Search This Blog

Wednesday, May 15, 2013

BGP Load-balance



Here is a lab based on one of our customer’s request, his current topology based on two sites where each one of them is multiple single homed (2x links, 1xISP). 

The customer’s request was to load-share both links on each site where some networks traverse through link1 and other networks traverse through link2. Of course in case of failure in one link all traffic should goes through the other.

This is the lab topology I used:



R1 is P and RR where R2 to R5 are PE, all are part of the SP core network and running ISIS, MPLS, BGP and MP-BGP and located on ASN 65000.

R6 and R7 are the CE routers and each one of them represent each of the customer sites, both routers are located on ASN65067.

These are the objectives:

- R6 should go to network 192.168.71.0/24 through R5-R1-R3-R7 and to network  
  192.168.72.0/24 through R4-R1-R2-R7, default route should be preferred through R4.

- R7 should go to network 192.168.61.0/24 through R3-R1-R5-R6 and to network 
  192.168.62.0/24 through R2-R1-R4-R6, default route should be preferred through R3.

R6 load-balance requirement:



R7 load-balance requirement:



Let’s start with R6 related configuration, in order to make R6 to prefer one exit over the other I used metric. On R5 and I configured the following:

Ip prefix-list PL_R7_NET2 permit 192.168.72.0/24
!
route-map RM_R6_OUTBOUND permit 10
 match ip address prefix-list PL_R7_NET2
 set metric 1000
!
route-map RM_R6_OUTBOUND permit 20
!
router bgp 65000
 address-family ipv4 vrf RED
  neighbor 10.1.56.6 route-map RM_R6_OUTBOUND out

The same was configured with R4 but with network 192.168.71.0/24. 

In this way I assured that R6 will prefer to go to network 192.168.71.0/24 through R5 and to network 192.168.72.0/24 to R4.

R6 routing and BGP table:

R6#show ip route 192.168.71.0
Routing entry for 192.168.71.0/24
  Known via "bgp 65067", distance 20, metric 0
  Tag 65000, type external
  Last update from 10.1.56.5 15:10:35 ago
  Routing Descriptor Blocks:
  * 10.1.56.5, from 10.1.56.5, 15:10:35 ago
      Route metric is 0, traffic share count is 1
      AS Hops 2
      Route tag 65000

R6#show ip route 192.168.72.0
Routing entry for 192.168.72.0/24
  Known via "bgp 65067", distance 20, metric 0
  Tag 65000, type external
  Last update from 10.1.46.4 15:10:36 ago
  Routing Descriptor Blocks:
  * 10.1.46.4, from 10.1.46.4, 15:10:36 ago
      Route metric is 0, traffic share count is 1
      AS Hops 2
      Route tag 65000

R6#show ip bgp 192.168.71.0/24
BGP routing table entry for 192.168.71.0/24, version 53
Paths: (2 available, best #2, table Default-IP-Routing-Table)
  Advertised to update-groups:
     1        
  65000 65067, (received & used)
    10.1.46.4 from 10.1.46.4 (4.4.4.4)
      Origin IGP, metric 1000, localpref 100, valid, external
      Extended Community: RT:100:100
  65000 65067, (received & used)
    10.1.56.5 from 10.1.56.5 (5.5.5.5)
      Origin IGP, localpref 100, valid, external, best
      Extended Community: RT:100:100

R6#show ip bgp 192.168.72.0/24
BGP routing table entry for 192.168.72.0/24, version 54
Paths: (2 available, best #1, table Default-IP-Routing-Table)
  Advertised to update-groups:
     1        
  65000 65067, (received & used)
    10.1.46.4 from 10.1.46.4 (4.4.4.4)
      Origin IGP, localpref 100, valid, external, best
      Extended Community: RT:100:100
  65000 65067, (received & used)
    10.1.56.5 from 10.1.56.5 (5.5.5.5)
      Origin IGP, metric 1000, localpref 100, valid, external
      Extended Community: RT:100:100

The same configuration with the relevant networks has made on R2 and R3 for R7.

Next problem was to make the SP network to prefer to go through the right link for each network, currently R6 path to 192.168.71.0/24 and to 192.168.72.0/24 has gone through the same egress router (R2) on the SP core:

R6#traceroute 192.168.71.1 numeric

Type escape sequence to abort.
Tracing the route to 192.168.71.1

  1 10.1.56.5 32 msec 16 msec 12 msec
  2 10.1.15.1 [AS 65000] [MPLS: Labels 16/24 Exp 0] 48 msec 44 msec 40 msec
  3 10.1.27.2 [AS 65000] [MPLS: Label 24 Exp 0] 40 msec 48 msec 36 msec
  4 10.1.27.7 [AS 65000] 72 msec *  76 msec

R6#traceroute 192.168.72.1 numeric

Type escape sequence to abort.
Tracing the route to 192.168.72.1

  1 10.1.46.4 56 msec 32 msec 12 msec
  2 10.1.14.1 [AS 65000] [MPLS: Labels 16/23 Exp 0] 72 msec 72 msec 40 msec
  3 10.1.27.2 [AS 65000] [MPLS: Label 23 Exp 0] 76 msec 36 msec 28 msec
  4 10.1.27.7 [AS 65000] 40 msec *  84 msec

I have configured local preference, on R2 and R3, to make the relevant networks more preferred on each one of them. Here is the configuration of R3:

ip prefix-list PL_R7_NET1 permit 192.168.71.0/24
!
route-map RM_R7_INBOUND permit 10
 match ip address prefix-list PL_R7_NET1
  set local-preference 1000
 exit
route-map RM_R7_INBOUND permit 20
 exit
router bgp 65000
 address-family ipv4 vrf RED
  neighbor 10.1.37.7 route-map RM_R7_INBOUND in
 exit

The local preference attribute is a well-known discretionary attribute. This means local preference must be recognized by all BGP implementations, but will not exist in all BGP update messages; specifically it will not exist in eBGP update messages. On my example he will influence on all SP core routers.

The same configuration, with the relevant networks, has made on R2, R4 and R5 accordingly, the result on R6:

R6#traceroute 192.168.71.1 numeric

Type escape sequence to abort.
Tracing the route to 192.168.71.1

  1 10.1.56.5 44 msec 28 msec 24 msec
  2 10.1.15.1 [AS 65000] [MPLS: Labels 17/30 Exp 0] 60 msec 44 msec 60 msec
  3 10.1.37.3 [AS 65000] [MPLS: Label 30 Exp 0] 40 msec 76 msec 20 msec
  4 10.1.37.7 [AS 65000] 64 msec *  84 msec

R6#traceroute 192.168.72.1 numeric

Type escape sequence to abort.
Tracing the route to 192.168.72.1

  1 10.1.46.4 52 msec 12 msec 24 msec
  2 10.1.14.1 [AS 65000] [MPLS: Labels 16/23 Exp 0] 68 msec 32 msec 80 msec
  3 10.1.27.2 [AS 65000] [MPLS: Label 23 Exp 0] 68 msec 52 msec 44 msec
  4 10.1.27.7 [AS 65000] 72 msec *  80 msec

 And on R7:

R7#traceroute 192.168.61.1 numeric

Type escape sequence to abort.
Tracing the route to 192.168.61.1

  1 10.1.37.3 36 msec 24 msec 8 msec
  2 10.1.13.1 [AS 65000] [MPLS: Labels 18/29 Exp 0] 72 msec 48 msec 40 msec
  3 10.1.56.5 [AS 65000] [MPLS: Label 29 Exp 0] 32 msec 60 msec 44 msec
  4 10.1.56.6 [AS 65000] 116 msec *  72 msec

R7#traceroute 192.168.62.1 numeric

Type escape sequence to abort.
Tracing the route to 192.168.62.1

  1 10.1.27.2 40 msec 28 msec 8 msec
  2 10.1.12.1 [AS 65000] [MPLS: Labels 19/27 Exp 0] 60 msec 48 msec 48 msec
  3 10.1.46.4 [AS 65000] [MPLS: Label 27 Exp 0] 44 msec 48 msec 40 msec
  4 10.1.46.6 [AS 65000] 60 msec *  108 msec

As for the default route, for each CE router, I made the following configuration:

ip prefix-list PL_DEFAULT_ROUTE permit 0.0.0.0/0
!
route-map RM_R3_R7_INBOUND permit 10
 match ip address prefix-list PL_DEFAULT_ROUTE
  set local-preference 1000
 exit
route-map RM_R3_R7_INBOUND permit 20
 exit
router bgp 65067
 neighbor 10.1.37.3 route-map RM_R3_R7_INBOUND in
exit

BGP local-preference and MED attributes can be used to influence the upstream and downstream traffic for a specific prefixes.

No comments:

Post a Comment