Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

BGP route

Posted on 2014-04-09
7
Medium Priority
?
288 Views
Last Modified: 2014-04-14
Hello folks,
    I have a eBGP linux box (using quagga) and I experience the following issue:
traffic to/from external network  x.y.z.0/24  is slow through one of the two BGP peers that I have (call it B1), and which seems to be the default in x.y.z's network route table.
    No problem I said, I will push a route rule "by hand", so that traffic with said class should be handled by my other bgp peer (B2). However, the problem persists, because even though I send packets to x.y.z.0/24 using B2 , the response comes through B1, thus laggy.
    Putting peer B1 in shutdown will force x.y.z. network to talk to me through B2 and all is fine, but this is obviously no solution.
    Any ideas?
0
Comment
Question by:kronostm
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 39990391
It sounds like you want to set B2 as the better path from the internet to your network in order to avoid B1. To do that correctly, you have to do an AS prepend on the route your are sending out through the B1 router. the longer AS path will make it less desirable. So whereas (assuming your AS is 65001) your AS path via B2 would look like this:
65001 ?
The one via B1 would look like this
65001 65001 65001 ?

the AS path is simply a string. You'll have to look at your documentation to see how to add "65001 65001" to the path sent by your B1 router.
0
 
LVL 17

Expert Comment

by:pergr
ID: 39990654
I assume what you did was to set the local preference on the route that you RECEIVED. That affects your outgoing traffic.

If you want to affect your incoming traffic too, you must also do something with the routes you ADVERTISE. As mentioned that could be to add prepends. Keep in mind that this is prepends on routes to your networks, and so affects traffic from the whole internet, and not only from that /24.

There may be other ways than prepends, such as using specific communities published by that networks between you, or you may talk to the admin of that /24 and have them stear the traffic just as you have done.
0
 
LVL 14

Author Comment

by:kronostm
ID: 39990995
Mike, pergr, thank you for your answers.
Contacting the admin of that particular network is not an option as we are talking about a big organisation ( /24 was used as an example, the network is much bigger and pretty important, they would never lift a finger to my requests).
Using prepend will alter all my international routes, not just the one I am targeting, thing that I cannot do.

I'm afraid there might be no solution to my problem, but I'll leave this topic open for a few more days .... hope dies last.

kind regards
0
Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

 
LVL 17

Accepted Solution

by:
pergr earned 1600 total points
ID: 39991014
If it is a very large organisation, perhaps you can find a Looking Glass, where you can see their BGP routes.

http://www.traceroute.org/#Looking%20Glass

You can there see what AS numbers they have in their path to you.


Next you can check with your uplinks, or some networks on that path toward the large organisation, and see if they accept communities that will add prepends, like for example:

http://www.onesc.net/communities/as3356/

Perhaps even that "large organisation" also accepts communities that will be translated to prepends.

You would then add these communities when advertising to your B1 uplinks - instead of prepends. It means the prepends will be added closer to the "/24", and not affect all your traffic.
0
 
LVL 28

Assisted Solution

by:mikebernhardt
mikebernhardt earned 400 total points
ID: 39992370
I missed that it was only that net which you wanted through B2.

Are both of your uplinks to the same ISP, or to different ISPs? If it's the same ISP then you may be able work with them to create a local pref policy that prefers to forward traffic from just that network to B2. Otherwise, you are probably out of luck.
0
 
LVL 27

Expert Comment

by:skullnobrains
ID: 39996026
simple answer is you can't

longer answer would require tricks. for example, if you have or can manage to have an extra wan address specific to the second link, you could NAT your outgoing traffic to that network. this should be acceptable if you are not an ISP.
0
 
LVL 14

Author Comment

by:kronostm
ID: 39998373
It looks like there is no simple solution though some workarounds might work. In current setup I am unable to use that workarounds, however I will accept pergr's answer regarding communities as solution, cause it looks like the closest thing to an answer to an impossible question. I will also award some points to mike.

many thanks
0

Featured Post

Survive A High-Traffic Event with Percona

Your application or website rely on your database to deliver information about products and services to your customers. You can’t afford to have your database lose performance, lose availability or become unresponsive – even for just a few minutes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SSL is a very common protocol used these days when browsing the web.  The purpose is to provide security to communication, but how does it do it?  There are several pieces at work that have to be setup before SSL will even work and it requires both …
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question