6-2-1. Cisco dual BGP with Community string-HSRP (Load-sharing)
|
|
- ISPs : 2
- WAN links : 2
- CPE : 2
- PE : 2
- Device : Cisco router with LAN/WAN ports.
- WAN1 / Serial IP : 10.20.1.0/30 (mask 255.255.255.252)
- WAN2 / Serial IP : 10.30.1.0/30 (mask 255.255.255.252)
- LAN / Ethernet IP : 100.100.100.0/24 and 200.200.200.0/24
- Receiving Route : No BGP route table from ISP
- Memory : Full route(recommend 512M), partial route
(recommend 128-256M), default route only in this sample.
- LAN : ISP_A (AS20), ISP_B(AS30), Customer (AS10) and other ISP (AS50)
|
|
[Traffic flow]
Outbound traffic on CPE
In this sample, customer is not receiving any BGP route table from ISPs. We configured static route points to serial link. Using two HSRP, outbound traffic of IP block 100.100.100.0/24 will be routed to ISP_"A" and traffic of IP block 200.200.200.0/24 will be routed to ISP_"B".
Inbound traffic on CPE
All traffic associated with 100.100.100.0/24 will be routed thru the ISP_"A" and 200.200.200.0/24 will be routed thru the ISP_"B". This configuration will cover failover situation and achieve load-sharing plan. One of line failed, other link will take both traffic by sending community strings. See below example and testing output.
[CPE_1/Customer Cisco Router]
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CPE_1
!
ip cef
no ip domain lookup
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial1/0
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/1
ip address 10.20.1.1 255.255.255.252
load-interval 30
serial restart-delay 0
!
interface Serial1/2
no ip address
load-interval 30
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
interface FastEthernet2/0
ip address 200.200.200.2 255.255.255.0 secondary
ip address 100.100.100.2 255.255.255.0
duplex auto
speed auto
standby 100 ip 100.100.100.1 <--------- HSRP for IP block 100.100.100.0/24
standby 100 preempt
standby 100 track Serial1/1 50 <--------- When Serial1/1 down, deduct 50 from Priority value
standby 200 ip 200.200.200.1 <--------- HSRP for IP block 200.200.200.0/24
standby 200 priority 80 <------------ Set lower priority for standby path
standby 200 preempt
!
router bgp 10
no synchronization
bgp log-neighbor-changes
network 100.100.100.0 mask 255.255.255.0
network 200.200.200.0
redistribute connected
neighbor 10.20.1.2 remote-as 20<------------------ BGP neighbor to ISP_"A"
neighbor 10.20.1.2 send-community <------------- Must configure to send community string
neighbor 10.20.1.2 prefix-list to-ISP out <--------- Allow only IP block need to be advertised to ISP
neighbor 10.20.1.2 route-map route-to-ISP out <-------- To control inbound traffic
no auto-summary
!
ip http server
no ip http secure-server
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Serial1/1 <-------- To control outbound traffic
!
ip bgp-community new-format
!
ip prefix-list prefix-1 seq 5 permit 100.100.100.0/24
!
ip prefix-list prefix-2 seq 5 permit 200.200.200.0/24
!
ip prefix-list to-ISP seq 5 permit 100.100.100.0/24
ip prefix-list to-ISP seq 10 permit 200.200.200.0/24
!
route-map route-to-ISP permit 10 <-------- To control inbound traffic
match ip address prefix-list prefix-2
set community 20:3
!
route-map route-to-ISP permit 20
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
end
[CPE_2/Customer Cisco Router]
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CPE_2
!
boot-start-marker
boot-end-marker
!
no aaa new-model
memory-size iomem 5
!
ip cef
no ip domain lookup
!
interface FastEthernet0/0
ip address 200.200.200.4 255.255.255.0
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial1/0
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/1
ip address 10.30.1.1 255.255.255.252
load-interval 30
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
interface FastEthernet2/0
ip address 200.200.200.3 255.255.255.0 secondary
ip address 100.100.100.3 255.255.255.0
duplex auto
speed auto
standby 100 ip 100.100.100.1 <--------- HSRP for IP block 100.100.100.0/24
standby 100 priority 80 <------------ Set lower priority for standby path
standby 100 preempt
standby 200 ip 200.200.200.1 <--------- HSRP for IP block 200.200.200.0/24
standby 200 preempt
standby 200 track Serial1/1 50 <--------- When Serial1/1 down, deduct 50 from Priority value
!
router bgp 10
no synchronization
bgp log-neighbor-changes
network 100.100.100.0 mask 255.255.255.0
network 200.200.200.0
redistribute connected
neighbor 10.30.1.2 remote-as 30 <------------------ BGP neighbor to ISP_"B"
neighbor 10.30.1.2 send-community <-------------- Must configure to send community string
neighbor 10.30.1.2 prefix-list to-ISP out <--------- Allow only IP block need to be advertised to ISP
neighbor 10.30.1.2 route-map route-to-ISP out <-------- To control inbound traffic
no auto-summary
!
ip http server
no ip http secure-server
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Serial1/1 <-------- To control outbound traffic
!
ip bp-community new-format
!
ip prefix-list prefix-1 seq 5 permit 100.100.100.0/24
!
ip prefix-list prefix-2 seq 5 permit 200.200.200.0/24
!
ip prefix-list to-ISP seq 5 permit 100.100.100.0/24
ip prefix-list to-ISP seq 10 permit 200.200.200.0/24
!
route-map route-to-ISP permit 10 <-------- To control inbound traffic
match ip address prefix-list prefix-1
set community 30:3
!
route-map route-to-ISP permit 20
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
end
[ISP_A PE/ISP Cisco Router]
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ISP_A
!
boot-start-marker
boot-end-marker
!
ip cef
no ip domain lookup
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial1/0
ip address 10.20.1.2 255.255.255.252
serial restart-delay 0
!
interface Serial1/1
ip address 20.20.1.1 255.255.255.252
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
router bgp 20
no synchronization
bgp log-neighbor-changes
redistribute connected
neighbor 10.20.1.1 remote-as 10 <------------------ BGP neighbor to Customer
neighbor 10.20.1.1 route-map customer-in in <------ To apply BGP community policy on customer's routes
neighbor 10.20.1.1 route-map no-routes out <------- No BGP routes will be sent to Customer
neighbor 20.20.1.2 remote-as 20
no auto-summary
!
ip http server
no ip http secure-server
ip forward-protocol nd
!
!
ip bgp-community new-format <-------------- For new BGP community format
ip community-list 1 permit 20:1 <------------- BGP community policy below
ip community-list 2 permit 20:2
ip community-list 3 permit 20:3
ip community-list 4 permit 20:80
ip community-list 5 permit 20:120
!
!
route-map no-routes deny 10
!
route-map customer-in permit 10
match community 1
set as-path prepend 20
!
route-map customer-in permit 20
match community 2
set as-path prepend 20 20
!
route-map customer-in permit 30
match community 3
set as-path prepend 20 20 20
!
route-map customer-in permit 40
match community 4
set local-preference 80
!
route-map customer-in permit 50
match community 5
set local-preference 120
!
route-map customer-in permit 60
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
end
[ISP_B PE / ISP Cisco Router]
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ISP_B
!
ip cef
no ip domain lookup
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial1/0
ip address 10.30.1.2 255.255.255.252
serial restart-delay 0
!
interface Serial1/1
ip address 30.30.1.1 255.255.255.252
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
router bgp 30
no synchronization
bgp log-neighbor-changes
redistribute connected
neighbor 10.30.1.1 remote-as 10 <------------------ BGP neighbor to Customer
neighbor 10.30.1.1 route-map customer-in in <------ To apply BGP community policy on customer's routes
neighbor 10.30.1.1 route-map no-routes out <------- No BGP routes will be sent to Customer
neighbor 30.30.1.2 remote-as 30
no auto-summary
!
ip http server
no ip http secure-server
ip forward-protocol nd
!
ip bgp-community new-format <-------------- For new BGP community format
ip community-list 1 permit 30:1 <------------- BGP community policy below
ip community-list 2 permit 30:2
ip community-list 3 permit 30:3
ip community-list 4 permit 30:80
ip community-list 5 permit 30:120
!
route-map no-routes deny 10
!
route-map customer-in permit 10
match community 1
set as-path prepend 30
!
route-map customer-in permit 20
match community 2
set as-path prepend 30 30
!
route-map customer-in permit 30
match community 3
set as-path prepend 30 30 30
!
route-map customer-in permit 40
match community 4
set local-preference 80
!
route-map customer-in permit 50
match community 5
set local-preference 120
!
route-map customer-in permit 60
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
end
CPE_1#sh ip bgp neighbors 10.20.1.2 ad
BGP table version is 6, local router ID is 100.100.100.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 100.100.100.0/24 0.0.0.0 0 32768 i
*> 200.200.200.0 0.0.0.0 0 32768 i
Total number of prefixes 2
CPE_1#sh standby brief
P indicates configured to preempt.
|
Interface Grp Prio P State Active Standby Virtual IP
Fa2/0 100 100 P Active local 100.100.100.3 100.100.100.1
Fa2/0 200 80 P Standby 100.100.100.3 local 200.200.200.1
CPE_1#
CPE_2#sh ip bgp neighbors 10.30.1.2 ad
BGP table version is 6, local router ID is 100.100.100.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 100.100.100.0/24 0.0.0.0 0 32768 i
*> 200.200.200.0 0.0.0.0 0 32768 i
Total number of prefixes 2
CPE_2#sh standby brief
P indicates configured to preempt.
|
Interface Grp Prio P State Active Standby Virtual IP
Fa2/0 100 80 P Standby 100.100.100.2 local 100.100.100.1
Fa2/0 200 100 P Active local 100.100.100.2 200.200.200.1
CPE_2#
ISP_A#sh ip bgp neighbors 10.20.1.1 ro
BGP table version is 28, local router ID is 20.20.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 100.100.100.0/24 10.20.1.1 0 0 10 i
* 200.200.200.0 10.20.1.1 0 0 20 20 20 10 i
Total number of prefixes 2
ISP_A#sh ip bgp 200.200.200.0
BGP routing table entry for 200.200.200.0/24, version 28
Paths: (2 available, best #1, table Default-IP-Routing-Table)
Not advertised to any peer
30 10
20.30.1.2 from 20.20.1.2 (20.50.1.1)
Origin IGP, metric 0, localpref 100, valid, internal, best
20 20 20 10
10.20.1.1 from 10.20.1.1 (100.100.100.2)
Origin IGP, metric 0, localpref 100, valid, external
Community: 20:3
ISP_A#
ISP_B#sh ip bgp neighbors 10.30.1.1 ro
BGP table version is 27, local router ID is 30.30.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* 100.100.100.0/24 10.30.1.1 0 0 30 30 30 10 i
*> 200.200.200.0 10.30.1.1 0 0 10 i
Total number of prefixes 2
ISP_B#sh ip bgp 100.100.100.0
BGP routing table entry for 100.100.100.0/24, version 21
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Not advertised to any peer
30 30 30 10
10.30.1.1 from 10.30.1.1 (100.100.100.3)
Origin IGP, metric 0, localpref 100, valid, external
Community: 30:3
20 10
20.30.1.1 from 30.30.1.2 (30.50.1.1)
Origin IGP, metric 0, localpref 100, valid, internal, best
ISP_B#
ISP_A_TR#sh ip bgp 100.100.100.4
BGP routing table entry for 100.100.100.0/24, version 18
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Advertised to update-groups:
1
10
10.20.1.1 from 20.20.1.1 (20.20.1.1)
Origin IGP, metric 0, localpref 100, valid, internal, best
ISP_A_TR#sh ip bgp 200.200.200.4
BGP routing table entry for 200.200.200.0/24, version 29
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Advertised to update-groups:
1 2
50 30 10
20.50.1.2 from 20.50.1.2 (30.50.1.2)
Origin IGP, localpref 100, valid, external
30 10
20.30.1.2 from 20.30.1.2 (30.50.1.1)
Origin IGP, localpref 100, valid, external, best
ISP_A_TR#
ISP_B_TR#sh ip bgp 100.100.100.4
BGP routing table entry for 100.100.100.0/24, version 22
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Advertised to update-groups:
1 2
50 20 10
30.50.1.2 from 30.50.1.2 (30.50.1.2)
Origin IGP, localpref 100, valid, external
20 10
20.30.1.1 from 20.30.1.1 (20.50.1.1)
Origin IGP, localpref 100, valid, external, best
ISP_B_TR#sh ip bgp 200.200.200.4
BGP routing table entry for 200.200.200.0/24, version 28
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Advertised to update-groups:
2
10
10.30.1.1 from 30.30.1.1 (30.30.1.1)
Origin IGP, metric 0, localpref 100, valid, internal, best
ISP_B_TR#
Other_ISP#sh ip bgp 100.100.100.4
BGP routing table entry for 100.100.100.0/24, version 22
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Advertised to update-groups:
1
30 20 10
30.50.1.1 from 30.50.1.1 (30.50.1.1)
Origin IGP, localpref 100, valid, external
20 10
20.50.1.1 from 20.50.1.1 (20.50.1.1)
Origin IGP, localpref 100, valid, external, best
Other_ISP#tr 100.100.100.4
Type escape sequence to abort.
Tracing the route to 100.100.100.4
1 20.50.1.1 48 msec 16 msec 8 msec
2 20.20.1.1 [AS 20] 20 msec 20 msec 12 msec
3 10.20.1.1 [AS 20] 16 msec 32 msec 16 msec
4 100.100.100.4 [AS 10] 20 msec * 44 msec
Other_ISP#sh ip bgp 200.200.200.4
BGP routing table entry for 200.200.200.0/24, version 32
Paths: (2 available, best #1, table Default-IP-Routing-Table)
Advertised to update-groups:
1
30 10
30.50.1.1 from 30.50.1.1 (30.50.1.1)
Origin IGP, localpref 100, valid, external, best
20 30 10
20.50.1.1 from 20.50.1.1 (20.50.1.1)
Origin IGP, localpref 100, valid, external
Other_ISP#tr 200.200.200.4
Type escape sequence to abort.
Tracing the route to 200.200.200.4
1 30.50.1.1 80 msec 60 msec 8 msec
2 30.30.1.1 [AS 30] 16 msec 24 msec 8 msec
3 10.30.1.1 [AS 30] 12 msec 28 msec 16 msec
4 200.200.200.4 [AS 10] 12 msec * 24 msec
Other_ISP#
[Dynamips testing]
Download and test it yourself with below Dynamips configuration files.
 Dynamips NET file
Router configuration files
If you have any questions, feel free to send email us at
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
. If you are looking for professional grade service, you might want to try our "BGP experts service". What is "BGP Experts service"? Click "BGP Experts" from the top menu option. You will find out what the "BGP Experts" and what we are doing here for.
|
|
BGP Configurations 
