
      e) YOUR as == 10000

ROUTER A- CONFIG
----------------
router bgp 10000
 no synchronization
 bgp always-compare-med
 network 129.130.0.0
 neighbor 1.2.1.49 remote-as 7132
 neighbor 1.2.1.49 version 4
 neighbor 1.2.1.49 soft-reconfiguration inbound
 neighbor 1.2.1.49 distribute-list 100 in
 neighbor 1.2.1.49 route-map SWBi in
 neighbor 1.2.1.49 filter-list 90 out
 neighbor 129.130.1.2 remote-as 10000
 neighbor 129.130.1.2 next-hop-self
 neighbor 129.130.1.2 version 4
 neighbor 129.130.1.2 soft-reconfiguration inbound
 neighbor 129.130.1.2 route-map GTEi in
 no auto-summary

ip as-path access-list 10 permit ^1$
ip as-path access-list 10 deny ^1_7132_
ip as-path access-list 10 permit ^1_[0-9]+$
ip as-path access-list 20 permit ^7132$
ip as-path access-list 20 deny ^7132_1_
ip as-path access-list 20 permit ^7132_[0-9]+$
ip as-path access-list 90 permit ^$

access-list 100 deny ip host 0.0.0.0 any
access-list 100 deny ip 127.0.0.0 0.255.255.255 255.0.0.0 0.255.255.255
access-list 100 deny ip 10.0.0.0 0.255.255.255 255.0.0.0 0.255.255.255
access-list 100 deny ip 172.16.0.0 0.15.255.255 255.240.0.0 0.15.255.255
access-list 100 deny ip 192.168.0.0 0.0.255.255 255.255.0.0 0.0.255.255
access-list 100 deny ip 192.0.2.0 0.0.0.255 255.255.255.0 0.0.0.255
access-list 100 deny ip 128.0.0.0 0.0.255.255 255.255.0.0 0.0.255.255
access-list 100 deny ip 191.255.0.0 0.0.255.255 255.255.0.0 0.0.255.255
access-list 100 deny ip 192.0.0.0 0.0.0.255 255.255.255.0 0.0.0.255
access-list 100 deny ip 223.255.255.0 0.0.0.255 255.255.255.0 0.0.0.255
access-list 100 deny ip 224.0.0.0 31.255.255.255 224.0.0.0 31.255.255.255
access-list 100 deny ip any 255.255.255.128 0.0.0.127
access-list 100 permit ip any any

route-map SWBi permit 10
 match as-path 20
 set weight 31000
!
route-map SWBi permit 20
 set weight 20000
!
route-map GTEi permit 10
 match as-path 10
 set weight 30000
!
route-map GTEi permit 20
 set weight 10000

ROUTER B- CONFIG
----------------
router bgp 10000
 no synchronization
 bgp always-compare-med
 network 129.130.0.0
 neighbor 2.20.1.49 remote-as 1
 neighbor 2.20.1.49 version 4
 neighbor 2.20.1.49 soft-reconfiguration inbound
 neighbor 2.20.1.49 distribute-list 100 in
 neighbor 2.20.1.49 route-map GTEi in
 neighbor 2.20.1.49 route-map AddAS out
 neighbor 2.20.1.49 filter-list 90 out
 neighbor 129.130.1.1 remote-as 10000
 neighbor 129.130.1.1 next-hop-self
 neighbor 129.130.1.1 version 4
 neighbor 129.130.1.1 soft-reconfiguration inbound
 neighbor 129.130.1.1 route-map SWBi in
 no auto-summary

ip as-path access-list 10 permit ^1$
ip as-path access-list 10 deny ^1_7132_
ip as-path access-list 10 permit ^1_[0-9]+$
ip as-path access-list 20 permit ^7132$
ip as-path access-list 20 deny ^7132_1_
ip as-path access-list 20 permit ^7132_[0-9]+$
ip as-path access-list 90 permit ^$

access-list 10 permit 129.130.0.0 0.0.255.255
access-list 10 deny any
access-list 20 permit any
access-list 100 deny ip host 0.0.0.0 any
access-list 100 deny ip 127.0.0.0 0.255.255.255 255.0.0.0 0.255.255.255
access-list 100 deny ip 10.0.0.0 0.255.255.255 255.0.0.0 0.255.255.255
access-list 100 deny ip 172.16.0.0 0.15.255.255 255.240.0.0 0.15.255.255
access-list 100 deny ip 192.168.0.0 0.0.255.255 255.255.0.0 0.0.255.255
access-list 100 deny ip 192.0.2.0 0.0.0.255 255.255.255.0 0.0.0.255
access-list 100 deny ip 128.0.0.0 0.0.255.255 255.255.0.0 0.0.255.255
access-list 100 deny ip 191.255.0.0 0.0.255.255 255.255.0.0 0.0.255.255
access-list 100 deny ip 192.0.0.0 0.0.0.255 255.255.255.0 0.0.0.255
access-list 100 deny ip 223.255.255.0 0.0.0.255 255.255.255.0 0.0.0.255
access-list 100 deny ip 224.0.0.0 31.255.255.255 224.0.0.0 31.255.255.255
access-list 100 deny ip any 255.255.255.128 0.0.0.127
access-list 100 permit ip any any

route-map SWBi permit 10
 match as-path 20
 set weight 31000
!
route-map SWBi permit 20
 set weight 20000
!
route-map GTEi permit 10
 match as-path 10
 set weight 30000
!
route-map GTEi permit 20
 set weight 10000
!
route-map AddAS permit 10
 match ip address 10
 set as-path prepend 10000
!
route-map AddAS permit 20
 match ip address 20

-- 
   Karl S. Hagen					khagen@greyhelm.com
   Cisco Certified Network Assoc. (CCNA)
   UNIX/Networking/DBA 			    http://www.greyhelm.com/~khagen/

• Next message: Steve Meuse: "Re: [nsp] BGP routing questions"
• Previous message: dave o'leary: "Re: [nsp] BGP routing questions"
• In reply to: I Stong: "[nsp] BGP routing questions"
• Next in thread: Danny McPherson: "Re: [nsp] BGP routing questions"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:06 EDT