Cisco dual BGP with AS prepend-iBGP (Load-sharing)
|
|
[Traffic flow]
In this sample, customer is receiving default route from ISP and iBGP router(less preferred path). By the default route, outbound traffic of IP block 100.100.100.0/24 will be routed to WAN link on CPE_1 and traffic of IP block 200.200.200.0/24 will be routed to WAN link on CPE_2. When either one of serial link is down, outbound traffic will be routed thru iBGP peer.
As you can see below sample BGP configuration, CPE_1 is announcing 100.100.100.0/24 and 200.200.200.0/24 with as-path prepending three times. Also CPE_2 is announcing 200.200.200.0/24 and 100.100.100.0/24 with as-path prepending three times for less preferred path. So alll inbound traffic associated with 100.100.100.0/24 will be routed thru WAN link of CPE_1 and 200.200.200.0/24 will be routed thru the WAN link of CPE_2. This configuration will cover failover situation and achieve load-sharing plan. One of line is failed, other link will take both traffic by BGP routing policy. See below example and testing output.
[CPE_1/Customer Cisco Router]
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CPE_1
!
ip cef
no ip domain lookup
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial1/0
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/1
ip address 10.20.1.1 255.255.255.252
load-interval 30
serial restart-delay 0
!
interface Serial1/2
no ip address
load-interval 30
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
interface FastEthernet2/0
ip address 200.200.200.2 255.255.255.0 secondary
ip address 100.100.100.1 255.255.255.0
duplex auto
speed auto
!
router bgp 10
no synchronization
bgp log-neighbor-changes
network 100.100.100.0 mask 255.255.255.0
network 200.200.200.0
redistribute connected
neighbor 10.20.1.2 remote-as 20 <—————— BGP neighbor to ISP
neighbor 10.20.1.2 prefix-list to-ISP out <——— Allow only IP block need to be advertised to ISP
neighbor 10.20.1.2 route-map route-to-ISP out <—- To control inbound traffic
neighbor 100.100.100.2 remote-as 10 <———– iBGP neighbor to CPE_2
neighbor 100.100.100.2 default-originate <——- Send default route
neighbor 100.100.100.2 route-map route-to-ibgp in <—- To control inbound traffic from CPE_2
no auto-summary
!
ip http server
no ip http secure-server
ip forward-protocol nd
!
ip bgp-community new-format
!
ip prefix-list prefix-1 seq 5 permit 100.100.100.0/24
!
ip prefix-list prefix-2 seq 5 permit 200.200.200.0/24
!
ip prefix-list to-ISP seq 5 permit 100.100.100.0/24
ip prefix-list to-ISP seq 10 permit 200.200.200.0/24
!
route-map route-to-ISP permit 10 <——– To control inbound traffic
match ip address prefix-list prefix-2
set as-path prepend 10 10 10
!
route-map route-to-ISP permit 20
!
route-map route-to-ibgp permit 10 <——- Make less prefer to route path thru iBGP
set local-preference 80
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
end
[CPE_2/Customer Cisco Router]
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CPE_2
!
ip cef
no ip domain lookup
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial1/0
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/1
ip address 10.20.2.1 255.255.255.252
load-interval 30
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
interface FastEthernet2/0
ip address 100.100.100.2 255.255.255.0 secondary
ip address 200.200.200.1 255.255.255.0
duplex auto
speed auto
!
router bgp 10
no synchronization
bgp log-neighbor-changes
network 100.100.100.0 mask 255.255.255.0
network 200.200.200.0
redistribute connected
neighbor 10.20.2.2 remote-as 20 <—————— BGP neighbor to ISP
neighbor 10.20.2.2 prefix-list to-ISP out <——— Allow only IP block need to be advertised to ISP
neighbor 10.20.2.2 route-map route-to-ISP out <—- To control inbound traffic
neighbor 100.100.100.1 remote-as 10 <———– iBGP neighbor to CPE_1
neighbor 100.100.100.1 default-originate <——- Send default route
neighbor 100.100.100.1 route-map route-to-ibgp in <—- To control inbound traffic from CPE_1
no auto-summary
!
ip http server
no ip http secure-server
ip forward-protocol nd
!
ip bgp-community new-format
!
ip prefix-list prefix-1 seq 5 permit 100.100.100.0/24
!
ip prefix-list prefix-2 seq 5 permit 200.200.200.0/24
!
ip prefix-list to-ISP seq 5 permit 100.100.100.0/24
ip prefix-list to-ISP seq 10 permit 200.200.200.0/24
!
route-map route-to-ISP permit 10 <——– To control inbound traffic
match ip address prefix-list prefix-1
set as-path prepend 10 10 10
!
route-map route-to-ISP permit 20
!
route-map route-to-ibgp permit 10 <——- Make less prefer to route path thru iBGP
set local-preference 80
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
end
[PE_1 / ISP Cisco Router]
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname PE_1
!
ip cef
no ip domain lookup
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial1/0
ip address 10.20.1.2 255.255.255.252
serial restart-delay 0
!
interface Serial1/1
ip address 20.1.3.1 255.255.255.252
serial restart-delay 0
!
interface Serial1/2
ip address 20.1.4.1 255.255.255.252
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
router bgp 20
no synchronization
bgp log-neighbor-changes
redistribute connected
neighbor 10.20.1.1 remote-as 10 <—————— BGP neighbor to Customer
neighbor 10.20.1.1 default-originate <——- Send default route
neighbor 10.20.1.1 route-map no-routes out <——- No BGP routes will be sent to Customer
neighbor 20.1.3.2 remote-as 20
neighbor 20.1.4.2 remote-as 20
no auto-summary
!
ip http server
no ip http secure-server
ip forward-protocol nd
!
ip bgp-community new-format
!
route-map no-routes deny 10 <——- No BGP routes will be sent to Customer
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
!
end
[PE_2 / ISP Cisco Router]
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname PE_2
!
ip cef
no ip domain lookup
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial1/0
ip address 10.20.2.2 255.255.255.252
serial restart-delay 0
!
interface Serial1/1
ip address 20.2.4.1 255.255.255.252
serial restart-delay 0
!
interface Serial1/2
ip address 20.2.3.1 255.255.255.252
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
router bgp 20
no synchronization
bgp log-neighbor-changes
redistribute connected
neighbor 10.20.2.1 remote-as 10 <—————— BGP neighbor to Customer
neighbor 10.20.2.1 default-originate <——- Send default route
neighbor 10.20.2.1 route-map no-routes out <——- No BGP routes will be sent to Customer
neighbor 20.2.3.2 remote-as 20
neighbor 20.2.4.2 remote-as 20
no auto-summary
!
ip http server
no ip http secure-server
ip forward-protocol nd
!
ip bgp-community new-format
!
route-map no-routes deny 10 <——- No BGP routes will be sent to Customer
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
end
[Verifing output]
CPE_1#sh ip bgp 0.0.0.0
BGP routing table entry for 0.0.0.0/0, version 14
Paths: (2 available, best #1, table Default-IP-Routing-Table)
Not advertised to any peer
20
10.20.1.2 from 10.20.1.2 (20.1.4.1)
Origin IGP, metric 0, localpref 100, valid, external, best
Local
100.100.100.2 from 100.100.100.2 (200.200.200.1)
Origin IGP, metric 0, localpref 80, valid, internalCPE_1#sh ip bgp nei 10.20.1.2 ro
BGP table version is 16, local router ID is 100.100.100.1
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 10.20.1.2 0 0 20 iTotal number of prefixes 1
CPE_1#sh ip bgp nei 10.20.1.2 ad
BGP table version is 16, local router ID is 100.100.100.1
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 100.100.100.0/24 0.0.0.0 0 32768 i
*> 200.200.200.0 0.0.0.0 0 32768 iTotal number of prefixes 2
CPE_1#CPE_2#sh ip bgp 0.0.0.0
BGP routing table entry for 0.0.0.0/0, version 21
Paths: (2 available, best #1, table Default-IP-Routing-Table)
Flag: 0x820
Not advertised to any peer
20
10.20.2.2 from 10.20.2.2 (20.2.4.1)
Origin IGP, metric 0, localpref 100, valid, external, best
Local
100.100.100.1 from 100.100.100.1 (100.100.100.1)
Origin IGP, metric 0, localpref 80, valid, internal
CPE_2#sh ip bgp nei 10.20.2.2 ro
BGP table version is 21, local router ID is 200.200.200.1
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 10.20.2.2 0 0 20 iTotal number of prefixes 1
CPE_2#sh ip bgp nei 10.20.2.2 ad
BGP table version is 21, local router ID is 200.200.200.1
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 100.100.100.0/24 0.0.0.0 0 32768 i
*> 200.200.200.0 0.0.0.0 0 32768 iTotal number of prefixes 2
CPE_2#PE_1#sh ip bgp neighbors 10.20.1.1 ro
BGP table version is 43, local router ID is 20.1.4.1
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 100.100.100.0/24 10.20.1.1 0 0 10 i
*> 200.200.200.0 10.20.1.1 0 0 10 10 10 10 iTotal number of prefixes 2
PE_1#PE_2#sh ip bgp neighbors 10.20.2.1 ro
BGP table version is 26, local router ID is 20.2.4.1
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 100.100.100.0/24 10.20.2.1 0 0 10 10 10 10 i
*> 200.200.200.0 10.20.2.1 0 0 10 iTotal number of prefixes 2
PE_2#TR_A#sh ip bgp 100.100.100.0
BGP routing table entry for 100.100.100.0/24, version 36
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Advertised to update-groups:
1
10 10 10 10
10.20.2.1 from 20.2.3.1 (20.2.4.1)
Origin IGP, metric 0, localpref 100, valid, internal
10
10.20.1.1 from 20.1.3.1 (20.1.4.1)
Origin IGP, metric 0, localpref 100, valid, internal, bestTR_A#sh ip bgp 200.200.200.0
BGP routing table entry for 200.200.200.0/24, version 40
Paths: (2 available, best #1, table Default-IP-Routing-Table)
Flag: 0x820
Advertised to update-groups:
1
10
10.20.2.1 from 20.2.3.1 (20.2.4.1)
Origin IGP, metric 0, localpref 100, valid, internal, best
10 10 10 10
10.20.1.1 from 20.1.3.1 (20.1.4.1)
Origin IGP, metric 0, localpref 100, valid, internal
TR_A#TR_B#sh ip bgp 100.100.100.0
BGP routing table entry for 100.100.100.0/24, version 32
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Advertised to update-groups:
1
10 10 10 10
10.20.2.1 from 20.2.4.1 (20.2.4.1)
Origin IGP, metric 0, localpref 100, valid, internal
10
10.20.1.1 from 20.1.4.1 (20.1.4.1)
Origin IGP, metric 0, localpref 100, valid, internal, bestTR_B#sh ip bgp 200.200.200.0
BGP routing table entry for 200.200.200.0/24, version 36
Paths: (2 available, best #1, table Default-IP-Routing-Table)
Flag: 0x820
Advertised to update-groups:
1
10
10.20.2.1 from 20.2.4.1 (20.2.4.1)
Origin IGP, metric 0, localpref 100, valid, internal, best
10 10 10 10
10.20.1.1 from 20.1.4.1 (20.1.4.1)
Origin IGP, metric 0, localpref 100, valid, internal
TR_B#Internet#sh ip bgp 100.100.100.0
BGP routing table entry for 100.100.100.0/24, version 26
Paths: (2 available, best #1, table Default-IP-Routing-Table)
Advertised to update-groups:
1
20 10
20.50.2.1 from 20.50.2.1 (20.50.2.1)
Origin IGP, localpref 100, valid, external, best
20 10
20.50.1.1 from 20.50.1.1 (20.50.1.1)
Origin IGP, localpref 100, valid, externalInternet#tr 100.100.100.4
Type escape sequence to abort.
Tracing the route to 100.100.100.41 20.50.2.1 40 msec 72 msec 20 msec
2 20.1.4.1 [AS 20] 92 msec 120 msec 52 msec
3 10.20.1.1 [AS 20] 120 msec 96 msec 104 msec
4 100.100.100.4 [AS 10] 128 msec 144 msec *Internet#sh ip bgp 200.200.200.4
BGP routing table entry for 200.200.200.0/24, version 32
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Flag: 0x820
Advertised to update-groups:
1
20 10
20.50.2.1 from 20.50.2.1 (20.50.2.1)
Origin IGP, localpref 100, valid, external
20 10
20.50.1.1 from 20.50.1.1 (20.50.1.1)
Origin IGP, localpref 100, valid, external, bestInternet#tr 200.200.200.4
Type escape sequence to abort.
Tracing the route to 200.200.200.41 20.50.1.1 52 msec 4 msec 88 msec
2 20.2.3.1 [AS 20] 80 msec 92 msec 44 msec
3 10.20.2.1 [AS 20] 88 msec 112 msec 112 msec
4 200.200.200.4 [AS 10] 144 msec 132 msec *
Internet#
[Dynamips testing]
Download and test it yourself with below Dynamips configuration files.
Dynamips NET file
If you have any questions, feel free to send email us at [email protected]. If you are looking for professional grade service, you might want to try our "BGP experts service". What is "BGP Experts service"? Click "BGP Experts" from the top menu option. You will find out what the "BGP Experts" and what we are doing here for.
Recent Comments