BGP Confusion!

SDeeSDee Member Posts: 82 ■■■□□□□□□□
[FONT=&quot]Those questions are not purely exam related, but they are related to some confusion I am having in understanding BGP, any help would be really appreciated!

Now let us assume this scenario;

- Two edge routers (EDGE-R1 & EDGE-R2) that are directly connected through a switch and running IBGP. They are installed after an Edge FW
- Each Router is running external BGP with AS 8888
- EDGE-R1 is neighbor with AS 1111 , EDGE-R2 is neighbor with AS 2222 .. each from a different provider
- Corporate's subnet to be advertised by the routers is ( 1.2.3.0 /24 )

My questions are;
- If both routers are advertising the 1.2.3.0 /24 network, how can I specify on which router I will be reached from the internet users? What would determine whether am reachable through AS 1111 or AS 2222

- Just to confirm, having the Firewall with two default routes, one for each Router would achieve ECMP and therefore equal load balancing correct?


Thank you!
[/FONT]
[FONT=&quot][/FONT]

Comments

  • hodgey87hodgey87 Member Posts: 232
    You'll still be using some other IGP along with BGP, i guess you could modify the metrics to give one route preference over the other.
  • SDeeSDee Member Posts: 82 ■■■□□□□□□□
    Modifying the metrics.. would it be something like this;

    1- Creating an access list that matches ( 1.2.3.0 /24 )
    2- Creating a route map ( THEONE ) that matches the access list and increases the metric by a certain value
    3- Using the following under the router bgp command; network 1.2.3.0 route-map THEONE


    And however, I am publishing the route with higher metric.. but for some AS's reaching me through ISP2 which is supposed to have lower metric should sometime have less distance, if ISP2 was closer than ISP1 for specific source.. no?
  • networker050184networker050184 Mod Posts: 11,962 Mod
    For inbound you can use prepending or provider communities.

    Outbound yes you can do ecmp if you'd like. I never really understood the obsession with load balancing some have though.
    An expert is a man who has made all the mistakes which can be made.
  • SDeeSDee Member Posts: 82 ■■■□□□□□□□
    For the outgoing, I have two equal BW internet pipes from two providers, thats why I need to utilize both of them.
  • daveybdaveyb Member Posts: 28 ■□□□□□□□□□
    For inbound traffic, you have very little control about how it will reach you. You can do things like AS pre-pending, and applying a MED to try and influence things, but these can be nobbled by your upstream provider. If you plan to go this route, you should look to see if your upstream supports any BGP communities to do this. (example: https://onestep.net/communities/as3356/)

    For outbound traffic, ECMP on your firewall should work, as long as all paths have the same metrics applied. Be wary that this will not balance traffic exactly. It is flow based, not packet based.

    As an aside, presumably you have 2 links for resilience. 1 of those links should be able to take 100% of your traffic in a failure situation. This means that it shouldn't matter which link traffic comes in/goes out. They should both be able to carry it.
Sign In or Register to comment.