BGP What to ask...

GogousaGogousa Member Posts: 68 ■■□□□□□□□□
Hello, I need your expert opinion.
Situation: we have only one internet provider, we have our own AS and our own public networks. Our provider is giving us a router with a full BGP table, we have a router with IBGP and we are publishing some of our public networks with this router and others are getting published from the providers router.
We are planning to get a second provider and we want to take full control of our networks and be able to publish and use the two providers as we please (load balancing, symmetry, redundancy).
Im new to BGP, so to me is a new world. Im reading the cisco book and trying to understand.

We are in the process of getting the proposals from the second provider, so my question is, should I ask for anything special to the providers to be able to do what we want? (like I already asked, that the router they put has to handle a full route bgp). Or something like no restrictions on some protocol or filters?. I want to get into the contract with the provider anything we need to be able to do anything we might want regarding our networks and how the internet see us.

And feel free to advise in general if you want, like what is the best topology or anything you think is important. For now the two providers will be installed in one site.

Thanks in advance.

Comments

  • networker050184networker050184 Mod Posts: 11,962 Mod
    Are they giving you CPE for this? If you are hooking up to two provides, I'd get my own equipment capable of handling it. Are you looking at going for an active/active or active/standby approach? You could always go with a full table from your "primary" provider and just local and default from the "secondary" provider. You can get full tables from both and use communities or AS path to only select local routes from the back up provider. If you want to influence inbound you can look into some prepending out the secondary provider to make that path long enough no one will take it. That would probably be your easiest approach. Basically you have a lot of options. As long as you have your own ASN and IP space the carriers shouldn't really need to work together on this.
    An expert is a man who has made all the mistakes which can be made.
  • TurgonTurgon Banned Posts: 6,308 ■■■■■■■■■□
    Gogousa wrote: »
    Hello, I need your expert opinion.
    Situation: we have only one internet provider, we have our own AS and our own public networks. Our provider is giving us a router with a full BGP table, we have a router with IBGP and we are publishing some of our public networks with this router and others are getting published from the providers router.
    We are planning to get a second provider and we want to take full control of our networks and be able to publish and use the two providers as we please (load balancing, symmetry, redundancy).
    Im new to BGP, so to me is a new world. Im reading the cisco book and trying to understand.

    We are in the process of getting the proposals from the second provider, so my question is, should I ask for anything special to the providers to be able to do what we want? (like I already asked, that the router they put has to handle a full route bgp). Or something like no restrictions on some protocol or filters?. I want to get into the contract with the provider anything we need to be able to do anything we might want regarding our networks and how the internet see us.

    And feel free to advise in general if you want, like what is the best topology or anything you think is important. For now the two providers will be installed in one site.

    Thanks in advance.

    There are many papers on multihoming on the Cisco website and wider afield. I suggest you start with some reading about those topologies at a high level and work from there. You at least will be better informed when you speak to the providers. If you are not providing your own router the ISP will most likely charge you more for a higher spec router. In terms of filtering you want to ensure you do not become a transit network. If your providers are professional they will take care of that for you for their own defence.

    In terms of BGP announcements from your routers be very careful what announcements you make.
  • GogousaGogousa Member Posts: 68 ■■□□□□□□□□
    I´m reading on multihoming but I have to make the specifications as soon as possible and it will take me some time to finish reading all the papers.
    I will get a CPE from the provider and I will put other necessary routers to manage BGP on my side. The idea is to have an active/active connection and be able to influence inbound traffic depending on the network and balance outbound the way we want (the speed on the link are going to be different).
    If I use communities and path to influence traffic, is there anything special that I have to ask to both providers? (like I should not get any filter on the middle or something like that).
    Thanks for the advises.
  • Paul BozPaul Boz Member Posts: 2,620 ■■■■■■■■□□
    It depends on how you want to have the connections configured. If your goal is to load balance between the two links and have deterministic best-path routing, I would advise configuring the two edge BGP routers to point to a route reflector router. By placing the route reflector between the edge transit routers and the internal network you will be able to maintain best-path routing as well as load balancing. You can tune the route metrics on the route reflector to influence routing behavior as well.
    Turgon wrote: »
    If you are not providing your own router the ISP will most likely charge you more for a higher spec router.

    That may or may not be the case. ATT deployed more 7206vxr routers for CPE than any other company in the world because they were buying them from Cisco for pennies on the dollar. Service providers that do bulk BGP or large-scale bandwidth installations can usually get much better deals on managed CPE devices than you'd think. That being said, if you purchase or lease CPE from the ISP, make sure that you have full control over the configuration of those routers. For you to be able to manage BGP in a way that makes sense for your organization this is important. Also, if you determine that buying your own CPE is a better solution, do not rule out Cisco's competitors. I actually think that Juniper gear makes much better BGP routers. They are extremely stable and the CLI is very easy to use. At my last job we used a cluster of Juniper M10s for BGP. You can certainly use Cisco but do your homework to see if there are better options that suit your company.
    CCNP | CCIP | CCDP | CCNA, CCDA
    CCNA Security | GSEC |GCFW | GCIH | GCIA
    pbosworth@gmail.com
    http://twitter.com/paul_bosworth
    Blog: http://www.infosiege.net/
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    When picking up a new provider, there are a few issues for us -

    #1 Cost - Money is the great equalizer for the most part
    #2 Support - How easy is their support to deal with. Do the speak english in a way which I can understand it? Do they understand what the BGP attributes are and what they do, or am I going to have to educate in a crisis (this is one case where it'll beat money, this is why I have no connection to Cogent)
    #3 Communities - Do they deploy a decent selection of communities so that I can influence my own routing attributes, or am I going to have to make a phone call just to get my local pref changed. (nlayer has the best community setup I've ever seen, btw)

    We also do a test turn up for a month so we can send some traffic out and see the quality of the connection before we sign any contracts.
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    Oh, and you don't necessarily have to ask for the communities information. If they have half a clue, they'll be publishing that information in one of the routing databases (ie, radb)
  • TurgonTurgon Banned Posts: 6,308 ■■■■■■■■■□
    Paul Boz wrote: »
    It depends on how you want to have the connections configured. If your goal is to load balance between the two links and have deterministic best-path routing, I would advise configuring the two edge BGP routers to point to a route reflector router. By placing the route reflector between the edge transit routers and the internal network you will be able to maintain best-path routing as well as load balancing. You can tune the route metrics on the route reflector to influence routing behavior as well.



    That may or may not be the case. ATT deployed more 7206vxr routers for CPE than any other company in the world because they were buying them from Cisco for pennies on the dollar. Service providers that do bulk BGP or large-scale bandwidth installations can usually get much better deals on managed CPE devices than you'd think. That being said, if you purchase or lease CPE from the ISP, make sure that you have full control over the configuration of those routers. For you to be able to manage BGP in a way that makes sense for your organization this is important. Also, if you determine that buying your own CPE is a better solution, do not rule out Cisco's competitors. I actually think that Juniper gear makes much better BGP routers. They are extremely stable and the CLI is very easy to use. At my last job we used a cluster of Juniper M10s for BGP. You can certainly use Cisco but do your homework to see if there are better options that suit your company.

    There may be a concession there if the carrier is large so the OP should check with their second provider account manager about any hardware options (I would recommend a major carrier anyway for multihoming). I recall one job where the primary line was provided by Worldcom who had had nothing to gain by my company multihoming to a second provider and the 2500 series that came with the Worldcom line obviously wasn't going to cut it. We provided our own 7206VXR in 2001 for the job although I had to personally upgrade the memory to handle the full table.
  • GogousaGogousa Member Posts: 68 ■■□□□□□□□□
    Oh, and you don't necessarily have to ask for the communities information. If they have half a clue, they'll be publishing that information in one of the routing databases (ie, radb)

    What about if I need a community that they don´t have, can I ask them to create one for me?. Are there specific communities for custommers or they are just general for all custommers (that the ISP have) ?

    Regarding the AS_PATH, if I add it to influence the preference, I know that some providers can block this, how should I ask my provider not to block it, what is the correct terminology to ask for this?

    thanks for all the ideas you all are giving me, Im making a list.
  • TurgonTurgon Banned Posts: 6,308 ■■■■■■■■■□
    Gogousa wrote: »
    What about if I need a community that they don´t have, can I ask them to create one for me?. Are there specific communities for custommers or they are just general for all custommers (that the ISP have) ?

    Regarding the AS_PATH, if I add it to influence the preference, I know that some providers can block this, how should I ask my provider not to block it, what is the correct terminology to ask for this?

    thanks for all the ideas you all are giving me, Im making a list.

    Your best bet is to define your requirements and talk to the engineers at both providers I think and let them advise you on technical approach.
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    Gogousa wrote: »
    What about if I need a community that they don´t have, can I ask them to create one for me?. Are there specific communities for custommers or they are just general for all custommers (that the ISP have) ?

    Regarding the AS_PATH, if I add it to influence the preference, I know that some providers can block this, how should I ask my provider not to block it, what is the correct terminology to ask for this?

    thanks for all the ideas you all are giving me, Im making a list.

    You negotiate that stuff ahead of time before the official turn up date. In general, service providers *hate* making changes that are for just one customer, so ones with a clue will deploy a flexible setup in the first place. In general, communities are available to everyone since they're just ways to influence route attributes. For example, lets say I have 2 connections to the same provider, but I want the first connection to have a local preference of 300, and the second connection to have a local preference of 150, the provider should have communities that I can tag my outbound routes with so that when they receive them, they set 300 on the first connection and 150 on the second connection. Or, if you're connecting to two different providers and you want the majority of traffic to flow over one, you need the second to allow you to prepend, so make sure they'll let you get away with that.

    Another thing to look out for are their deaggregation policies. Say you've got a /18 and you want to deaggregate that down into individual /24 announcements. That is frowned upon these days, and there are providers that will filter routes that long (I know of at least one that won't accept anything longer than a /22).

    The best thing to do before selecting a provider is to define your requirements ahead of time, so you know what you need. If you're not very experienced with BGP, I'd sincerely recommend reading Sam Halabi's Internet Routing Architectures. He doesn't actually get into BGP configuration until the last two chapters of the book, the previous chapters are all concept based designed to help you understand how BGP works, and how to find the correct solution for your needs. Compared to most other BGP texts, it's a fairly easy read
Sign In or Register to comment.