[c-nsp] BGP - Multihoming
Arda Balkanay
ardabalkanay at gmail.com
Wed Mar 25 08:21:46 EDT 2009
I also aggree with Stig,
If you want to use ISP-2 as a backup of ISP-1 and because of local-pref or
similar config of ISP-2 you see inbound traffic; you can announce more
specific routes towards ISP-1 to break local-pref.
You have a /16. just advertise two /17s and a /16(just for backup) to ISP-1
and advertise the /16 to ISP-2.
ISP-2 would choose /17s and send traffic across ISP-1.
Kind Regards
Arda
On Sun, Mar 15, 2009 at 2:34 AM, Christian Koch <christian at broknrobot.com>wrote:
> I'd agree with Stig's suggestions and his assumption about the local
> pref is probably correct. I'd also suggest you check if your SP's have
> defined communities to send in order to alter attributes of the
> prefixes you are sending.
>
>
> On Sat, Mar 14, 2009 at 5:07 PM, Stig Johansen <Stig.Johansen at atea.no>
> wrote:
> > Burak Dikici wrote:
> >>I would like consult some subject about BGP to the experienced BGP users.
> We are making a BGP connection to a two different ISPs via central site
> router.
> >>We are announcing our subnet via ISP-1 normally , but for ISP2 we are
> announcing the subnet with AS path prepending configuration. As a result ,
> we still see inbound traffic from internet to our subnet via ISP-2. Is that
> possible to adjust more tuning for inbound traffic ? We would like to
> achieve that there will be no inbound traffic via ISP-2.
> >>By the way , in the next step of the configuration we would like to
> configure our multihomed BGP router with PBR & NBAR. What we are going to
> try with this is that for example p2p traffic from our subnet to the
> internet will be detected with NBAR and it will be forwarded to the ISP-2
> connection with PBR and the return traffic of this connection will be come
> through the ISP-2 connection. (Symmetric traffic flow) How can be achive
> that ?
> >
> > Hi there,
> >
> > Maybe someone has better ideas, but here goes anyway;
> >
> > 1) If you prepend your AS various times towards ISP-2, the BGP best path
> selection should prefer the path with the shortest AS-PATH, and therefore
> use your ISP-1 connection.
> > 2) If your ISP-2 has a policy of assigning a higher LOCAL PREFERENCE for
> prefixes originated from any of it's customers, all of the customers of
> ISP-2 (and the ISP-2 it self) will use ISP-2's connection to you by default.
> This is reasonable for ISP-2, as it would use it's own internal network to
> reach you.
> >
> > I'm not sure if ISP-2 would like to change this configuration, as it
> would inflict a higher usage of it's other peeringlinks, but asking doesn't
> hurt.. :)
> >
> > If you want certain traffic to use the ISP-2 link with PBR, you would
> need to make sure the traffic uses IP-addresses which are preferred on the
> ISP-link. If you don't know which source-addresses will need to use this
> link, but use NBAR to discover this, you'll have to use NAT'ing.
> >
> > A) Either get a pool of IP-addresses from ISP-2 (which will be preferred
> on ISP-2 anyway), or use a smaller prefix of your own addresses (and make
> sure they are preferred on the ISP-2 link, using the methods as cited above)
> > B) Use PBR with NBAR to make the interesting traffic use the ISP-2-link
> and configure NAT'ing to the addresses you aquired in A).
> >
> > Best regards,
> > Stig Meireles Johansen
> > _______________________________________________
> > cisco-nsp mailing list cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
> >
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list