Cisco dual BGP with AS prepend-HSRP (Load-sharing)
|
|
[Traffic flow]
In this sample, customer is not receiving any BGP route table from ISPs. We configured static route points to serial link. Using two HSRP, outbound traffic of IP block 100.100.100.0/24 will be routed to ISP_"A" and traffic of IP block 200.200.200.0/24 will be routed to ISP_"B".
All traffic associated with 100.100.100.0/24 will be routed thru ISP_"A" and 200.200.200.0/24 will be routed thru ISP_"B". This configuration will cover failover situation and achieve load-sharing planl. One of line failed, other link will take both traffic by AS prepending BGP policy. See below example and testing output.
[CPE_1/Customer Cisco Router]
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CPE_1
!
no aaa new-model
memory-size iomem 5
!
ip cef
no ip domain lookup
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial1/0
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/1
ip address 10.20.1.1 255.255.255.252
load-interval 30
serial restart-delay 0
!
interface Serial1/2
no ip address
load-interval 30
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
interface FastEthernet2/0
ip address 200.200.200.2 255.255.255.0 secondary
ip address 100.100.100.2 255.255.255.0
duplex auto
speed auto
standby 100 ip 100.100.100.1 <——— HSRP for IP block 100.100.100.0/24
standby 100 preempt
standby 100 track Serial1/1 50 <——— When Serial1/1 down, deduct 50 from Priority value
standby 200 ip 200.200.200.1 <——— HSRP for IP block 200.200.200.0/24
standby 200 priority 80 <———— Set lower priority for standby path
standby 200 preempt
!
router bgp 10
no synchronization
bgp log-neighbor-changes
network 100.100.100.0 mask 255.255.255.0
network 200.200.200.0
redistribute connected
neighbor 10.20.1.2 remote-as 20 <—————— BGP neighbor to ISP_"A"
neighbor 10.20.1.2 prefix-list to-ISP out <——— Allow only IP block need to be advertised to ISP
neighbor 10.20.1.2 route-map route-to-ISP out <——– To control inbound traffic
no auto-summary
!
ip http server
no ip http secure-server
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Serial1/1 <——– To control outbound traffic
!
ip prefix-list prefix-1 seq 5 permit 100.100.100.0/24
!
ip prefix-list prefix-2 seq 5 permit 200.200.200.0/24
!
ip prefix-list to-ISP seq 5 permit 100.100.100.0/24
ip prefix-list to-ISP seq 10 permit 200.200.200.0/24
!
route-map route-to-ISP permit 10 <——– To control inbound traffic
match ip address prefix-list prefix-2
set as-path prepend 10 10 10
!
route-map route-to-ISP permit 20
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
end
[CPE_2/Customer Cisco Router]
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CPE_2
!
no aaa new-model
memory-size iomem 5
!
ip cef
no ip domain lookup
!
interface FastEthernet0/0
ip address 200.200.200.4 255.255.255.0
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial1/0
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/1
ip address 10.30.1.1 255.255.255.252
load-interval 30
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
interface FastEthernet2/0
ip address 200.200.200.3 255.255.255.0 secondary
ip address 100.100.100.3 255.255.255.0
duplex auto
speed auto
standby 100 ip 100.100.100.1 <——— HSRP for IP block 100.100.100.0/24
standby 100 priority 80 <———— Set lower priority for standby path
standby 100 preempt
standby 200 ip 200.200.200.1 <——— HSRP for IP block 200.200.200.0/24
standby 200 preempt
standby 200 track Serial1/1 50 <——— When Serial1/1 down, deduct 50 from Priority value
!
router bgp 10
no synchronization
bgp log-neighbor-changes
network 100.100.100.0 mask 255.255.255.0
network 200.200.200.0
redistribute connected
neighbor 10.30.1.2 remote-as 30 <—————— BGP neighbor to ISP_"B"
neighbor 10.30.1.2 prefix-list to-ISP out <——— Allow only IP block need to be advertised to ISP
neighbor 10.30.1.2 route-map route-to-ISP out <——– To control inbound traffic
no auto-summary
!
ip http server
no ip http secure-server
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Serial1/1 <——– To control outbound traffic
!
ip prefix-list prefix-1 seq 5 permit 100.100.100.0/24
!
ip prefix-list prefix-2 seq 5 permit 200.200.200.0/24
!
ip prefix-list to-ISP seq 5 permit 100.100.100.0/24
ip prefix-list to-ISP seq 10 permit 200.200.200.0/24
!
route-map route-to-ISP permit 10 <——– To control inbound traffic
match ip address prefix-list prefix-1
set as-path prepend 10 10 10
!
route-map route-to-ISP permit 20
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
end
[ISP_A PE/ISP Cisco Router]
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ISP_A
!
ip cef
no ip domain lookup
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial1/0
ip address 10.20.1.2 255.255.255.252
serial restart-delay 0
!
interface Serial1/1
ip address 20.20.1.1 255.255.255.252
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
router bgp 20
no synchronization
bgp log-neighbor-changes
redistribute connected
neighbor 10.20.1.1 remote-as 10 <—————— BGP neighbor to Customer
neighbor 10.20.1.1 route-map no-routes out <——- No BGP routes will be sent to Customer
neighbor 20.20.1.2 remote-as 20
no auto-summary
!
ip http server
no ip http secure-server
ip forward-protocol nd
!
route-map no-routes deny 10 <——- No BGP routes will be sent to Customer
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
end
[ISP_B PE / ISP Cisco Router]
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ISP_B
!
no aaa new-model
memory-size iomem 5
!
ip cef
no ip domain lookup
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial1/0
ip address 10.30.1.2 255.255.255.252
serial restart-delay 0
!
interface Serial1/1
ip address 30.30.1.1 255.255.255.252
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
router bgp 30
no synchronization
bgp log-neighbor-changes
redistribute connected
neighbor 10.30.1.1 remote-as 10 <—————— BGP neighbor to Customer
neighbor 10.30.1.1 route-map no-routes out <——- No BGP routes will be sent to Customer
neighbor 30.30.1.2 remote-as 30
no auto-summary
!
ip http server
no ip http secure-server
ip forward-protocol nd
!
route-map no-routes deny 10 <——- No BGP routes will be sent to Customer
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
end
[Verifing output]
CPE_1#sh ip bgp neighbors 10.20.1.2 ad
BGP table version is 6, local router ID is 100.100.100.2
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 100.100.100.0/24 0.0.0.0 0 32768 i
*> 200.200.200.0 0.0.0.0 0 32768 iTotal number of prefixes 2
CPE_1#sh standby brief
P indicates configured to preempt.
|
Interface Grp Prio P State Active Standby Virtual IP
Fa2/0 100 100 P Active local 100.100.100.3 100.100.100.1
Fa2/0 200 80 P Standby 100.100.100.3 local 200.200.200.1
CPE_1#CPE_2#sh ip bgp neighbors 10.30.1.2 ad
BGP table version is 6, local router ID is 100.100.100.3
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 100.100.100.0/24 0.0.0.0 0 32768 i
*> 200.200.200.0 0.0.0.0 0 32768 iTotal number of prefixes 2
CPE_2#sh standby brief
P indicates configured to preempt.
|
Interface Grp Prio P State Active Standby Virtual IP
Fa2/0 100 80 P Standby 100.100.100.2 local 100.100.100.1
Fa2/0 200 100 P Active local 100.100.100.2 200.200.200.1
CPE_2#ISP_A#sh ip bgp 100.100.100.4
BGP routing table entry for 100.100.100.0/24, version 30
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Advertised to update-groups:
1
10
10.20.1.1 from 10.20.1.1 (100.100.100.2)
Origin IGP, metric 0, localpref 100, valid, external, bestISP_A#sh ip bgp 200.200.200.4
BGP routing table entry for 200.200.200.0/24, version 36
Paths: (2 available, best #1, table Default-IP-Routing-Table)
Not advertised to any peer
30 10
20.30.1.2 from 20.20.1.2 (20.50.1.1)
Origin IGP, metric 0, localpref 100, valid, internal, best
10 10 10 10
10.20.1.1 from 10.20.1.1 (100.100.100.2)
Origin IGP, metric 0, localpref 100, valid, external
ISP_A#ISP_B#sh ip bgp 100.100.100.4
BGP routing table entry for 100.100.100.0/24, version 22
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Not advertised to any peer
10 10 10 10
10.30.1.1 from 10.30.1.1 (100.100.100.3)
Origin IGP, metric 0, localpref 100, valid, external
20 10
20.30.1.1 from 30.30.1.2 (30.50.1.1)
Origin IGP, metric 0, localpref 100, valid, internal, bestISP_B#sh ip bgp 200.200.200.4
BGP routing table entry for 200.200.200.0/24, version 27
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Advertised to update-groups:
1
10
10.30.1.1 from 10.30.1.1 (100.100.100.3)
Origin IGP, metric 0, localpref 100, valid, external, best
ISP_B#TR_A#sh ip bgp 100.100.100.4
BGP routing table entry for 100.100.100.0/24, version 16
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Advertised to update-groups:
1
10
10.20.1.1 from 20.20.1.1 (20.20.1.1)
Origin IGP, metric 0, localpref 100, valid, internal, bestTR_A#sh ip bgp 200.200.200.4
BGP routing table entry for 200.200.200.0/24, version 23
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Advertised to update-groups:
1 2
50 30 10
20.50.1.2 from 20.50.1.2 (30.50.1.2)
Origin IGP, localpref 100, valid, external
30 10
20.30.1.2 from 20.30.1.2 (30.50.1.1)
Origin IGP, localpref 100, valid, external, best
TR_A#TR_B#sh ip bgp 100.100.100.4
BGP routing table entry for 100.100.100.0/24, version 18
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Advertised to update-groups:
1 2
50 20 10
30.50.1.2 from 30.50.1.2 (30.50.1.2)
Origin IGP, localpref 100, valid, external
20 10
20.30.1.1 from 20.30.1.1 (20.50.1.1)
Origin IGP, localpref 100, valid, external, bestTR_B#sh ip bgp 200.200.200.4
BGP routing table entry for 200.200.200.0/24, version 23
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Advertised to update-groups:
2
10
10.30.1.1 from 30.30.1.1 (30.30.1.1)
Origin IGP, metric 0, localpref 100, valid, internal, best
TR_B#Other_ISP#sh ip bgp 100.100.100.4
BGP routing table entry for 100.100.100.0/24, version 21
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Advertised to update-groups:
1
30 20 10
30.50.1.1 from 30.50.1.1 (30.50.1.1)
Origin IGP, localpref 100, valid, external
20 10
20.50.1.1 from 20.50.1.1 (20.50.1.1)
Origin IGP, localpref 100, valid, external, bestOther_ISP#tr 100.100.100.4
Type escape sequence to abort.
Tracing the route to 100.100.100.41 20.50.1.1 60 msec 32 msec 4 msec
2 20.20.1.1 [AS 20] 12 msec 32 msec 12 msec
3 10.20.1.1 [AS 20] 20 msec 36 msec 20 msec
4 100.100.100.4 [AS 10] 16 msec * 44 msecOther_ISP#sh ip bgp 200.200.200.4
BGP routing table entry for 200.200.200.0/24, version 28
Paths: (2 available, best #1, table Default-IP-Routing-Table)
Advertised to update-groups:
1
30 10
30.50.1.1 from 30.50.1.1 (30.50.1.1)
Origin IGP, localpref 100, valid, external, best
20 30 10
20.50.1.1 from 20.50.1.1 (20.50.1.1)
Origin IGP, localpref 100, valid, externalOther_ISP#tr 200.200.200.4
Type escape sequence to abort.
Tracing the route to 200.200.200.41 30.50.1.1 48 msec 36 msec 4 msec
2 30.30.1.1 [AS 30] 44 msec 12 msec 12 msec
3 10.30.1.1 [AS 30] 20 msec 28 msec 20 msec
4 200.200.200.4 [AS 10] 16 msec * 36 msec
Other_ISP#
[Dynamips testing]
Download and test it yourself with below Dynamips configuration files.
Dynamips NET file
If you have any questions, feel free to send email us at [email protected]. If you are looking for professional grade service, you might want to try our "BGP experts service". What is "BGP Experts service"? Click "BGP Experts" from the top menu option. You will find out what the "BGP Experts" and what we are doing here for.
Recent Comments