Module 13 Multihoming to Different ISPs

Similar documents
Module 12 Multihoming to the Same ISP

Lab 3 Multihoming to the Same ISP

Module 18 Transit. Objective: To investigate methods for providing transit services. Prerequisites: Modules 12 and 13, and the Transit Presentation

Module 19 Internet Exchange Points

Module 14 Transit. Objective: To investigate methods for providing transit services. Prerequisites: Modules 12 and 13, and the Transit Presentation

Module 10 An IPv6 Internet Exchange Point

Lab 2 BGP route filtering and advanced features

Module 3 BGP route filtering and advanced features

Module 2 More ibgp, and Basic ebgp Configuration

IPv6 Module 16 An IPv6 Internet Exchange Point

Module 16 An Internet Exchange Point

Module 7 BGP Route Reflector Lab

Module 6 IPv6 ibgp and Basic ebgp

Module 8 Multihoming Strategies Lab

BGP and the Internet. Enterprise Multihoming. Enterprise Multihoming. Medium/Large ISP Multihoming. Enterprise Multihoming. Enterprise Multihoming

Module 11 Advanced Router Configuration

Module 5 Advanced OSPF

IPv6 Module 7 BGP Route Filtering and Advanced Features

Advanced Multihoming. BGP Traffic Engineering

BGP Multihoming ISP/IXP Workshops

BGP route filtering and advanced features

Service Provider Multihoming

Service Provider Multihoming

BGP in the Internet Best Current Practices

IPv6 Module 6 ibgp and Basic ebgp

BGP Multihoming Techniques

Service Provider Multihoming

BGP Multihoming. ISP/IXP Workshops

Service Provider Multihoming

Multihoming Complex Cases & Caveats

Module 6 ibgp and Basic ebgp

BGP Multihoming Techniques

BGP Multihoming Techniques

BGP Multihoming Techniques

BGP and the Internet. Why Multihome? Why Multihome? Why Multihome? Why Multihome? Why Multihome? Redundancy. Reliability

Simple Multihoming. ISP Workshops. Last updated 25 September 2013

Module 6 More ibgp, and Basic ebgp Configuration

BGP Configuration for a Transit ISP

Simple Multihoming. ISP Workshops. Last updated 9 th December 2015

BGP Attributes and Policy Control

Module 6 ibgp and Basic ebgp

BGP Protocol & Configuration. Scalable Infrastructure Workshop AfNOG2008

BGP and the Internet

BGP Attributes and Policy Control

Module 1 IPv6 OSPF and ibgp

IPv6 Module 6x ibgp and Basic ebgp

BGP for Internet Service Providers

IPv6 Module 11 Advanced Router Configuration

BGP for Internet Service Providers

Module 11 Advanced Router Configuration

Connecting to a Service Provider Using External BGP

BGP Attributes and Policy Control

BGP Case Studies. ISP Workshops

Introduction to BGP. ISP/IXP Workshops

Simple Multihoming. ISP Workshops

IPv4/IPv6 BGP Routing Workshop. Organized by:

BGP Attributes and Path Selection

ISP Workshop Lab. Module 2 OSPF Areas

Module 1 Basic Topology, OSPF and ibgp

Multihoming with BGP and NAT

Introduction to BGP ISP/IXP Workshops

IPv6 Module 2 OSPF Areas

Multihoming Techniques. bdnog8 May 4 8, 2018 Jashore, Bangladesh.

BGP Multihoming Techniques

2016/01/17 04:05 1/19 Basic BGP Lab

BGP Tutorial Part 3 Multihoming

2015/07/23 23:32 1/8 More ibgp and Basic ebgp

Lab Guide 2 - BGP Configuration

3/10/2011. Copyright Link Technologies, Inc.

BGP and the Internet

LACNIC XIII. Using BGP for Traffic Engineering in an ISP

BGP Best Current Practices. ISP/IXP Workshops

BGP Multihoming Techniques

DE-CIX Academy: BGP Introduction. Notice of Liability. BGP Configuration Examples. Network Diagram for all examples. Links and Examples

BGP Policy Control. ISP Workshops

Using BGP Communities

DE-CIX Academy: BGP - Multihoming

BGP and the Internet

BGP Policy Control. ISP Workshops. Last updated 17 May 2014

Module 1b IS-IS. Prerequisites: The setup section of Module 1. The following will be the common topology used for the first series of labs.

BGP Best Current Practices. ISP/IXP Workshops

BGP Best Current Practices. Recommended IOS Releases. Which IOS? Which IOS? 12.4 IOS release images IOS release images

BGP in the Internet Best Current Practices

Recommended IOS Releases. BGP in the Internet. Which IOS? Which IOS? 12.2 IOS release images IOS release images is the old mainline train

BGP Multihoming Techniques. Philip Smith SANOG 10/APNIC 24 29th August - 7th September 2007 New Delhi, India

Module 1 IPv6 OSPF and ibgp

Module 1 Basic Topology, OSPF and ibgp

BGP Multihoming Techniques. Philip Smith APRICOT February 2009 Manila, Philippines

IPv6 Module 1c ibgp. Prerequisites: IPv6 Module 1a (OSPF) or IPv6 Module 1b (ISIS).

Module 9 BGP Configuration Essentials Lab

BGP Routing and BGP Policy. BGP Routing. Agenda. BGP Routing Information Base. L47 - BGP Routing. L47 - BGP Routing

BGP Multihoming Techniques Philip Smith NANOG October 2005 Los Angeles

Introduction to BGP. ISP Workshops. Last updated 30 October 2013

Ravi Chandra cisco Systems Cisco Systems Confidential

2015/07/23 23:31 1/7 ibgp

IPv6 Module 4 OSPF to IS-IS for IPv6

Border Gateway Protocol - BGP

BGP4 workshop scenario

BGP101. Howard C. Berkowitz. (703)

2016/09/07 08:37 1/5 Internal BGP Lab. Set up Internal BGP (ibgp) within the each Group autonomous system to carry routing information within the AS.

Transcription:

Module 13 Multihoming to Different ISPs ISP/IXP Networking Workshop Lab Objective: To investigate various methods for multihoming onto two different upstream ISPs. Prerequisites: Module 12 and Multihoming Presentation The following will be the common topology used. R5 R10 AS107 AS112 R1 R3 R14 R12 R2 AS108 AS109 R4 R13 AS111 AS110 R11 R8 R9 R6 R7 AS16384 Figure 1 ISP Lab Multihoming Configuration 1

Sunday, January 12, 2003 Lab Notes The purpose of this module is to demonstrate multihoming in the situation where the customer AS has one connection to more than one upstream service provider. There are at least two situations where this is applicable: Enterprise or Service Provider customer requires more than one connection to the Internet to provide resiliency, and/or loadsharing. Enterprise or Service Provider customer requires more than one Internet connection to give their network service provider redundancy. It is important that you review the multihoming presentation before you start with this module. Only configuration examples will be given it will be left to the workshop participant to use the presentation notes to help them configure their routers correctly. To ensure an understandable and easy to follow configuration, as well as good practice, a few assumptions about configuring BGP will be made. These are: Use prefix-lists to filter prefixes Use as-path access-lists to filter ASes Use route-maps to implement policy There are rarely any exceptions to this. Prefix lists are very efficient access-lists and make implementation of prefix filtering on AS borders (and elsewhere) very easy. Please review the BGP presentation materials if there is any uncertainty as to how prefix lists work. Lab Exercise 1. Basic Configuration. Each router team should configure their router to fit into the network layout depicted in Figure 1. Check all connections. Note that most links are using serial cables. Remember what was covered in Module 11 2. Addressing Plan. These address ranges should be used throughout this module. You are welcome to use your own range within an AS if you desire, just so long as you consult with the teams in other ASes to ensure there is no overlap. In the every day Internet, such address assignment is carried out by the Regional Internet Registry. AS16384 is the transit provider used in this module, and as such represents the Internet at large. A /16 network block has been assigned to that provider. AS107 220.10.0.0/19 AS108 220.19.0.0/19 AS109 220.73.0.0/19 AS110 221.19.0.0/19 Cisco Systems Inc 2 170 West Tasman Drive. San Jose, CA 95134-1706 Phone: +1 408 526-4000 Fax: +1 408 536-4100

ISP/IXP Networking Workshop Lab AS111 221.35.0.0/19 AS112 221.99.0.0/19 AS16384 222.11.0.0/16 3

Sunday, January 12, 2003 R1 R2 R3 R4 R5 R6 e1 R15 R7 R8 R9 R10 R11 R12 R13 R14 Figure 2 Multihoming Lab Physical Layout Cisco Systems Inc 4 170 West Tasman Drive. San Jose, CA 95134-1706 Phone: +1 408 526-4000 Fax: +1 408 536-4100

ISP/IXP Networking Workshop Lab 3. Routing Protocols. OSPF (area 0 only) and ibgp should now be configured between the routers for each of AS 107, AS112 and AS16384. The other 4 ASes do not require OSPF or ibgp as they only have a single router in them. Any interfaces which should not be running OSPF MUST be marked as passive in the configuration. And don t forget to use BGP peer groups for ibgp peers. Checkpoint #1: When you have properly configured your router, and the other routers in the AS are reachable (i.e. you can ping the other routers, and see BGP and OSPF prefixes in the routing table), please let the instructor know. Scenario One Basic Configuration, no redundancy The first scenario is not found in common practice but serves as a good introduction to the concepts of BGP multihoming as found on the Internet. And it will also serve as a reminder of some of the configuration concepts covered in the Basic ISP Workshop. The customer has two upstream links, one to each ISP. Both links require to be used equally for traffic. The best way of achieving this is to announce half the address space on one link, and the other half of the address space on the other link. (The alternative is to simply announce the whole address block on each link. However, this probably will not achieve any useful degree of loadsharing.) 4. Enable ebgp between the transit ASes. AS108 and AS109 should now enable their ebgp link to AS16384. AS110 and AS111 should do likewise. All router teams in these ASes must ensure that they can see all the prefixes of AS108, AS109, AS110, AS111 and AS16384. If they are not there, work with your team members to ensure they appear. Don t forget the static pull-up route when injecting prefixes into BGP Also, at this stage there is no need to install prefix filters between these ASes if you would like to, don t forget that you need to allow through the network blocks of the ASes you are providing transit to. 5. Prepare to enable ebgp between AS107 and its two upstreams. AS107 should currently be running ibgp within its own network. To announce AS107 s prefix to AS108 and AS109 we will take the /19 address block and divide it into two. The aim is to achieve relatively even utilisation of the links between AS107 and AS108/AS109, and common practice is to subdivide the address space. AS108 and AS109 will not announce any prefixes to AS107 they will simply announce a default route. There is no need for any more routing information to be injected into the customer site. 6. Create AS107 prefix lists. First, create the prefix lists on the routers in AS107. For example, Router1 will announce the first subblock, Router3 will announce the second subblock. Both will accept the default route. Example for Router1: 5

Sunday, January 12, 2003 ip prefix-list subblock1 permit 220.10.0.0/20 ip prefix-list default permit 0.0.0.0/0 7. Create AS108 and AS109 prefix-lists. The routers in AS108 and AS109 should only accept those prefixes which the customer is entitled to announce. So a prefix list needs to be installed on both Router2 and Router4 to do this. Notice in the example how a range of addresses has been listed in the permit statement this is so that the customer can make changes without the upstream having to reconfigure their filters: ip prefix-list Customer permit 220.10.0.0/19 le 20 ip prefix-list default permit 0.0.0.0/0 8. Configure ebgp in AS107. With the prefix lists configured it is now possible to set up ebgp. It is good practice to configure the filters first, then configure BGP, not the other way around. This helps prevent accidents. Example configuration for Router 3: ip prefix-list subblock2 permit 220.10.16.0/20 ip prefix-list default permit 0.0.0.0/0 router bgp 107 neighbor <router4> remote-as 109 neighbor <router4> description Peering with Router 4 in AS109 neighbor <router4> prefix-list subblock2 out neighbor <router4> prefix-list default in 9. Configure ebgp in AS109 with AS107. AS109 is going to originate the default route in the peering with AS107. The BGP command default-originate is used to do this. Example configuration for Router 4: router bgp 109 neighbor <router3> remote-as 107 neighbor <router3> description Multihomed Customer neighbor <router3> default-originate neighbor <router3> prefix-list Customer in neighbor <router3> prefix-list default out 10. AS108 and AS109 ebgp configuration with AS16384. Without further configuration changes in AS109, AS107 will be announced by AS108 and AS109 routers to other ASes. It is always good practice to only announce the prefixes you are entitled to announce to the Internet so now is the time to add prefix filters to the peering with AS16384. The example below is for AS109: ip prefix-list mynets permit 220.10.0.0/19 le 20 ip prefix-list mynets permit 220.73.0.0/19 Cisco Systems Inc 6 170 West Tasman Drive. San Jose, CA 95134-1706 Phone: +1 408 526-4000 Fax: +1 408 536-4100

ISP/IXP Networking Workshop Lab router bgp 109 neighbor <router8> remote-as 16384 neighbor <router8> description Peering with AS16384 The Internet neighbor <router8> prefix-list mynets out 11. AS16384 ebgp configuration. The configuration for the routers in AS16384 is left as an exercise. You can choose to filter your customer ASes if you wish the prefix filters will be based on those configured by your customers in the previous step. You will announce all prefixes you have to your customers, so in this case there is no need for an outbound prefix filter (although you can construct one if you really wish to do so). 12. AS112 and its upstreams of AS110 and AS111. The same types of configuration concepts are also required on AS110, AS111 and AS112. AS112 is a multihomed customer of AS110 and AS111. The teams looking after the routers in these two ASes should use the above configuration examples as hints to set up their own peering sessions. Checkpoint #2: Once the BGP configuration has been completed, check the routing table and ensure that you have complete reachability over the entire network. If there are any problems, work with the other router teams to resolve those. Scenario Two Primary link and backup link The second scenario is more commonly employed, especially where the customer has a large circuit to their upstream, and an inexpensive circuit they use almost exclusively for backup purposes to another ISP. (The case maybe that the primary ISP has good connection to the Internet, and the backup ISP is used only as a last resort for technical, commercial, or political reasons.) In this case, the whole address block is announced out of both links. However, the announcement going out the backup link has its AS path length increased so that it is at a lower priority. Likewise, the incoming default route announcement from the ISP is weighted using local-preference. (Hint: remember the purpose of changing the AS Path length? If in doubt, review the BGP presentation material.) 13. Cleanup the configuration. Remove the configuration which split the address blocks into two pieces and inserted them into the BGP table. 14. Configure the main link. Configure the main link between the customer AS and the ISP. For AS107, the link between Router1 and Router2 in AS108 is the main link the link between Router3 and Router4 7

Sunday, January 12, 2003 in AS109 is the backup. For AS112, the main link is between Router 12 and Router 11 in AS110. Example configuration for Router1: ip prefix-list myblock permit 220.10.0.0/19 ip prefix-list default permit 0.0.0.0/0 router bgp 107 network 220.10.0.0 mask 255.255.224.0 neighbor <router2> remote-as 108 neighbor <router2> description Link to Router2 in AS108 neighbor <router2> prefix-list myblock out neighbor <router2> prefix-list default in ip route 220.10.0.0 255.255.224.0 null0 15. Configure the backup link. Configure the backup link between the private AS and the ISP. Increase the AS Path Length on outbound announcements to 3, and set local preference on inbound announcements to 80. Remember that the shortest AS Path Length and highest local-preference win during the BGP path selection process. To do this, use a route-map on the peering you will require an inbound and outbound route-map. Example configuration for Router14: ip prefix-list myblock permit 221.99.0.0/19 ip prefix-list default permit 0.0.0.0/0 route-map outfilter permit 10 match ip address prefix-list myblock set as-path prepend 112 112 112 route-map outfilter permit 20 route-map infilter permit 10 match ip address prefix-list default set local-preference 80 route-map infilter permit 20 router bgp 112 network 221.99.0.0 mask 255.255.224.0 neighbor <router13> remote-as 111 neighbor <router13> description Link to Router13 in AS111 neighbor <router13> prefix-list myblock out neighbor <router13> prefix-list default in neighbor <router13> route-map outfilter out neighbor <router13> route-map infilter in ip route 221.99.0.0 255.255.224.0 null0 16. Connectivity Test. Check connectivity throughout the lab network. Each router team should be able to see all other routers in the room. When you are satisfied that BGP is working correctly, try running Cisco Systems Inc 8 170 West Tasman Drive. San Jose, CA 95134-1706 Phone: +1 408 526-4000 Fax: +1 408 536-4100

ISP/IXP Networking Workshop Lab traceroutes to ensure that the primary paths are being followed. When you are satisfied this is the case, check that the backup functions (do this by disconnecting the cable between the two routers on the primary path) you will see that the backup path is now used. Checkpoint #3: Once the BGP configuration has been completed, check the routing table and ensure that you have complete reachability over the entire network. If there are any problems, work with the other router teams to resolve those. Scenario Three More Controlled Loadsharing The third scenario is the most commonly deployed. Most multihomed sites want to implement some kind of loadsharing on the circuits they have to their upstream provider. The example here discusses only two circuits, but the techniques work equally well for a greater number. To do this, the whole address block is announced out of both links. On the first link it is left untouched, but on the second link it attracts an AS Path Length increase. Also on the second link, the address block is split into two pieces, with one subprefix being announced with no modification to AS Path Length. 17. Clean up the configuration of AS107 and AS112. Remove the configuration which set the weighting for the previous example specifically the route-maps. They must be removed from the BGP configuration, and from the main configuration. 18. Configure the address block and subprefixes in AS107 and AS112. Modify the router configuration so that the /19 address block and one /20 subprefix is present in the BGP table. Also set up prefix lists to cater for these blocks. For example: ip prefix-list aggregate permit 220.10.0.0/19 ip prefix-list subblocks permit 220.10.0.0/19 le 20 ip prefix-list default permit 0.0.0.0/0 router bgp 107 network 220.10.0.0 mask 255.255.224.0 network 220.10.0.0 mask 255.255.240.0 ip route 220.10.0.0 255.255.224.0 null0 9

Sunday, January 12, 2003 ip route 220.10.0.0 255.255.240.0 null0 19. Configure BGP in AS107 and AS112. For AS107, the link between Router1 and Router2 in AS108 is the first link the link between Router3 and Router4 in AS109 is the second (and is the one which should also announce the subprefix). For AS112, the first link is between Router 12 and Router 11 in AS110. Configure BGP on the border routers in the customer ASes so that the prefix and one sub prefix is announced to the direct peer as described earlier. For example, Router1 could announce aggregate as above, whereas Router3 could announce aggregate with a lengthened AS Path, and announce subblock1 as is. For example on Router3: route-map outfilter permit 10 match ip address prefix-list aggregate set as-path prepend 107 107 107 route-map outfilter permit 20 route-map infilter permit 10 match ip address prefix-list default set local-preference 80 route-map infilter permit 20 router bgp 107 network 220.19.0.0 mask 255.255.224.0 neighbor <router4> remote-as 109 neighbor <router4> description Link to Router4 in AS109 neighbor <router4> prefix-list subblocks out neighbor <router4> prefix-list default in neighbor <router4> route-map outfilter out neighbor <router4> route-map infilter in 20. Connectivity test. Check connectivity throughout the lab network. Each router team should be able to see all other routers in the room. When you are satisfied that BGP is working correctly, try running traceroutes to check the path being followed. Also check that backup via the alternative path still functions (do this by disconnecting the cable between the two routers on the primary path) you will see that the backup path is now used. Checkpoint #4: Once the BGP configuration has been completed, check the routing table and ensure that you have complete reachability over the entire network. If there are any problems, work with the other router teams to resolve those. 21. Check the network paths. Run traceroutes between your router and other routers in the classroom. Ensure that all routers are reachable. If any are not, work with the other router teams to establish what might be wrong. Cisco Systems Inc 10 170 West Tasman Drive. San Jose, CA 95134-1706 Phone: +1 408 526-4000 Fax: +1 408 536-4100

ISP/IXP Networking Workshop Lab 22. Summary. This module has covered the major situations where a customer requires to multihomed onto more than one service provider backbone. It has demonstrated how to implement this multihoming using prefix-lists, AS Path Length modifications and local-preference where appropriate. 11

Sunday, January 12, 2003 CONFIGURATION NOTES Documentation is critical You should record the configuration at each Checkpoint, as well as the configuration at the end of the module. Cisco Systems Inc 12 170 West Tasman Drive. San Jose, CA 95134-1706 Phone: +1 408 526-4000 Fax: +1 408 536-4100

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback