Page 1 of 1

Moving to BGP, need infrastructure Guidance

Posted: Tue Jan 09, 2018 12:55 pm
by Chris@edgarhighspeed.com
HI Folks,
Last month we received our second fiber line from another ISP. We are now ISP'd (if that's a acronym). We have received our AS number from ARIN and paid our fee. I am waiting to buy an IPV4 block from auction until I have the BGP design down.

I have been in talked with a few guru's on the BGP side. Our goal is to use the fiber capacity (200mbps/ISP) from each ISP rather than failover style.

I am wondering what others here are using for this type of deployment.

recommended design is as such- with cross connect between switch 1 and switch 2.


ISP1 modem -----Switch 1 ------- Router 1------Inside Switch 1---------wireless AP’s
ISP2 modem------Switch 2--------Router 2------ Inside Switch 1--------Wireless AP’s

if this works and is a generally accepted design, what type of switch should I use for Switch 1 and Switch 2. We already have CCR1009 routers for Router 1 and Router 2 and Netonix WS-12-250AC for the Inside Switch.

Thanks for any help you can give.

Re: Moving to BGP, need infrastructure Guidance

Posted: Tue Jan 09, 2018 9:02 pm
by mike99
Switch 1 and 2 can be whatever you want but
1 - why would you want a switch between the ISP demarcation device and your router ?
2 - if, you really want switch, why not use the same switch as "inside" switch and use a different VLAN for ISP side ?

Edit: I would connect both router to both ISP with each a BGP session and use AS number prepending to control by subnet which ISP have priority by subnet. ISP have normally a lot less upload than download, so upload all traffic via a single ISP, with the other as a backup, is normally not a problem. In this scenario, you would need a switch between the router and the ISP demarcation device since you want 2 router to connect to each ISP. Again, the internal router can be use with a different VLAN from iinternal network.

Re: Moving to BGP, need infrastructure Guidance

Posted: Wed Apr 10, 2019 12:32 am
by FTNET-Dane
Yep. What Mike said.

When you get your first subnet, you can try advertising that prefix equally out to both upstream providers via BGP. If you are lucky, you might get a nice load balance happening. If not, you need to use a tool called AS Prepend. An AS prepend is simply just injecting your own ARIN ASN multiple times into the AS Path (the distance to your network) to make your certain network prefix look further away (a less desirable route).


If the traffic comes into your network lopsided via one ISP, you can do a BGP AS-Prepend on the busy side , to make your network look further away (less preferable route) so that more traffic will hopefully come in on the less busy side.


When you grow to have multiple prefixes, you can load balance the prefixes with AS-prepending. To do this, make prefix #1 look more attractive via ISP A, by making it look further away to ISP B. Then and make prefix #2 look more attractive via ISP B by making it look further away to ISP A.



Your prefixes:

ip prefix-list IPV4-SUBNET-1 seq 5 permit 111.222.111.0/24
ip prefix-list IPV4-SUBNET-2 seq 5 permit 222.111.222.0/24

Your two BGP Neighbors:

router bgp 123132
neighbor 1.2.3.4 route-map BGP-OUT-ROUTEMAP-ISP-A out
neighbor 5.6.7.8 route-map BGP-OUT-ROUTEMAP-ISP-B out

Traffic Engineering to ISP A:

route-map BGP-OUT-ROUTEMAP-ISP-A permit 5
match ip address prefix-list IPV4-SUBNET-1

route-map BGP-OUT-ROUTEMAP-ISP-A permit 10
match ip address prefix-list IPV4-SUBNET-2
set as-path prepend 123123

Traffic Engineering to ISP B:

route-map BGP-OUT-ROUTEMAP-ISP-B permit 5
match ip address prefix-list IPV4-SUBNET-1
set as-path prepend 123123

route-map BGP-OUT-ROUTEMAP-ISP-B permit 10
match ip address prefix-list IPV4-SUBNET-2



HTH

-Dane

Re: Moving to BGP, need infrastructure Guidance

Posted: Sun Apr 14, 2019 10:23 am
by mike99
FTNET-Dane wrote:Yep. What Mike said.

When you get your first subnet, you can try advertising that prefix equally out to both upstream providers via BGP. If you are lucky, you might get a nice load balance happening

Persistent only if transit provider have a different number of up to reach the remote service. If not using preprending, it often work fine at first but once one BGP session is down, traffic will then flow though the other BGP session and persist on this link even if the other BGP session come back up.
BGP is shorten path first and don't car about available bandwidith. If the session that come up again don't have shortest path, route won't change back for this link. That why it's better to use prepending from start.