[c-nsp] BGP - Multihoming
Burak Dikici
bdikici at gmail.com
Sat Mar 14 19:13:17 EDT 2009
Hello ,
I would like consult some subject about BGP to the experienced BGP users. We
are making a BGP connection to a two different ISPs via central site router.
We are announcing our subnet via ISP-1 normally , but for ISP2 we are
announcing the subnet with AS path prepending configuration. As a result ,
we still see inbound traffic from internet to our subnet via ISP-2. Is that
possible to adjust more tuning for
inbound traffic ? We would like to achieve that there will be no inbound
traffic via ISP-2.
By the way , in the next step of the configuration we would like to
configure our multihomed BGP router with PBR & NBAR. What we are going to
try with this is that for example p2p traffic from our subnet to the
internet
will be detected with NBAR and it will be forwarded to the ISP-2 connection
with PBR and the return traffic of this
connection will be come through the ISP-2 connection. (Symmetric traffic
flow) How can be achive that ?
Kind Regards...
Burak Dikici
Note: I am writing the configuration of our multihomed BGP router below.
(the real configuration's ip addresses
and BGP AS numbers has beed changed in the text which is writing below.)
router bgp 100
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 222
neighbor 2.2.2.2 description ISP_2
neighbor 1.1.1.1 remote-as 111
neighbor 1.1.1.1 description ISP_1
!
address-family ipv4
no synchronization
network X.Y.0.0 mask 255.255.0.0
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 route-map AS_path_prepend_for_ISP2 out
neighbor 2.2.2.2 filter-list 10 out
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 route-map UPDATES_FOR_ISP1 in
neighbor 1.1.1.1 filter-list 10 out
no auto-summary
exit-address-family
ip as-path access-list 10 permit ^$
access-list 10 permit any
access-list 20 permit X.Y.0.0 0.0.255.255
route-map UPDATES_FOR_ISP1 permit 10
match ip address 10
set weight 100
route-map AS_path_prepend_for_ISP2 permit 10
match ip address 20
set as-path prepend 100 100 100 100 100
route-map AS_path_prepend_for_ISP2 permit 20
More information about the cisco-nsp
mailing list