[c-nsp] Classify geographical traffic with BGP

Thu Apr 16 00:11:56 EDT 2009

  Hi Rich ,

 I am thinking on my international ISP community options. I have tired
before the as path prepending configuration with my international ISP. But
as a result , i was still getting some inbound traffic through international
ISP.   If i use their community options , for example if i advetise my
subnet with "send-community" option and 1106 for x6 times prepending , is
this option going to solve the unwanted inbound traffic problem ?
(
http://www.db.ripe.net/whois?form_type=simple&full_query_string=&searchtext=AS29259&do_search=Search
did you remember this address ? :)  )

 I think that if the as path prepending configuration works well , the
inbound traffic to my AS through international ISP   will be used as backup
state.   But , as you know in my scenario
for example just international traffic goes from international ISP and come
back through the same link.   What do you say , am i thinking wrong ?

Regards...

Burak Dikici

On Wed, Apr 15, 2009 at 4:17 PM, Rich Davies <rich.davies at gmail.com> wrote:

> Burak,
>
> Yes sorry if i wasnt clear.   Basically you can apply the route map for
> your session to provider A to change the local pref on those learned
> prefixes.   You could leave the session to provider B untouched (no route
> map inbound or outbound) and you will achieve "some" traffic changes since
> you're tagging specific prefixes to send to provider A and they would not go
> to provider B (out of country).
>
>
> -Rich
>
>
> On Wed, Apr 15, 2009 at 2:45 AM, Burak Dikici <bdikici at gmail.com> wrote:
>
>> Hi Rich ,
>>
>> Sorry about my last reply.  I couldn't catch the note in your previous
>> message. You said ;
>>
>> "Notice I am not applying a route-map to the other BGP session (3.3.3.3,
>> AS 33333) because all these routes get their default values (local pref of
>> 100, less preferrable).   The route map will allow all the other prefixes
>> there is no implicit deny, it merely tags routes matching ACL 10 with local
>> pref 150."
>>
>>
>>
>>
>>   On Wed, Apr 15, 2009 at 9:34 AM, Burak Dikici <bdikici at gmail.com>wrote:
>>
>>> Hi Rich ,
>>>
>>> What do you think about this command ?
>>>
>>> "neighbor 3.3.3.3 description PROVIDER_B_OUTSIDE_COUNTRY"
>>>
>>> This command doesn't have any direction.
>>>
>>> Burak
>>>
>>>
>>>
>>> On Wed, Apr 15, 2009 at 5:23 AM, Rich Davies <rich.davies at gmail.com>wrote:
>>>
>>>> Burak,
>>>>
>>>> BTW this line should not have been in my example:
>>>>
>>>>   neighbor 2.2.2.2 route-map PROVIDER_A_INSIDE_COUNTRY out
>>>>
>>>> Definately do not want to tag outbound routes in that method as they do
>>>> not originate from you (Doh!!).
>>>>
>>>>
>>>> -Rich
>>>>
>>>>  On Tue, Apr 14, 2009 at 8:15 PM, Burak Dikici <bdikici at gmail.com>wrote:
>>>>
>>>>>  By the way i wonder , how can it be done symmetrical traffic flow in
>>>>> this
>>>>> scenario ?   Local traffic goes from local ISP and the return traffic
>>>>> comes
>>>>> back through local ISP.   Outside of the country traffic goes from
>>>>> international IPS and the return traffic comes back through
>>>>> internaional
>>>>> ISP.  I don't want to cause any asymmetrical traffic flow between
>>>>> different
>>>>> ISPs and my site.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Wed, Apr 15, 2009 at 2:53 AM, Walter Keen <
>>>>> walter.keen at rainierconnect.net
>>>>> > wrote:
>>>>>
>>>>> > If you are not advertising any space, I would imagine an AS path
>>>>> filter
>>>>> > on ISP-1 (limited to 1 or 2 hops, if that works for you) and no AS
>>>>> path
>>>>> > filter on ISP-2 would do the trick.  You would want a floating static
>>>>> > default route(s) for outbound traffic redundancy.
>>>>> >
>>>>> > Now, if you are advertising space, as path prepending may be one way
>>>>> to
>>>>> > go as far as inbound traffic goes, but it gets messy in a situation
>>>>> like
>>>>> > this one.  If you prepend your AS number too many times out ISP1,
>>>>> then
>>>>> > traffic you may have wanted to come in ISP1 may see ISP2 as a closer
>>>>> > route (less AS hops).
>>>>> >
>>>>> > Burak Dikici wrote:
>>>>> > >    Hello ,
>>>>> > >
>>>>> > >   I have got one internet router running BGP , and this router has
>>>>> got
>>>>> > > connections with two different ISPs. One of the ISP is local for my
>>>>> > country
>>>>> > > and the other ISP's location is outside of my country. I want to
>>>>> classify
>>>>> > > geographical traffic with BGP. For example , local traffic to my
>>>>> country
>>>>> > > will go through ISP-1 (local ISP) , outside traffic to my country
>>>>> will go
>>>>> > > through ISP-2 (outside of my country ISP). What i have to do to
>>>>> achieve
>>>>> > that
>>>>> > > kind of configuration ? If i have to use AS path filter , how can i
>>>>> find
>>>>> > the
>>>>> > > local ISP AS path numbers and how can i configure AS path filter
>>>>> for this
>>>>> > > request ? Is that enough using the as-path filter just for the
>>>>> national
>>>>> > ISP
>>>>> > > or should i use it for international ISP also ?
>>>>> > >
>>>>> > >   If i use AS-path filter for both ISP connections , what will
>>>>> happen to
>>>>> > > redundancy ? I mean , for example i filter national AS numbers at
>>>>> the
>>>>> > > international ISP connection and deny them. Secondly , i filter
>>>>> national
>>>>> > AS
>>>>> > > numbers at the national ISP connection , permit them and the other
>>>>> AS
>>>>> > > numbers will be denied. In this situation , what will happen if the
>>>>> local
>>>>> > > ISP connection goes down ? Because of filtering of the national AS
>>>>> > numbers
>>>>> > > at the international ISP connection , the BGP table doesn't take
>>>>> any
>>>>> > updates
>>>>> > > from the local AS numbers. I hope , i could explain the situation
>>>>> > correctly.
>>>>> > >
>>>>> > >
>>>>> > > Kind Regards...
>>>>> > >
>>>>> > > Burak Dikici
>>>>> > > _______________________________________________
>>>>> > > cisco-nsp mailing list  cisco-nsp at puck.nether.net
>>>>> > > https://puck.nether.net/mailman/listinfo/cisco-nsp
>>>>> > > archive at http://puck.nether.net/pipermail/cisco-nsp/
>>>>> > >
>>>>> >
>>>>> >
>>>>> _______________________________________________
>>>>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>>>>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>>>>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>>>>
>>>>
>>>>
>>>
>>
>