4-2-1. Cisco dual BGP with prefix Length (Load-balancing)

   April 9, 2008
BGP sample configuration 3-1-1

Cisco dual BGP with prefix Length (Load-balancing)

   
  • ISPs : 2
  • WAN links : 2
  • CPE : 1
  • PE : 2
  • Device : Cisco router with LAN/WAN ports.
  • WAN1 / Serial IP : 10.20.1.0/30 (mask 255.255.255.252)
  • WAN2 / Serial IP : 10.30.1.0/30 (mask 255.255.255.252)
  • LAN / Ethernet IP : 100.100.100.0/23
  • Receiving Route : No BGP route table from ISP
  • Memory : Full route(recommend 512M), partial route
    (recommend 128-256M), default route only in this sample.
  • LAN : ISP_A (AS20), ISP_B(AS30), Customer (AS10) and other ISP (AS50)

 

BGP sample configuration 3-1-1

 [Read this first]

This idea wouldn’t be a good idea, if you only have a /24 IP block and announcing /25(more specific block) to one of ISP link. Why? most of ISP not accept smaller than /24 IP block from peers. So if you announce /25 from /24 to one of ISP link, the IP block won’t be propagated to other ISP. 
 

It won’t work with smaller blocks(/25 below) due to ISP’s default routing policy

 
If you have bigger than IP block /23 then it is doable solution see below example.  

topology_BGP4-2-1.png

[Traffic flow]

Outbound traffic on CPE

In this sample, we are not receiving any BGP route table from ISP. We configured static routes are pointing to both serial links. Of cause it wouldn’t be 50/50, due to packets will be routed by destination based. 

Inbound traffic  on CPE

All traffic associated with 100.100.100.0/23 except 100.100.101.0/24 will route to ISP_"A" due to 100.100.101.0/24 is more specific block than /23. So in this example half of /23 traffic is routed to each ISP links.

 

[CPE/Customer Cisco Router]

version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CPE
!
ip cef
!
interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial1/0
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/1
 ip address 10.20.1.1 255.255.255.252
 serial restart-delay 0
!
interface Serial1/2
 ip address 10.30.1.1 255.255.255.252
 serial restart-delay 0
!
interface Serial1/3
 no ip address
 shutdown
 serial restart-delay 0
!
interface FastEthernet2/0 <————– Connected to switch
 ip address 100.100.101.1 255.255.255.0 secondary
 ip address 100.100.100.1 255.255.254.0
 duplex auto
 speed auto
!
router bgp 10
 no synchronization
 bgp log-neighbor-changes
 redistribute connected
 neighbor 10.20.1.2 remote-as 20
 neighbor 10.20.1.2 prefix-list traffic-1 out
 neighbor 10.30.1.2 remote-as 30
 neighbor 10.30.1.2 prefix-list traffic-2 out
 neighbor 10.30.1.2 route-map traffic-2 out <————- failover and load-sharing for /23 IP block.
 no auto-summary
!
ip http server
no ip http secure-server
ip forward-protocol nd
!
ip route 0.0.0.0 0.0.0.0 Serial1/1 <————- Load-sharing outbound traffic by destination
ip route 0.0.0.0 0.0.0.0 Serial1/2 <————- Load-sharing outbound traffic by destination
!
ip prefix-list traffic-1 description whole block only
ip prefix-list traffic-1 seq 5 permit 100.100.100.0/23
!
ip prefix-list traffic-2 description whole + specific block
ip prefix-list traffic-2 seq 5 permit 100.100.100.0/23 le 32
!
route-map traffic-2 permit 10 <———— This route-map add AS prepending on announcement to ISP_"B" in order to make failover and load-sharing for /23 IP block.
 match ip address prefix-list traffic-2
 set as-path prepend 10
!
line con 0
 logging synchronous
line aux 0
line vty 0 4
 login
!
!
end

 

[ISP_A PE/ISP Cisco Router]

version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ISP_A
!
ip cef
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial1/0
 ip address 10.20.1.2 255.255.255.252
 serial restart-delay 0
!
interface Serial1/1
 ip address 20.20.1.1 255.255.255.252
 serial restart-delay 0
!
interface Serial1/2
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/3
 no ip address
 shutdown
 serial restart-delay 0
!
router bgp 20
 no synchronization
 bgp log-neighbor-changes
 redistribute connected
 neighbor 10.20.1.1 remote-as 10
 neighbor 10.20.1.1 route-map no-routes out <—- Not sending any route to CPE
 neighbor 20.20.1.2 remote-as 20
 no auto-summary
!
ip http server
no ip http secure-server
ip forward-protocol nd
!
route-map no-routes deny 10 <—- Not sending any route to CPE
!
control-plane
!
line con 0
 exec-timeout 0 0
 logging synchronous
line aux 0
line vty 0 4
 login
!
end

[ISP_B PE / ISP Cisco Router]

version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ISP_B
!
ip cef
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial1/0
 ip address 10.30.1.2 255.255.255.252
 serial restart-delay 0
!
interface Serial1/1
 ip address 30.30.1.1 255.255.255.252
 serial restart-delay 0
!
interface Serial1/2
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/3
 no ip address
 shutdown
 serial restart-delay 0
!
router bgp 30
 no synchronization
 bgp log-neighbor-changes
 redistribute connected
 neighbor 10.30.1.1 remote-as 10
 neighbor 10.30.1.1 route-map no-routes out <—- Not sending any route to CPE
 neighbor 30.30.1.2 remote-as 30
 no auto-summary
!
ip http server
no ip http secure-server
ip forward-protocol nd
!
route-map no-routes deny 10 <—- Not sending any route to CPE
!
line con 0
 exec-timeout 0 0
 logging synchronous
line aux 0
line vty 0 4
 login
!
end 

[Verifing output]

CPE#sh ip bgp | inc 100.100
BGP table version is 16, local router ID is 100.100.100.1
*> 100.100.100.0/23 0.0.0.0                  0         32768 i
*> 100.100.101.0/24 0.0.0.0                  0         32768 i

CPE#sh ip bgp nei 10.20.1.2 ad
BGP table version is 16, local router ID is 100.100.100.1
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
              r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 100.100.100.0/23 0.0.0.0                  0         32768 i

Total number of prefixes 1

 

CPE#sh ip bgp nei 10.30.1.2 ad
BGP table version is 16, local router ID is 100.100.100.1
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
              r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 100.100.100.0/23 0.0.0.0                  0         32768 i
*> 100.100.101.0/24 0.0.0.0                  0         32768 i

Total number of prefixes 2
CPE#

ISP_A#sh ip bgp nei 10.20.1.1 ro
BGP table version is 32, local router ID is 20.20.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
              r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 100.100.100.0/23 10.20.1.1                0             0 10 i

Total number of prefixes 1
ISP_A#

ISP_B#sh ip bgp nei 10.30.1.1 ro
BGP table version is 44, local router ID is 30.30.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
              r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 100.100.100.0/23 10.30.1.1                0             0 10 10 i
*> 100.100.101.0/24 10.30.1.1                0             0 10 10 i

Total number of prefixes 2
ISP_B#

TR_A#sh ip bgp 100.100.101.2
BGP routing table entry for 100.100.101.0/24, version 29

Paths: (2 available, best #2, table Default-IP-Routing-Table)
Flag: 0x820
  Advertised to update-groups:
     1          2
  50 30 10 10
    20.50.1.2 from 20.50.1.2 (30.50.1.2)
      Origin IGP, localpref 100, valid, external
  30 10 10
    20.30.1.2 from 20.30.1.2 (30.50.1.1)
      Origin IGP, localpref 100, valid, external, best
TR_A#


TR_A#sh ip bgp 100.100.101.2
BGP routing table entry for 100.100.101.0/24, version 29

Paths: (2 available, best #2, table Default-IP-Routing-Table)

  Advertised to update-groups:
     1          2
  50 30 10 10
    20.50.1.2 from 20.50.1.2 (30.50.1.2)
      Origin IGP, localpref 100, valid, external
  30 10 10
    20.30.1.2 from 20.30.1.2 (30.50.1.1)
      Origin IGP, localpref 100, valid, external, best

TR_A#sh ip bgp 100.100.100.2
BGP routing table entry for 100.100.100.0/23, version 27

Paths: (1 available, best #1, table Default-IP-Routing-Table)
  Advertised to update-groups:
     1
  10
    10.20.1.1 from 20.20.1.1 (20.20.1.1)
      Origin IGP, metric 0, localpref 100, valid, internal, best
TR_A#

 

TR_B#sh ip bgp 100.100.101.2
BGP routing table entry for 100.100.101.0/24, version 39
Paths: (1 available, best #1, table Default-IP-Routing-Table)
  Advertised to update-groups:
     2
  10 10
    10.30.1.1 from 30.30.1.1 (30.30.1.1)
      Origin IGP, metric 0, localpref 100, valid, internal, best


TR_B#sh ip bgp 100.100.100.2
BGP routing table entry for 100.100.100.0/23, version 37
Paths: (3 available, best #1, table Default-IP-Routing-Table)
  Advertised to update-groups:
     1          2
  20 10
    20.30.1.1 from 20.30.1.1 (20.50.1.1)
      Origin IGP, localpref 100, valid, external, best
  50 20 10
    30.50.1.2 from 30.50.1.2 (30.50.1.2)
      Origin IGP, localpref 100, valid, external
  10 10
    10.30.1.1 from 30.30.1.1 (30.30.1.1)
      Origin IGP, metric 0, localpref 100, valid, internal

 

TR_B#tr 100.100.100.2
Type escape sequence to abort.
Tracing the route to 100.100.100.2

  1 20.30.1.1 52 msec 72 msec 20 msec
  2 20.20.1.1 [AS 20] 20 msec 56 msec 36 msec
  3 10.20.1.1 [AS 20] 28 msec 48 msec 56 msec
  4  *
    100.100.100.2 [AS 10] 80 msec 56 msec
TR_B#

 

Internet#sh ip bgp 100.100.101.2
BGP routing table entry for 100.100.101.0/24, version 31
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Flag: 0x820
  Advertised to update-groups:
     1
  20 30 10 10
    20.50.1.1 from 20.50.1.1 (20.50.1.1)
      Origin IGP, localpref 100, valid, external
  30 10 10
    30.50.1.1 from 30.50.1.1 (30.50.1.1)
      Origin IGP, localpref 100, valid, external, best

 

Internet#tr 100.100.101.2
Type escape sequence to abort.
Tracing the route to 100.100.101.2

  1 30.50.1.1 472 msec 52 msec 28 msec
  2 30.30.1.1 [AS 30] 16 msec 32 msec 80 msec
  3 10.30.1.1 [AS 30] 20 msec 52 msec 32 msec
  4  *
    100.100.101.2 [AS 10] 52 msec 76 msec

 

Internet#sh ip bgp 100.100.100.2
BGP routing table entry for 100.100.100.0/23, version 29
Paths: (2 available, best #2, table Default-IP-Routing-Table)
  Advertised to update-groups:
     1
  30 20 10
    30.50.1.1 from 30.50.1.1 (30.50.1.1)
      Origin IGP, localpref 100, valid, external
  20 10
    20.50.1.1 from 20.50.1.1 (20.50.1.1)
      Origin IGP, localpref 100, valid, external, best

Internet#tr 100.100.100.2
Type escape sequence to abort.
Tracing the route to 100.100.100.2

  1 20.50.1.1 44 msec 44 msec 20 msec
  2 20.20.1.1 [AS 20] 20 msec 36 msec 24 msec
  3 10.20.1.1 [AS 20] 20 msec 36 msec 52 msec
  4  *
    100.100.100.2 [AS 10] 84 msec 88 msec
Internet#

 [Dynamips testing]

Download and test it yourself with below Dynamips configuration files.

  Dynamips NET file

  Router configuration files 

 

If you have any questions, feel free to send email us at [email protected]. If you are looking for professional grade service, you might want to try our "BGP experts service". What is "BGP Experts service"? Click "BGP Experts" from the top menu option. You will find out what the "BGP Experts" and what we are doing here for.

Author: Chris Yoon

IT professional