[nsp] Methods for Non-BGP multihoming

Ryan O'Connell ryan@complicity.co.uk
Tue, 23 Jul 2002 21:45:59 +0100 (GMT Daylight Time) 

On Tue, 23 Jul 2002 14:36:26 -0500 CARL.P.HIRSCH@sargentlundy.com wrote:
> I've read a couple of Avi Freedman's BGP tutorials as well as a number of
> documents from Cisco (BGP Case Studies, the ISPCon BGP presentation,
> Configurations for Load Sharing with BGP in Single and Multihomed
> Environments, etc). I feel like I've got a basic grasp of BGP but for
> simplicity's sake I'm still inclined to go with the option of taking
> static
> routes from each ISP and allowing them each to advertise our /16. I'm not
> interested in load-balancing, only redundancy.
> 
> If both ISPs were to advertise our /16 address space (registered by us,
> not
> an ISP), we wouldn't necessarily need an AS number, would we?

Correct. However, this would give you no direct control over your BGP
advertisments. This would mean that if a provider has problems that don't
result in BGP dropping you'd either have to shut down the physical link
completely or contact them to stop advertising /16 which would take time.

There's also no guarantee that they'll set their routers up to correctly
stop advertising your /16 if the physical link drops, which could give you
problems.

> When traffic comes inbound to our
> network, is there any way to make sure that one provider is always used?

To prevent the 'net as a whole sending traffic down one link, it just needs
to be advertised with a long AS path length. The accepted way of doing this
is to prepend your own (Or your providers) AS number to the AS path three
or so times to make it seem artificially longer.

Within the ISPs you're connected to, they often prefer customer routes over
peering/transit routes regardless of AS-path length. If you're talking BGP
to the provider you can often set BGP communities to influence the
localpref set by the provider and change this behaviour but if you're not
talking BGP to them you'd have to ask them to do this for you, if they can.

> Does it even matter? It's the issue of how traffic finds its way to your
> network when you're multihomed that I'm not quite clear on.

It's a matter of personal taste. An Active/Passive failover setup means
that there's less points of failure but you might not spot problems with
the backup link until it's too late whereas the reverse is true for an
active/active setup.

> If any body knows a better way to do this, I'd be happy to hear about it.

If you don't want to get an AS number, you could talk BGP to your upstreams
using a private AS number and then have them filter that AS number. If
memory or processor power is a problem you need only take a default route
from both the providers. (You can just filter everything else even if they
do send it) This isn't *quite* as robust as a full feed but it's still
pretty good and you can eaisly alter metrics to change which provider is
preferred for traffic.

--
         Ryan O'Connell - CCIE #8174
<ryan@complicity.co.uk> - http://www.complicity.co.uk

I'm not losing my mind, no I'm not changing my lines,
I'm just learning new things with the passage of time