by Tony Mattke on February 28, 2011
Most enterprise networks use BGP to peer with their Internet Service Providers if they want to be multi-homed. Many factors come into play when determining how traffic should flow, but no matter what policies are put into place, at some point in time you’re going to need some control over how your external traffic is coming into, and leaving your network. This is where BGP route manipulation comes into play.
Path Selection
No, we’re not talking about routing decisions, I’m talking about what you need to think about when selecting where you want your traffic flowing. Traditionally there have been three things that describe the quality of a connection – bandwidth, delay, and packet loss. But which is best? There is no easy answer. Mostly it depends on your application needs. Most engineers do some simple path analysis using some sort of traceroute, examining network congestion and distance – both geographic, and network hops.
Outbound Traffic – Local Preference
Local preference can be used to influence route selection within the local autonomous system and is stripped from outgoing updates via eBGP. The default local preference for iBGP and local routes is 100, while all other are 0 by default. Given all other things being equal, the route with the highest local preference is selected. For further information see my post on the route selection. Local preference can be applied either by using the bgp default local-preference router configuration command, or within a route-map as shown below.
[ read more... ]
by Tony Mattke on October 14, 2010
Previous thoughts on load balancing BGP were that it is not a load balancing protocol and in order to achieve any sort of balanced traffic you would have to perform some sort of route balancing. These days with BGP finding its way into our core IGP ( think MPLS VRF WAN ) a number of options for load balancing BGP have shown up.
Multipath BGP
While IGPs tend to manage most load balancing scenarios automagicly, BGPs mechanisms are configured manually. To allow multipath eBGP you configure the maximum number of paths to install using the maximum-paths route configuration command. However, multipath route installation does have to meet a few criteria including matching attributes. These attributes include weight, local preference, AS path, origin code, MED, and IGP metric. The next hop address for each path must also be different in order for that path to be considered.
Although the BGP path selection algorithm only considers the AS path length when comparing paths, the actual values (ASNs) of the path attribute have to match for the two routes to be installed
These stipulations are fine when sharing a load across multiple routes to a single ISP. But what if we had two different ISPs? Our attributes may match in every instance, except for the AS numbers in each path. Fortunately, there is an undocumented Cisco command that allows us to consider those routes, despite the differences in the AS numbers inside the path. Introducing bgp bestpath as-path multipath-relax
[ read more... ]
by Tony Mattke on May 15, 2010
At times, the ‘rules of BGP’ don’t fit the needs of our productions networks. When we get into today’s production networks how often do book configurations apply? I’ll tell you one thing. I don’t see many book examples with 450+ line BGP configs, but I’ve worked on a number of networks where this was the case. Here are two examples where having these tools in your arsenal could be crucial.
Situation 1
Your company has gone through some major changes and requires changing AS numbers on your BGP routers. You have over 20 down stream clients, and several upstream connections that all need changed. Since these changes need to be configured on both sides, what are the chances of getting them all done at once? (feel free to laugh out loud…..) local-as is configurable on a per neighbor basis and will allow us to make these changes one peer at a time until such a time we can take the entire router down and reconfigure BGP. In the example below, we’re changing from ASN 65501, to 8888. Neighbor 1.2.3.4 will continue to use our original ASN, while 5.6.7.8 will use the new ASN 8888.
[ read more... ]
by Tony Mattke on September 14, 2009
One of the most common questions I get concerns path selection within the router. Everyone knows (or at least they should know) that a more specific prefix will be preferred, but until you learn the basics, you’ll never be able to debug why a router is using a sub optimal path. There are a couple layers to processes when building the routing table, first we have to consider the individual routing protocols. Within each protocol there are several considerations for route selection. First, lets discuss selection within an IGP.
[ read more... ]
by Tony Mattke on August 10, 2009
For some, BGP is a rather large obtrusive beast of a protocol that scares them half to death. This is not without good reason as BGP is not only the most important protocol running on your network, but it is also one of the most targeted routing protocols in terms of malicious attacks. The majority of BGP attacks are based around the pretense of flooding your network with false prefixes to direct interesting traffic to destinations where the traffic can be sniffed / recorded.
The following tips are simple measure to help mitigate against such nasty things.
[ read more... ]
Recent Comments