From: R. Benjamin Kessler (bk-lists@kesslerconsulting.com)
Date: Thu Oct 03 2002 - 14:41:09 GMT-3
No Takers, trying again....
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
R. Benjamin Kessler
Sent: Wednesday, October 02, 2002 9:01 AM
To: ccielab@groupstudy.com
Subject: OT: Internet BGP Configuration "best practices"
Sorry for the OT; I'm looking for feedback on what people are doing in
the real-world regarding BGP "load-sharing" for multiple Internet links.
Here's the scenario (obviously the addressing has been changed to
protect the guilty :-)
+--------------+ +--------------+ +--------------+
| Provider 1 | | Provider 2 | | Provider 3 |
| AS 65501 | | AS 65502 | | AS 65503 |
+--------------+ +--------------+ +--------------+
| | |
| | |
| | |
+---+------------------+------------------+--------+
| | | | |
| \ / | |
| \ / | |
| \ / | |
| \ / | |
| +--------------+ +----------+ |
| | Router 1 |---------------| Router 2 | |
| +--------------+ +----------+ |
| AS 65499 |
+--------------------------------------------------+
We (AS65499) are advertising one network (a /24 - for example say
192.168.100.0/24) and accepting full routes from each of the providers.
We're a non-transit AS!
The link to 65501 is larger than that to 65502; the link to 65503 is the
smallest but that provider is generally "better" connected to sites on
the Internet (i.e. when comparing the length of AS hops)
Currently, I'm using AS-Path ACLs to set the local pref on routes
received from each provider such that any routes originated in their AS
or those one AS-hop away will have their local preference increased.
Here's an example:
ip as-path access-list 101 permit ^65501_[0-9]*$
ip as-path access-list 102 permit ^65502_[0-9]*$
ip as-path access-list 103 permit ^65503_[0-9]*$
The following route-maps are applied as appropriate:
route-map AS65501-IN permit 10
match as-path 101
set local-preference 150
!
route-map AS65501-IN permit 20
route-map AS65502-IN permit 10
match as-path 102
set local-preference 140
!
route-map AS65502-IN permit 20
route-map AS65503-IN permit 10
match as-path 103
set local-preference 130
!
route-map AS65503-IN permit 20
I know that one of the providers tags each of its customer routes with a
community so I may change that route-map to match on that instead of the
as-path acl.
Additionally, I'm going to advertise a metric out each link to try and
influence the reverse path (since in-bound traffic is far greater than
outbound).
We've done prepends in the past to try and influence inbound traffic but
was hoping for a more elegant approach.
I'd be interested in hearing what has worked for others on the list.
Thanks,
Ben
This archive was generated by hypermail 2.1.4 : Tue Nov 05 2002 - 08:35:38 GMT-3