Service Providers behaviour for dual homed enterprises
I've always worked in enterprise only so I thought you guys might be able to help me with this one. We are dual homed to Verizon and AT&T. We prepend all our prefixes out AT&T to make them least preferred. During a recent issue we found some users were coming in via AT&T. Using various looking glasses it looks like if I use an AT&T server(route-server.ip.att.net) the best path is the prepended route through AT&T; in fact,I don't even see the VZB route. If I use a 3rd party looking glass(router-server.he.net) I see what I anticipated, which is the shorter AS-Path through VZB. So if my research is correct, the internet prefers Verizon UNLESS they are a direct AT&T customer then they would use the AT&T circuit. Is this a standard practice that I should assume to encounter? Thanks in advance
On Sep 23, 2015, at 5:38 PM, Jason Bullen <jmbullen21@gmail.com> wrote:
I've always worked in enterprise only so I thought you guys might be able to help me with this one. We are dual homed to Verizon and AT&T. We prepend all our prefixes out AT&T to make them least preferred. During a recent issue we found some users were coming in via AT&T. Using various looking glasses it looks like if I use an AT&T server(route-server.ip.att.net) the best path is the prepended route through AT&T; in fact,I don't even see the VZB route. If I use a 3rd party looking glass(router-server.he.net) I see what I anticipated, which is the shorter AS-Path through VZB.
So if my research is correct, the internet prefers Verizon UNLESS they are a direct AT&T customer then they would use the AT&T circuit. Is this a standard practice that I should assume to encounter?
Yes.
Many transit providers support BGP communities to modify how your announced routes are treated within their network. A quick search shows that AT&T supports BGP community 7018:70 to lower the default local-pref 100 down to 70 (below peer routes). If you tag your AT&T announced routes with BGP community 7018:70, then even AT&T customers should prefer to enter via Verizon. Clinton. On Wed, Sep 23, 2015, at 03:38 PM, Jason Bullen wrote:
So if my research is correct, the internet prefers Verizon UNLESS they are a direct AT&T customer then they would use the AT&T circuit. Is this a standard practice that I should assume to encounter?
Thanks in advance
On 23/Sep/15 23:38, Jason Bullen wrote:
I've always worked in enterprise only so I thought you guys might be able to help me with this one. We are dual homed to Verizon and AT&T. We prepend all our prefixes out AT&T to make them least preferred. During a recent issue we found some users were coming in via AT&T. Using various looking glasses it looks like if I use an AT&T server(route-server.ip.att.net) the best path is the prepended route through AT&T; in fact,I don't even see the VZB route. If I use a 3rd party looking glass(router-server.he.net) I see what I anticipated, which is the shorter AS-Path through VZB.
So if my research is correct, the internet prefers Verizon UNLESS they are a direct AT&T customer then they would use the AT&T circuit. Is this a standard practice that I should assume to encounter?
ISP's will generally set a higher LOCAL_PREF toward their customers than to any other destination out of their network. It's the money shot. Mark.
On Wed, Sep 23, 2015 at 5:38 PM, Jason Bullen <jmbullen21@gmail.com> wrote:
So if my research is correct, the internet prefers Verizon UNLESS they are a direct AT&T customer then they would use the AT&T circuit. Is this a standard practice that I should assume to encounter?
Hi Jason, That's normal. Verizon does it too. Both have "community" tags which you can attach to your route advertisement. Each will have one that indicates they should give external routes the same "local pref" as the route you announce to them. Tagging your route announcement with the proper community will cause them to route based on AS path length as you expect. Welcome to the little gotchas of using BGP. Regards, Bill Herrin -- William Herrin ................ herrin@dirtside.com bill@herrin.us Owner, Dirtside Systems ......... Web: <http://www.dirtside.com/>
On 24/Sep/15 15:21, William Herrin wrote:
Hi Jason,
That's normal. Verizon does it too. Both have "community" tags which you can attach to your route advertisement. Each will have one that indicates they should give external routes the same "local pref" as the route you announce to them. Tagging your route announcement with the proper community will cause them to route based on AS path length as you expect.
Depending on the provider, this can't always be guaranteed, i.e., that the available LOCAL_PREF values a customer can trigger via a BGP community support anything <= what routes the network considers "external". What's possible (or available) may also be influenced by whether one's upstream is "transit-free" or not, I imagine. Mark.
On 09/23/2015 02:38 PM, Jason Bullen wrote:
I've always worked in enterprise only so I thought you guys might be able to help me with this one. We are dual homed to Verizon and AT&T. We prepend all our prefixes out AT&T to make them least preferred. During a recent issue we found some users were coming in via AT&T. Using various looking glasses it looks like if I use an AT&T server(route-server.ip.att.net) the best path is the prepended route through AT&T; in fact,I don't even see the VZB route. If I use a 3rd party looking glass(router-server.he.net) I see what I anticipated, which is the shorter AS-Path through VZB.
So if my research is correct, the internet prefers Verizon UNLESS they are a direct AT&T customer then they would use the AT&T circuit. Is this a standard practice that I should assume to encounter?
Thanks in advance
That's been my experience, and with other sets of providers, too. My current company is dual-homed with AT&T and Charter Fiber. Those customers on UVerse come in the AT&T link no matter what we do with BGP to convince the cloud to let packets come in the fatter pipe.
Stephen Satchell wrote on 9/24/2015 8:39 AM:
On 09/23/2015 02:38 PM, Jason Bullen wrote:
I've always worked in enterprise only so I thought you guys might be able to help me with this one. We are dual homed to Verizon and AT&T. We prepend all our prefixes out AT&T to make them least preferred. During a recent issue we found some users were coming in via AT&T. Using various looking glasses it looks like if I use an AT&T server(route-server.ip.att.net) the best path is the prepended route through AT&T; in fact,I don't even see the VZB route. If I use a 3rd party looking glass(router-server.he.net) I see what I anticipated, which is the shorter AS-Path through VZB.
So if my research is correct, the internet prefers Verizon UNLESS they are a direct AT&T customer then they would use the AT&T circuit. Is this a standard practice that I should assume to encounter?
Thanks in advance
That's been my experience, and with other sets of providers, too.
My current company is dual-homed with AT&T and Charter Fiber. Those customers on UVerse come in the AT&T link no matter what we do with BGP to convince the cloud to let packets come in the fatter pipe.
Jason, while others have offered acknowledgement of the behavior you are seeing as well as solutions, I think it might be relevant to point out that this is simply a matter of BGP best path selection. BGP does not use AS path length (hops) as its primary path selector. Search for "bgp best path selection" to find out more about how BGP selects the best path. As others have noted, local pref is often utilized to control routing and should be your preferred way to control path selection in addition to AS path length. However, the ultimate way to control routing would be to advertise more specific prefixes via the path that you want traffic to flow. --Blake
Thank you all for answering. I was disregarding Local Pref because the route server I was on was showing 100. That was an error on my part though as it clearly states in the login banner that it is eBGP peering with the AT&T routers hence the local Pref would go back to 100 from its perspective. Again, thanks for the quick and thorough responses. On Thu, Sep 24, 2015 at 10:05 AM, Blake Hudson <blake@ispn.net> wrote:
Stephen Satchell wrote on 9/24/2015 8:39 AM:
On 09/23/2015 02:38 PM, Jason Bullen wrote:
I've always worked in enterprise only so I thought you guys might be able to help me with this one. We are dual homed to Verizon and AT&T. We prepend all our prefixes out AT&T to make them least preferred. During a recent issue we found some users were coming in via AT&T. Using various looking glasses it looks like if I use an AT&T server(route-server.ip.att.net) the best path is the prepended route through AT&T; in fact,I don't even see the VZB route. If I use a 3rd party looking glass(router-server.he.net) I see what I anticipated, which is the shorter AS-Path through VZB.
So if my research is correct, the internet prefers Verizon UNLESS they are a direct AT&T customer then they would use the AT&T circuit. Is this a standard practice that I should assume to encounter?
Thanks in advance
That's been my experience, and with other sets of providers, too.
My current company is dual-homed with AT&T and Charter Fiber. Those customers on UVerse come in the AT&T link no matter what we do with BGP to convince the cloud to let packets come in the fatter pipe.
Jason, while others have offered acknowledgement of the behavior you are seeing as well as solutions, I think it might be relevant to point out that this is simply a matter of BGP best path selection. BGP does not use AS path length (hops) as its primary path selector. Search for "bgp best path selection" to find out more about how BGP selects the best path. As others have noted, local pref is often utilized to control routing and should be your preferred way to control path selection in addition to AS path length. However, the ultimate way to control routing would be to advertise more specific prefixes via the path that you want traffic to flow.
--Blake
What Blake just said below works best - I do this MED together with small-ers all the way to india for video conferencing customers sitting in silicon valley. Thank You Bob Evans CTO
Stephen Satchell wrote on 9/24/2015 8:39 AM:
On 09/23/2015 02:38 PM, Jason Bullen wrote:
I've always worked in enterprise only so I thought you guys might be able to help me with this one. We are dual homed to Verizon and AT&T. We prepend all our prefixes out AT&T to make them least preferred. During a recent issue we found some users were coming in via AT&T. Using various looking glasses it looks like if I use an AT&T server(route-server.ip.att.net) the best path is the prepended route through AT&T; in fact,I don't even see the VZB route. If I use a 3rd party looking glass(router-server.he.net) I see what I anticipated, which is the shorter AS-Path through VZB.
So if my research is correct, the internet prefers Verizon UNLESS they are a direct AT&T customer then they would use the AT&T circuit. Is this a standard practice that I should assume to encounter?
Thanks in advance
That's been my experience, and with other sets of providers, too.
My current company is dual-homed with AT&T and Charter Fiber. Those customers on UVerse come in the AT&T link no matter what we do with BGP to convince the cloud to let packets come in the fatter pipe.
Jason, while others have offered acknowledgement of the behavior you are seeing as well as solutions, I think it might be relevant to point out that this is simply a matter of BGP best path selection. BGP does not use AS path length (hops) as its primary path selector. Search for "bgp best path selection" to find out more about how BGP selects the best path. As others have noted, local pref is often utilized to control routing and should be your preferred way to control path selection in addition to AS path length. However, the ultimate way to control routing would be to advertise more specific prefixes via the path that you want traffic to flow.
--Blake
Stephen Satchell wrote on 9/24/2015 11:00 AM:
On 09/24/2015 07:05 AM, Blake Hudson wrote:
However, the ultimate way to control routing would be to advertise more specific prefixes via the path that you want traffic to flow.
Tried that, no joy.
I could only assume then that your peers were either not accepting your advertisements or there was an error in your configuration. All routers will choose the most specific route they have when performing destination based routing. This overrides how the route was installed (static, connected, dynamic) or any metrics considered within each routing protocol for its best path selection.
participants (8)
-
Blake Hudson
-
Bob Evans
-
Clinton Work
-
Jared Mauch
-
Jason Bullen
-
Mark Tinka
-
Stephen Satchell
-
William Herrin