When to run iBGP in the same AS with EIGRP


I am trying to get clarification on when to run iBGP with EIGRP. Attached is a document showing a basic topology of iBGP with an AS100 and EIGRP with an AS of 5000.

The questions that I have are:

Note: AS 100 will not be used for a transit from AS200 to AS300
- Under what conditions should I run iBGP?
- Under what conditions should I not run iBGP
- Is an option to  just run EIGRP 5000, redistribute partial BGP routes from the CE routers into EIGRP 5000?

Thank you in advance

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Good question. To run or not to run iBGP depends on network topology and objectives. iBGP allows for different set of tools for manipulating route decision that either EIGRP or OSPF cannot.

To answer more fully please provide your objectives here: route preference, manner of failover, etc.

Are CE1 and CE2 directly connected as you have on the diagram? If not, please indicate how things are all connected. Ad, what is below the Core? Is the Core only a single router?
dwesolowiczAuthor Commented:
Sorry for the delay and thanks for the reply.
My objectives are:

- PE1 and PE2 represent diverse ISP's
- I would like to use both ISP's for Internet connectivity (load balance or round robin) as well as fail-over.
- My plan is to have CE1 and CE2 directly connected, ensuring that a full mesh topology is in place if iBGP is needed
- The core represents 3 Cisco 3750 switches with IP services in a stack configuration. This is in a business environment.
- Below the core would be Cisco L2 2960's in the IDF's of the business environment

Thanks again!
It's fine to run iBGP and redistribute into EIGRP on the 2 CEs, running only EIGRP on the core. If the link between the CEs goes down, your network won't break, you'll simply have 2 independent paths out to the internet with no policy between them.

I see no benefit to running iBGP on your core switch. It's really better as a design policy to limit what routers know to what they really need to know. Your core doesn't need to know about the ISPs and the BGP table, it only needs to know the best path to get out. EIGRP will tell it. This will also save a lot of memory on your core switch stack.

Note that BGP is not very good at load balancing, as the only "dynamic" criteria is AS path length. Given 2 routes with an equal length path, your CE routers will pick one together. You can influence that decision with local pref and other tools.

If you are going to take the entire BGP routing table on those CE routers, make sure they have sufficient memory to handle it. If you are going to work with your ISPs to limit what you receive, then outbound load balancing becomes even less viable. You have almost no control over inbound load balancing, though you can use AS Prepend to force one to be your primary path for inbound traffic.
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

dwesolowiczAuthor Commented:
Thanks for the reply. To clarify:

-Make sure CE routers are configured to handle the entire BGP routing table
-Run iBGP between the CE routers
-Run EIGRP on the core and CE routers
-Redistribute iBGP into EIGRP

I will have to try this in a test environment. Ultimately I would like to be able to use both ISP's
and sounds like I will be able to do this with local pref and other tools.

Thanks again!
dwesolowiczAuthor Commented:
dwesolowiczAuthor Commented:
please see the revised attachment
I think that should work well. Give it a try and do some testing.
#dwesolowicz: Sorry I could reply earlier.

I disagree with some of the comments above and need to emphasis the following points:

1. You do NOT want BGP table from the ISPs, and they will certainly not advertize those to you. All you want is a default-route. And, you need to filter what you get from them to ensure it is only default-route. You will then advertize this default-route to your environment below. And, you need to make sure that you only advertize your IP subnet and AS to the ISPs; no more. You need BGP route-maps for these.

2. BGP is able to load-balance on multiple paths in the same AS using the "maximum-paths" command. So, let's use it. Note: Different AS's can also work with multi-path using "bgp bestpath as-path multipath-relax". This is Cisco; of course.

3. I would not run EIGRP on the CE routers. I would keep the full-mesh design, and I would configure iBGP on CE1 and CE2 and the Core router and redistribute iBGP and EIGRP into each other on the core router. Again, all you are taking from iBGP thru eBGP above is the default-route; no more.

4. You will need to configure the Core router to use the iBGP maximum-paths command to load-balance between the default-route paths learned from CE1 and CE2.

There are many configuration examples and definitions of the above concepts on the www.cisco.com site. Here are some links:



Please advise if you need clarification on any of the above.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
dwesolowiczAuthor Commented:

Thanks for the reply. I plan to test this out on GNS3 this weekend!
dwesolowiczAuthor Commented:
Question for naderz,

You made a comment in #1:

And, you need to make sure that you only advertise your IP subnet and AS to the ISPs; no more. You need BGP route-maps for these.

Could you clarify this for me? I am assuming from this statement that I will need to request an AS# for BGP, and then advertise this to the respective ISP's? I am a bit concerned on the memory requirements for this, an did not want to overwhelm my  Cisco 3750 stack (x3 switches).

Or, since I am not getting the full routing tables from the ISP, and utilizing default routes from the ISP (route maps ect.) ........will this assist in lowering the memory requirements for this configuration?

Just want to make sure I am on the right track
Yes, you will appear on the Internet via a public IP address from one of the ISPs you have mentioned. Since you have two connections to the Internet via two different ISPs, then each ISP will need to advertize your public IP address to the Internet via their network. This is so that if one of them looses connection to your network. the other one's advertizement kicks in and you have redundancy. To accomplish this, yes, you will need an IP subnet dedicated to you (thru one of the ISPs) and you need to have your own AS so that each ISP can communicate with you via BGP.

When you had mentioned BGP I assumed you had all that established.

Your memory requirements as far as BGP are nominal since all you are receiving from the ISPs is a default route. All you will advertize is also small: your public IP subnet; which should be /24 (ISPs will not advertize lower than /24). You do need to make sure, however, that your 3750s are capable of running BGP, etc.
This can be a problem- I also thought that you had the BGP AS and owned your own addressing. If you do ask ISP1 for public addressing, you have to make sure that ISP2 is willing to route it and that ISP1 is willing to advertise it separately. Some will be willing to do this only in a failover situation.

I don't think you will be able to get a public AS number if you have addressing owned by the ISP. You'd have to get a private AS number from the ISP, and have the other ISP agree to assign you the same one.

Also this is where the load-balancing concept breaks down, because although you can load-balance outbound via the default route, inbound traffic will always route via ISP1- your addressing will be a part of their larger net. And inbound traffic is normally far higher than outbound.

Also if you have a separate firewall to each ISP, you will have problems if traffic goes out through one ISP and back in the other ISP (or vice versa).
1. You can have a public AS with IP addresses from an ISP.
2. ISPs will route IP addresses of the other ISPs assigned to you. IP address subnet, however, cannot be smaller that /24.
3. Load-balancing concerns can be addressed depending on the architecture.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.