Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

BGP route

Posted on 2014-04-09
7
Medium Priority
?
290 Views
Last Modified: 2014-04-14
Hello folks,
    I have a eBGP linux box (using quagga) and I experience the following issue:
traffic to/from external network  x.y.z.0/24  is slow through one of the two BGP peers that I have (call it B1), and which seems to be the default in x.y.z's network route table.
    No problem I said, I will push a route rule "by hand", so that traffic with said class should be handled by my other bgp peer (B2). However, the problem persists, because even though I send packets to x.y.z.0/24 using B2 , the response comes through B1, thus laggy.
    Putting peer B1 in shutdown will force x.y.z. network to talk to me through B2 and all is fine, but this is obviously no solution.
    Any ideas?
0
Comment
Question by:kronostm
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 39990391
It sounds like you want to set B2 as the better path from the internet to your network in order to avoid B1. To do that correctly, you have to do an AS prepend on the route your are sending out through the B1 router. the longer AS path will make it less desirable. So whereas (assuming your AS is 65001) your AS path via B2 would look like this:
65001 ?
The one via B1 would look like this
65001 65001 65001 ?

the AS path is simply a string. You'll have to look at your documentation to see how to add "65001 65001" to the path sent by your B1 router.
0
 
LVL 17

Expert Comment

by:pergr
ID: 39990654
I assume what you did was to set the local preference on the route that you RECEIVED. That affects your outgoing traffic.

If you want to affect your incoming traffic too, you must also do something with the routes you ADVERTISE. As mentioned that could be to add prepends. Keep in mind that this is prepends on routes to your networks, and so affects traffic from the whole internet, and not only from that /24.

There may be other ways than prepends, such as using specific communities published by that networks between you, or you may talk to the admin of that /24 and have them stear the traffic just as you have done.
0
 
LVL 14

Author Comment

by:kronostm
ID: 39990995
Mike, pergr, thank you for your answers.
Contacting the admin of that particular network is not an option as we are talking about a big organisation ( /24 was used as an example, the network is much bigger and pretty important, they would never lift a finger to my requests).
Using prepend will alter all my international routes, not just the one I am targeting, thing that I cannot do.

I'm afraid there might be no solution to my problem, but I'll leave this topic open for a few more days .... hope dies last.

kind regards
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
LVL 17

Accepted Solution

by:
pergr earned 1600 total points
ID: 39991014
If it is a very large organisation, perhaps you can find a Looking Glass, where you can see their BGP routes.

http://www.traceroute.org/#Looking%20Glass

You can there see what AS numbers they have in their path to you.


Next you can check with your uplinks, or some networks on that path toward the large organisation, and see if they accept communities that will add prepends, like for example:

http://www.onesc.net/communities/as3356/

Perhaps even that "large organisation" also accepts communities that will be translated to prepends.

You would then add these communities when advertising to your B1 uplinks - instead of prepends. It means the prepends will be added closer to the "/24", and not affect all your traffic.
0
 
LVL 28

Assisted Solution

by:mikebernhardt
mikebernhardt earned 400 total points
ID: 39992370
I missed that it was only that net which you wanted through B2.

Are both of your uplinks to the same ISP, or to different ISPs? If it's the same ISP then you may be able work with them to create a local pref policy that prefers to forward traffic from just that network to B2. Otherwise, you are probably out of luck.
0
 
LVL 27

Expert Comment

by:skullnobrains
ID: 39996026
simple answer is you can't

longer answer would require tricks. for example, if you have or can manage to have an extra wan address specific to the second link, you could NAT your outgoing traffic to that network. this should be acceptable if you are not an ISP.
0
 
LVL 14

Author Comment

by:kronostm
ID: 39998373
It looks like there is no simple solution though some workarounds might work. In current setup I am unable to use that workarounds, however I will accept pergr's answer regarding communities as solution, cause it looks like the closest thing to an answer to an impossible question. I will also award some points to mike.

many thanks
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Transparency shows that a company is the kind of business that it wants people to think it is.
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question