[j-nsp] RE: Policy Statement Question

Anton Smith anton at huge.geek.nz
Sun Jan 29 01:41:03 EST 2006


> Message: 1
> Date: Sat, 28 Jan 2006 13:25:25 -0500
> From: Chris Davies <isp at daviesinc.com>
> Subject: [j-nsp] Policy Statement Question
> To: juniper-nsp at puck.nether.net
> Message-ID: <43DBB715.8020804 at daviesinc.com>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
> 
> I have two current issues which might have one solution.  Our initial
> testing shows that the Juniper reduced average latency about 10ms, so,
> even though our Cisco wasn't showing any real signs of cpu usage, it
> appears (and feels like) the Juniper has made an improvement in
> performance which was a small surprise.
> 
> The issue I'm working with now is that we buy transit from two
> providers, a Tier 1 (Cogent) and a Tier 2 (Internap) if you wanted to
> use 'old' terms.  The problem I am running into is that since Internap
> is technically a Tier 2 (they buy transit from Tier 1 providers), only
> 25k of the 175k routes have shorter ASPaths to the destination.
> 
> Since Internap is only adding 1 router hop and 1 AS Hop, I should ASPad
> on Cogent's side.  That would perhaps level the playing field for
> inbound traffic.
> 
> If I understand this right, can someone do a sanity check?  (The
> IOS2junos convertor really made things a mess for me, so, I tried to
> figure out what it needed and stripped out the rest of it)
> 
> policy-statement aspad_Cogent {
>      term aspad_Cogent {
>          then as-path-prepend 11110;
>      }
> }
> 
> Do I need a from condition if I want to unconditionally aspad?
> 
> If I understand it, I do not want an accept here since I want the next
> policy statement to also be executed.
> 
> Now, on my A-Peer with Cogent (they use multihop), I would set
> 
> export [ aspad_Cogent bgp_distributes ]
> 
> At that point, I need to
> 
> clear bgp neighbor (a-peer's ip) soft
> 
> to send the config.
> 
> AS Padding on my exports should result in inbound traffic perhaps
> choosing a better path since the ASPath's across Cogent and Internap
> would be a little more balanced.  When I add another provider alongside
> these two, if it is another Tier 1 provider, I would probably need to
> pad their incoming as well.
> 
> If someone could give this a quick sanity check, I'd appreciate it.  12
> years of IOS -> Junos has been a bit of a challenge.  :)
> 
> Thanks.
> 

Hi Chris,

I'm going to attempt to rephrase what you're trying to do since I think
there is a little bit of confusion over it.

If I understand you correctly, you are concerned with traffic *inbound* to
your AS. I'm going to make the assumption that you have already applied
policies within your AS using mechanisms such as local preference to balance
traffic *outbound*.

So the problem seems to be that you are advertising your prefixes to a tier
1 and a tier 2 provider. The prefixes advertised to the tier 2 provider end
up with an extra ASN in their path when they are advertised to whoever tier
2 is connected to. So you want to balance it out a bit by prepending your
own ASN once to anything you advertise to tier 1. This way any AS connected
to both your tier 1 and tier 2 provider will see prefixes with equal AS path
lengths.

As for the config, I'm fairly sure that the as-path-prepend action is
non-terminating, so your policy should be okay even with-out a next-policy
statement. In fact I think your config is probably okay.

It's worth noting that there's no real guarantee this will work, since it
really depends on the local 'net topology (who's connected to who etc). But
in *theory and a bit of salt* it should help.

Have you tried it yet? You should be able to use 'show route
advertising-protocol bgp x.x.x.x detail' to see what your AS path looks like
outgoing.

Apologies if I'm off the mark :).

Regards,
Anton Smith
Alcatel NZ Ltd.



More information about the juniper-nsp mailing list