4-4-2. Cisco dual BGP with Community string (Load-balancing)

BGP sample configuration 3-1-1

Cisco dual BGP with Community string (Load-balancing)

   
  • ISPs : 2
  • WAN links : 2
  • CPE : 1
  • PE : 2
  • Device : Cisco router with LAN/WAN ports.
  • WAN1 / Serial IP : 10.20.1.0/30 (mask 255.255.255.252)
  • WAN2 / Serial IP : 10.30.1.0/30 (mask 255.255.255.252)
  • LAN / Ethernet IP : 100.100.100.0/24 and 200.200.200.0/24
  • Receiving Route : No BGP route table from ISP
  • Memory : Full route(recommend 512M), partial route
    (recommend 128-256M)
  • LAN : ISP_A (AS20), ISP_B(AS30), Customer (AS10) and Other ISP(AS50)

 

BGP sample configuration 3-1-1

[Traffic flow]

Outbound traffic on CPE

In this sample, customer is not receiving any BGP route table from ISP. We configured static routes are pointing to both serial links. Of cause it wouldn’t be 50/50, due to packets will be routed by destination based.  

Inbound traffic  on CPE

All traffic associated with 100.100.100.0/24 will be routed thru ISP_"A" and 200.200.200.0/24 will be routed thru ISP_"B". This configuration will cover failover situation as well. One of line failed, other link will take both traffic. See below example and testing output.

topology_BGP4-1-1.png

[CPE/Customer Cisco Router]
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CPE
!
boot-start-marker
boot-end-marker
!
ip cef
no ip domain lookup
!
interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial1/0
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/1
 ip address 10.20.1.1 255.255.255.252
 load-interval 30
 serial restart-delay 0
!
interface Serial1/2
 ip address 10.30.1.1 255.255.255.252
 load-interval 30
 serial restart-delay 0
!
interface Serial1/3
 no ip address
 shutdown
 serial restart-delay 0
!
interface FastEthernet2/0
 ip address 200.200.200.1 255.255.255.0 secondary
 ip address 100.100.100.1 255.255.255.0
 duplex auto
 speed auto
!
router bgp 10
 no synchronization
 bgp log-neighbor-changes
 network 100.100.100.0 mask 255.255.255.0
 network 200.200.200.0

 redistribute connected
 neighbor 10.20.1.2 remote-as 20 <—————— BGP neighbor to ISP_"A"
 neighbor 10.20.1.2 send-community <————– Must configure to send community string
 neighbor 10.20.1.2 prefix-list to-ISP out <——— Allow only IP block need to be advertised to ISP
 neighbor 10.20.1.2 route-map traffic-1 out <—- To control inbound traffic
 neighbor 10.30.1.2 remote-as 30 <—————— BGP neighbor to ISP_"B"
 neighbor 10.30.1.2 send-community <————– Must configure to send community string
 neighbor 10.30.1.2 prefix-list to-ISP out <——— Allow only IP block need to be advertised to ISP
 neighbor 10.30.1.2 route-map traffic-2 out <—- To control inbound traffic
 no auto-summary
!
ip http server
no ip http secure-server
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Serial1/1 <————– To control outbound traffic, load-sharing
ip route 0.0.0.0 0.0.0.0 Serial1/2 <————– To control outbound traffic, load-sharing
!
ip bgp-community new-format <————– For new BGP community format
!
ip prefix-list prefix-1 seq 5 permit 100.100.100.0/24
!
ip prefix-list prefix-2 seq 5 permit 200.200.200.0/24
!
ip prefix-list to-ISP seq 5 permit 100.100.100.0/24 <——- Permitting IP blocks for advertisement
ip prefix-list to-ISP seq 10 permit 200.200.200.0/24 <—– Permitting IP blocks for advertisement
!
route-map traffic-1 permit 10 <——— Route-map to control inbound traffic
 match ip address prefix-list prefix-2
 set community 20:3

!
route-map traffic-1 permit 20
!
route-map traffic-2 permit 10 <——— Route-map to control inbound traffic
 match ip address prefix-list prefix-1
 set community 30:3

!
route-map traffic-2 permit 20
!
control-plane
!
line con 0
 exec-timeout 0 0
 logging synchronous
line aux 0
line vty 0 4
 login
!
end
 
[ISP_A PE/ISP Cisco Router]

version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ISP_A
!
boot-start-marker
boot-end-marker
!
ip cef
no ip domain lookup
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial1/0
 ip address 10.20.1.2 255.255.255.252
 serial restart-delay 0
!
interface Serial1/1
 ip address 20.20.1.1 255.255.255.252
 serial restart-delay 0
!
interface Serial1/2
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/3
 no ip address
 shutdown
 serial restart-delay 0
!
router bgp 20
 no synchronization
 bgp log-neighbor-changes
 redistribute connected
 neighbor 10.20.1.1 remote-as 10 <—————— BGP neighbor to Customer
 neighbor 10.20.1.1 route-map customer-in in <—— To apply BGP community policy on customer’s routes
 neighbor 10.20.1.1 route-map no-routes out <——- No BGP routes will be sent to Customer
 neighbor 20.20.1.2 remote-as 20
 no auto-summary
!
ip http server
no ip http secure-server
ip forward-protocol nd
!
ip bgp-community new-format <————– For new BGP community format
ip community-list 1 permit 20:1
ip community-list 2 permit 20:2
ip community-list 3 permit 20:3
ip community-list 5 permit 20:120

!
route-map no-routes deny 10
!
route-map customer-in permit 10
 match community 1
 set as-path prepend 20

!
route-map customer-in permit 20
 match community 2
 set as-path prepend 20 20

!
route-map customer-in permit 30
 match community 3
 set as-path prepend 20 20 30

!
route-map customer-in permit 40
 match community 4
 set local-preference 80

!
route-map customer-in permit 50
 match community 5
 set local-preference 120

!
route-map customer-in permit 60
!
control-plane
!
line con 0
 exec-timeout 0 0
 logging synchronous
line aux 0
line vty 0 4
 login
!
end

 
[ISP_B PE/ISP Cisco Router]

version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ISP_B
!
boot-start-marker
boot-end-marker
!
ip cef
no ip domain lookup
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial1/0
 ip address 10.30.1.2 255.255.255.252
 serial restart-delay 0
!
interface Serial1/1
 ip address 30.30.1.1 255.255.255.252
 serial restart-delay 0
!
interface Serial1/2
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/3
 no ip address
 shutdown
 serial restart-delay 0
!
router bgp 30
 no synchronization
 bgp log-neighbor-changes
 redistribute connected
 neighbor 10.30.1.1 remote-as 10 <—————— BGP neighbor to Customer
 neighbor 10.30.1.1 route-map customer-in in <—— To apply BGP community policy on customer’s route
 neighbor 10.30.1.1 route-map no-routes out <——- No BGP routes will be sent to Customer
 neighbor 30.30.1.2 remote-as 30
 no auto-summary
!
ip http server
no ip http secure-server
ip forward-protocol nd
!
ip bgp-community new-format <————– For new BGP community format
ip community-list 1 permit 30:1
ip community-list 2 permit 30:2
ip community-list 3 permit 30:3
ip community-list 4 permit 30:80
ip community-list 5 permit 30:120

!
route-map no-routes deny 10
!
route-map customer-in permit 10
 match community 1
 set as-path prepend 30

!
route-map customer-in permit 20
 match community 2
 set as-path prepend 30 30

!
route-map customer-in permit 30
 match community 3
 set as-path prepend 30 30 30

!
route-map customer-in permit 40
 match community 4
 set local-preference 80

!
route-map customer-in permit 50
 match community 5
 set local-preference 120

!
route-map customer-in permit 60
!
control-plane
!
line con 0
 exec-timeout 0 0
 logging synchronous
line aux 0
line vty 0 4
 login
!
end

 

 [Verifing output]

CPE#sh ip bgp nei 10.20.1.2 ro
Total number of prefixes 0

CPE#sh ip bgp nei 10.20.1.2 ad
BGP table version is 5, local router ID is 100.100.100.1
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
              r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 100.100.100.0/24 0.0.0.0                  0         32768 i
*> 200.200.200.0    0.0.0.0                  0         32768 i

Total number of prefixes 2

CPE#sh ip bgp nei 10.30.1.2 ro
Total number of prefixes 0

CPE#sh ip bgp nei 10.30.1.2 ad
BGP table version is 5, local router ID is 100.100.100.1
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
              r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 100.100.100.0/24 0.0.0.0                  0         32768 i
*> 200.200.200.0    0.0.0.0                  0         32768 i

Total number of prefixes 2

CPE#sh ip route 0.0.0.0
Routing entry for 0.0.0.0/0, supernet
  Known via "static", distance 1, metric 0 (connected), candidate default path
  Routing Descriptor Blocks:
  * directly connected, via Serial1/1
      Route metric is 0, traffic share count is 1
    directly connected, via Serial1/2
      Route metric is 0, traffic share count is 1

CPE#


 
ISP_A#sh ip bgp nei 10.20.1.1 ro
BGP table version is 16, local router ID is 20.20.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
              r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 100.100.100.0/24 10.20.1.1                0             0 10 i
*  200.200.200.0    10.20.1.1                0             0 20 20 30 10 i

Total number of prefixes 2
ISP_A#


 
ISP_B#sh ip bgp nei 10.30.1.1 ro
BGP table version is 20, local router ID is 30.30.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
              r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*  100.100.100.0/24 10.30.1.1                0             0 30 30 30 10 i
*> 200.200.200.0    10.30.1.1                0             0 10 i

Total number of prefixes 2
ISP_B#


 
TR_A#sh ip bgp 100.100.100.2
BGP routing table entry for 100.100.100.0/24, version 15
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Flag: 0x820
  Advertised to update-groups:
     1
  10
    10.20.1.1 from 20.20.1.1 (20.20.1.1)
      Origin IGP, metric 0, localpref 100, valid, internal, best


TR_A#sh ip bgp 200.200.200.2

BGP routing table entry for 200.200.200.0/24, version 16
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Flag: 0x820
  Advertised to update-groups:
     1          2
  50 30 10
    20.50.1.2 from 20.50.1.2 (30.50.1.2)
      Origin IGP, localpref 100, valid, external
  30 10
    20.30.1.2 from 20.30.1.2 (30.50.1.1)
      Origin IGP, localpref 100, valid, external, best
TR_A#

 

TR_B#sh ip bgp 100.100.100.2
BGP routing table entry for 100.100.100.0/24, version 19
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Flag: 0x820
  Advertised to update-groups:
     1          2
  50 20 10
    30.50.1.2 from 30.50.1.2 (30.50.1.2)
      Origin IGP, localpref 100, valid, external
  20 10
    20.30.1.1 from 20.30.1.1 (20.50.1.1)
      Origin IGP, localpref 100, valid, external, best


TR_B#sh ip bgp 200.200.200.2

BGP routing table entry for 200.200.200.0/24, version 17
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Flag: 0x820
  Advertised to update-groups:
     2
  10
    10.30.1.1 from 30.30.1.1 (30.30.1.1)
      Origin IGP, metric 0, localpref 100, valid, internal, best
TR_B#

 

Internet#sh ip bgp 100.100.100.2
BGP routing table entry for 100.100.100.0/24, version 17
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Flag: 0x820
  Advertised to update-groups:
     1
  30 20 10
    30.50.1.1 from 30.50.1.1 (30.50.1.1)
      Origin IGP, localpref 100, valid, external
  20 10
    20.50.1.1 from 20.50.1.1 (20.50.1.1)
      Origin IGP, localpref 100, valid, external, best


Internet#tr 100.100.100.2

Type escape sequence to abort.
Tracing the route to 100.100.100.2

  1 20.50.1.1 40 msec 40 msec 28 msec
  2 20.20.1.1 [AS 20] 24 msec 36 msec 68 msec
  3 10.20.1.1 [AS 20] 16 msec 52 msec 52 msec
  4  *
    100.100.100.2 [AS 10] 68 msec 104 msec

Internet#sh ip bgp 200.200.200.2
BGP routing table entry for 200.200.200.0/24, version 18
Paths: (2 available, best #1, table Default-IP-Routing-Table)
  Advertised to update-groups:
     1
  30 10
    30.50.1.1 from 30.50.1.1 (30.50.1.1)
      Origin IGP, localpref 100, valid, external, best
  20 30 10
    20.50.1.1 from 20.50.1.1 (20.50.1.1)
      Origin IGP, localpref 100, valid, external

Internet#tr 200.200.200.2
Type escape sequence to abort.
Tracing the route to 200.200.200.2

  1 30.50.1.1 40 msec 52 msec 56 msec
  2 30.30.1.1 [AS 30] 28 msec 48 msec 40 msec
  3 10.30.1.1 [AS 30] 24 msec 68 msec 36 msec
  4  *
    200.200.200.2 [AS 10] 84 msec 84 msec
Internet#

 

 [Dynamips testing]

Download and test it yourself with below Dynamips configuration files.

  Dynamips NET file

  Router configuration files

 

If you have any questions, feel free to send email us at [email protected]. If you are looking for professional grade service, you might want to try our "BGP experts service". What is "BGP Experts service"? Click "BGP Experts" from the top menu option. You will find out what the "BGP Experts" and what we are doing here for.


Author: Chris Yoon

IT professional