3-5-1 Cisco dual BGP with Origin Value (Redundancy)

BGP sample configuration 3-4-2

Cisco dual BGP with Origin Value (Redundancy)

   
  • ISPs : 1
  • WAN links : 2
  • CPE : 1
  • GW : 2
  • Device : Cisco router with LAN/WAN ports.
  • WAN1 / Serial IP : 10.20.1.0/30 (mask 255.255.255.252)
  • WAN2 / Serial IP : 10.20.2.0/30 (mask 255.255.255.252)
  • Customer LAN IP : 100.100.100.0/24 and 200.200.200.0/24
  • Receiving Route : Default route
  • Memory : Full route(recommend 512M), partial route
    (recommend 128-256M)
  • LAN : ISP (AS10) and Customer (AS20)

 

BGP sample configuration 3-4-2

[Traffic flow]

Outbound traffic on CPE
All outbound traffic will go out thru both links. It is controlled by simple default route statement in this scenario. Outbound traffic won’t be divided in exact 50/50. Because traffic will route to the link per destination(default) based, but not per packet. Don’t worry, overall it make a balancing traffic. Most of ISPs are not supporting per packet option due to it is CPU intensive command(they said). 
 
Inbound traffic on CPE
In this case we assumed that LAN side IP blocks are fully used(/24). We will announce both /24 IP blocks thru WAN1 and WAN 2 with Origin code on only one side of IP block. For example, 100.100.100.0/24 IP block will be tagged with Origin IGP, when it is announcing thru WAN1. Both IP blocks are learned thru ‘redistribute connected’ so, Origin value would be ‘incomplete’ until we manaully change it. Orign IGP is more prefer than incomplete, so 100.100.100.0/24 traffic will be preferred take WAN 1 insteads of WAN2. 
Inbound traffic for 100.100.100.0/24 will take WAN 1 and inbound traffic 200.200.200.0/24 will take WAN 2. Failover will be taken place, if one of link is failed.

 

[CPE/Customer Cisco Router]

Current configuration:
 version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CPE
!
boot-start-marker
boot-end-marker
!
no aaa new-model
memory-size iomem 5
!
ip cef
!
interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial1/0
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/1
 ip address 10.20.1.2 255.255.255.252
 serial restart-delay 0
!
interface Serial1/2
 ip address 10.20.2.2 255.255.255.252
 serial restart-delay 0
!
interface Serial1/3
 no ip address
 shutdown
 serial restart-delay 0
!
interface FastEthernet2/0
 ip address 100.100.100.1 255.255.255.0 secondary
 ip address 200.200.200.1 255.255.255.0
 duplex auto
 speed auto
!
router bgp 20 <———— Customer ASN
 no synchronization
 bgp log-neighbor-changes
 redistribute connected
 neighbor 10.20.1.1 remote-as 10 <———— BGP neighbor with GW1
 neighbor 10.20.1.1 route-map traffic-1 out <———— route-map for traffic shape
 neighbor 10.20.2.1 remote-as 10 <———— BGP neighbor with GW2
 neighbor 10.20.2.1 route-map traffic-2 out <———— route-map for traffic shape
 no auto-summary
!
ip http server
no ip http secure-server
ip forward-protocol nd
!
access-list 1 permit 100.100.100.0 0.0.0.255
access-list 2 permit 200.200.200.0 0.0.0.255

!
route-map traffic-1 permit 10
 match ip address 1
<———— match with ACL 1 / permit 100.100.100.0/24
 set origin igp <———— Change origin value to ‘IGP’
!
route-map traffic-1 permit 20
 match ip address 2

!
route-map traffic-2 permit 10
 match ip address 2
<———— match with ACL 2 / permit 200.200.200.0/24
 set origin igp <———— Change origin value to ‘IGP’
!
route-map traffic-2 permit 20
 match ip address 1

!
control-plane
!
line con 0
line aux 0
line vty 0 4
 login
!
end

[GW1 / ISP Cisco Router]

Current configuration:


 version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname GW1
!
boot-start-marker
boot-end-marker
!
no aaa new-model
memory-size iomem 5
!
ip cef
!
interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial1/0
 ip address 10.20.1.1 255.255.255.252
 serial restart-delay 0
!
interface Serial1/1
 ip address 1.3.1.1 255.255.255.252
 serial restart-delay 0
!
interface Serial1/2
 ip address 1.4.1.1 255.255.255.252
 serial restart-delay 0
!
interface Serial1/3
 no ip address
 shutdown
 serial restart-delay 0
!
router bgp 10 <———— ISP ASN
 no synchronization
 bgp log-neighbor-changes
 redistribute connected
 neighbor 1.3.1.2 remote-as 10
 neighbor 1.4.1.2 remote-as 10
 neighbor 10.20.1.2 remote-as 20 <————- BGP neighbor with CPE
 neighbor 10.20.1.2 default-originate
 no auto-summary
!
ip http server
no ip http secure-server
ip forward-protocol nd
!
control-plane
!
line con 0
 exec-timeout 0 0
 logging synchronous
line aux 0
line vty 0 4
 login
!
end
 

[GW2 / ISP Cisco Router]

version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname GW2
!
boot-start-marker
boot-end-marker
!
ip cef
!
interface Loopback0
 ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial1/0
 ip address 10.20.2.1 255.255.255.252
 serial restart-delay 0
!
interface Serial1/1
 ip address 2.4.1.1 255.255.255.252
 serial restart-delay 0
!
interface Serial1/2
 ip address 2.3.1.1 255.255.255.252
 serial restart-delay 0
!
interface Serial1/3
 no ip address
 shutdown
 serial restart-delay 0
!
router bgp 10 <———— ISP ASN
 no synchronization
 bgp log-neighbor-changes
 redistribute connected
 neighbor 2.3.1.2 remote-as 10
 neighbor 2.4.1.2 remote-as 10
 neighbor 10.20.2.2 remote-as 20 <————- BGP neighbor with CPE
 neighbor 10.20.2.2 default-originate
 no auto-summary
!
ip http server
no ip http secure-server
ip forward-protocol nd
!
control-plane
!
line con 0
 exec-timeout 0 0
 logging synchronous
line aux 0
line vty 0 4
 login
!
end   

 

 [Dynamips testing]

Download and test it yourself with below Dynamips configuration files.

  Dynamips NET file

  Router configuration files

[Verifing output]

‘!’ means Origin IGP and ‘?’ means Origin incomplete.

BGP output_BGP3-5-1-1.png

BGP output_BGP3-5-1-2.png 

 Traffic destined to 100.100.100.x/24 is preferred to WAN1(GW1 and CPE) and traffic destined to 200.200.200.x/24 is preferred to WAN2(GW2 and CPE) by Origin value.

 

 BGP output_BGP3-5-1-3.png

 

 BGP output_BGP3-5-1-4.png

If you have any questions, feel free to send email us at [email protected]. If you are looking for professional grade service, you might want to try our "BGP experts service". What is "BGP Experts service"? Click "BGP Experts" from the top menu option. You will find out what the "BGP Experts" and what we are doing here for.

 

Author: admin