RE: eBGP, iBGP, injecting networks
I think the main concern you have here is the advertisement of the networks from two different ASN's to two different upstream providers. You'll have to set it up with your upstream ISP's to allow you to advertise all of the networks, but typically it's not a problem. You won't have an issue with routing loops as BGP speaker will drop a prefix that has its own ASN in the path-list. If you prepend properly to the AS path things will behave the way you want them to. This will provide your inbound redundancy. HTH Colin Fowlie -----Original Message----- From: Curtis Maurand [mailto:curtis@maurand.com] Sent: Monday, February 23, 2004 11:49 AM To: Ing. Hans L. Reyes Cc: isaac@ravengate.net; nanog@merit.edu Subject: Re: eBGP, iBGP, injecting networks He might try: http://www.cisco.com/en/US/tech/tk365/tk80/technologies_configuration_exampl... This one shows how to setup HSRP on the inside for the automatic failover that he's looking for. Curtis On Fri, 20 Feb 2004, Ing. Hans L. Reyes wrote:
Hi
Your problem may be is similar when one ISP buy to another ISP, sometimes is easy to modify the IGP like in this case (OSPF) because it is something inside of your company and you have the control over all the devices but you still have the problem outside of the company; client, others ISP, etc
Check the feature of BGP "Local-AS" for routers Cisco if yours routers aren't Cisco, check for someone similar with your vendor. May be you need to do something else.
This is the url where explain how it works.
http://www.cisco.com/en/US/tech/tk365/tk80/technologies_configuration_exampl...
I hope it help you -Hans
On Fri, 20 Feb 2004 isaac@ravengate.net wrote:
greetings list,
hoping someone can hook me up on the right way to do this.
---
we have two ASN's we control.
we have two border/edge routers (1 in each ASN) that talks to a different backbone provider.
the two border routers peer with eachother over eBGP and also are in the same OSPF process. (we are working to merge them into the same BGP ASN)
my question is this:
how do we achieve router redundancy between these two routers?
currently if we lose a transit link, the traffic will flow fine out the other pipe.
but we don't have BGP network statements in router 2 that exist in router 1 and we don't have BGP network statements in router 1 that exist in router 2.
so the routes injected into BGP from router 1 will get withdrawn right if router 1 dies?
is it a problem to announce the same networks from two different eBGP peers to two different upstreams?
------
if you are still reading, thanks!
to clearify some more-
current setup:
current setup:
ASN 1 (we're not Genu!ty- just using for an example)
:)
ASN 1 injects all of its own space and announces this space to Above.net and ASN 2
ASN 2 injects all of its own space and announces this space to Savvis and ASN 1.
so stuff out on the net looks like:
1 6461 etc etc
and
1 2 6347
-------
2 6347 etc etc
and
2 1 6461 etc etc
-------
so, you see we are prepending on of our AS's on the way out.
the problem is tho, we only have 1 router in each respective Autonmous System injecting address space. if we lose that router, we lose announcing that ASN's space.
is it totally going to cause probs to have routes originating from two different AS's? routing loops would be a real drag.
what about having an iBGP router in AS 1 inject the same space as the border router in AS 1? this other router also peers with AS 2....
thanks a lot! jg
-- -- Curtis Maurand mailto:curtis@maurand.com http://www.maurand.com
greetings all, wanted to send a mail and say thanks to all who responded on and off list. there were a lot of great suggestions given. for now, we achieved prefix announcement redundancy (i shouldn't have called it router redundancy in the first post) in AS 1 by duplicating our network statements in bgp and also our 'pull up', static routes to Null0 254 in our routing table in another router in AS1. It runs iBGP in ASN1 to our border router that talks to Above.net we still need to achieve prefix announcement redundancy in ASN 2 tho. it looks like we are going to do this by putting network statements and null0 254 routes into a router in ASN1. We only have one router in ASN2, whereas we have 5 routers in ASN1. this will lead to an inconsistent AS origin for the routes from ASN2 but that seems like the best, temp. workaround for now until we merge AS's. thanks again. l8r- jg Quoting Fowlie, Colin <Colin.Fowlie@aliant.ca>:
I think the main concern you have here is the advertisement of the networks from two different ASN's to two different upstream providers. You'll have to set it up with your upstream ISP's to allow you to advertise all of the networks, but typically it's not a problem. You won't have an issue with routing loops as BGP speaker will drop a prefix that has its own ASN in the path-list. If you prepend properly to the AS path things will behave the way you want them to. This will provide your inbound redundancy.
HTH
Colin Fowlie
-----Original Message----- From: Curtis Maurand [mailto:curtis@maurand.com] Sent: Monday, February 23, 2004 11:49 AM To: Ing. Hans L. Reyes Cc: isaac@ravengate.net; nanog@merit.edu Subject: Re: eBGP, iBGP, injecting networks
He might try:
http://www.cisco.com/en/US/tech/tk365/tk80/technologies_configuration_exampl...
This one shows how to setup HSRP on the inside for the automatic failover that he's looking for.
Curtis
On Fri, 20 Feb 2004, Ing. Hans L. Reyes wrote:
Hi
Your problem may be is similar when one ISP buy to another ISP, sometimes is easy to modify the IGP like in this case (OSPF) because it is something inside of your company and you have the control over all the devices but you still have the problem outside of the company; client, others ISP, etc
Check the feature of BGP "Local-AS" for routers Cisco if yours routers aren't Cisco, check for someone similar with your vendor. May be you need to do something else.
This is the url where explain how it works.
http://www.cisco.com/en/US/tech/tk365/tk80/technologies_configuration_exampl...
I hope it help you -Hans
On Fri, 20 Feb 2004 isaac@ravengate.net wrote:
greetings list,
hoping someone can hook me up on the right way to do this.
---
we have two ASN's we control.
we have two border/edge routers (1 in each ASN) that talks to a different backbone provider.
the two border routers peer with eachother over eBGP and also are in the same OSPF process. (we are working to merge them into the same BGP ASN)
my question is this:
how do we achieve router redundancy between these two routers?
currently if we lose a transit link, the traffic will flow fine out the other pipe.
but we don't have BGP network statements in router 2 that exist in router 1 and we don't have BGP network statements in router 1 that exist in router 2.
so the routes injected into BGP from router 1 will get withdrawn right if router 1 dies?
is it a problem to announce the same networks from two different eBGP peers to two different upstreams?
------
if you are still reading, thanks!
to clearify some more-
current setup:
current setup:
ASN 1 (we're not Genu!ty- just using for an example)
:)
ASN 1 injects all of its own space and announces this space to Above.net and ASN 2
ASN 2 injects all of its own space and announces this space to Savvis and ASN 1.
so stuff out on the net looks like:
1 6461 etc etc
and
1 2 6347
-------
2 6347 etc etc
and
2 1 6461 etc etc
-------
so, you see we are prepending on of our AS's on the way out.
the problem is tho, we only have 1 router in each respective Autonmous System injecting address space. if we lose that router, we lose announcing that ASN's space.
is it totally going to cause probs to have routes originating from two different AS's? routing loops would be a real drag.
what about having an iBGP router in AS 1 inject the same space as the border router in AS 1? this other router also peers with AS 2....
thanks a lot! jg
-- -- Curtis Maurand mailto:curtis@maurand.com http://www.maurand.com
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ http://www.ravengate.net admin@ravengate.net pgp key at-> http://www.ravengate.net/pgp.html ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
participants (2)
-
'isaac@ravengate.net'
-
Fowlie, Colin