• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 460
  • Last Modified:

When to run iBGP in the same AS with EIGRP

Experts,

I am trying to get clarification on when to run iBGP with EIGRP. Attached is a document showing a basic topology of iBGP with an AS100 and EIGRP with an AS of 5000.

The questions that I have are:

Note: AS 100 will not be used for a transit from AS200 to AS300
BGP-topology.docx
- Under what conditions should I run iBGP?
- Under what conditions should I not run iBGP
- Is an option to  just run EIGRP 5000, redistribute partial BGP routes from the CE routers into EIGRP 5000?

Thank you in advance

Don
0
dwesolowicz
Asked:
dwesolowicz
  • 6
  • 4
  • 3
1 Solution
 
naderzCommented:
Good question. To run or not to run iBGP depends on network topology and objectives. iBGP allows for different set of tools for manipulating route decision that either EIGRP or OSPF cannot.

To answer more fully please provide your objectives here: route preference, manner of failover, etc.

Are CE1 and CE2 directly connected as you have on the diagram? If not, please indicate how things are all connected. Ad, what is below the Core? Is the Core only a single router?
0
 
dwesolowiczAuthor Commented:
Sorry for the delay and thanks for the reply.
My objectives are:

- PE1 and PE2 represent diverse ISP's
- I would like to use both ISP's for Internet connectivity (load balance or round robin) as well as fail-over.
- My plan is to have CE1 and CE2 directly connected, ensuring that a full mesh topology is in place if iBGP is needed
- The core represents 3 Cisco 3750 switches with IP services in a stack configuration. This is in a business environment.
- Below the core would be Cisco L2 2960's in the IDF's of the business environment

Thanks again!
0
 
mikebernhardtCommented:
It's fine to run iBGP and redistribute into EIGRP on the 2 CEs, running only EIGRP on the core. If the link between the CEs goes down, your network won't break, you'll simply have 2 independent paths out to the internet with no policy between them.

I see no benefit to running iBGP on your core switch. It's really better as a design policy to limit what routers know to what they really need to know. Your core doesn't need to know about the ISPs and the BGP table, it only needs to know the best path to get out. EIGRP will tell it. This will also save a lot of memory on your core switch stack.

Note that BGP is not very good at load balancing, as the only "dynamic" criteria is AS path length. Given 2 routes with an equal length path, your CE routers will pick one together. You can influence that decision with local pref and other tools.

If you are going to take the entire BGP routing table on those CE routers, make sure they have sufficient memory to handle it. If you are going to work with your ISPs to limit what you receive, then outbound load balancing becomes even less viable. You have almost no control over inbound load balancing, though you can use AS Prepend to force one to be your primary path for inbound traffic.
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
dwesolowiczAuthor Commented:
Thanks for the reply. To clarify:

-Make sure CE routers are configured to handle the entire BGP routing table
-Run iBGP between the CE routers
-Run EIGRP on the core and CE routers
-Redistribute iBGP into EIGRP

I will have to try this in a test environment. Ultimately I would like to be able to use both ISP's
and sounds like I will be able to do this with local pref and other tools.

Thanks again!
0
 
dwesolowiczAuthor Commented:
0
 
dwesolowiczAuthor Commented:
please see the revised attachment
0
 
mikebernhardtCommented:
I think that should work well. Give it a try and do some testing.
0
 
naderzCommented:
#dwesolowicz: Sorry I could reply earlier.

I disagree with some of the comments above and need to emphasis the following points:

1. You do NOT want BGP table from the ISPs, and they will certainly not advertize those to you. All you want is a default-route. And, you need to filter what you get from them to ensure it is only default-route. You will then advertize this default-route to your environment below. And, you need to make sure that you only advertize your IP subnet and AS to the ISPs; no more. You need BGP route-maps for these.

2. BGP is able to load-balance on multiple paths in the same AS using the "maximum-paths" command. So, let's use it. Note: Different AS's can also work with multi-path using "bgp bestpath as-path multipath-relax". This is Cisco; of course.

3. I would not run EIGRP on the CE routers. I would keep the full-mesh design, and I would configure iBGP on CE1 and CE2 and the Core router and redistribute iBGP and EIGRP into each other on the core router. Again, all you are taking from iBGP thru eBGP above is the default-route; no more.

4. You will need to configure the Core router to use the iBGP maximum-paths command to load-balance between the default-route paths learned from CE1 and CE2.

There are many configuration examples and definitions of the above concepts on the www.cisco.com site. Here are some links:

http://www.cisco.com/c/en/us/td/docs/ios/12_2/ip/configuration/guide/fipr_c/1cfbgp.html

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/unicast/nexus3000_unicast_config_gd_503_u1_1/l3_advbgp.html

Please advise if you need clarification on any of the above.
0
 
dwesolowiczAuthor Commented:
naderz

Thanks for the reply. I plan to test this out on GNS3 this weekend!
0
 
dwesolowiczAuthor Commented:
Question for naderz,

You made a comment in #1:

And, you need to make sure that you only advertise your IP subnet and AS to the ISPs; no more. You need BGP route-maps for these.

Could you clarify this for me? I am assuming from this statement that I will need to request an AS# for BGP, and then advertise this to the respective ISP's? I am a bit concerned on the memory requirements for this, an did not want to overwhelm my  Cisco 3750 stack (x3 switches).

Or, since I am not getting the full routing tables from the ISP, and utilizing default routes from the ISP (route maps ect.) ........will this assist in lowering the memory requirements for this configuration?

Just want to make sure I am on the right track
0
 
naderzCommented:
Yes, you will appear on the Internet via a public IP address from one of the ISPs you have mentioned. Since you have two connections to the Internet via two different ISPs, then each ISP will need to advertize your public IP address to the Internet via their network. This is so that if one of them looses connection to your network. the other one's advertizement kicks in and you have redundancy. To accomplish this, yes, you will need an IP subnet dedicated to you (thru one of the ISPs) and you need to have your own AS so that each ISP can communicate with you via BGP.

When you had mentioned BGP I assumed you had all that established.

Your memory requirements as far as BGP are nominal since all you are receiving from the ISPs is a default route. All you will advertize is also small: your public IP subnet; which should be /24 (ISPs will not advertize lower than /24). You do need to make sure, however, that your 3750s are capable of running BGP, etc.
0
 
mikebernhardtCommented:
This can be a problem- I also thought that you had the BGP AS and owned your own addressing. If you do ask ISP1 for public addressing, you have to make sure that ISP2 is willing to route it and that ISP1 is willing to advertise it separately. Some will be willing to do this only in a failover situation.

I don't think you will be able to get a public AS number if you have addressing owned by the ISP. You'd have to get a private AS number from the ISP, and have the other ISP agree to assign you the same one.

Also this is where the load-balancing concept breaks down, because although you can load-balance outbound via the default route, inbound traffic will always route via ISP1- your addressing will be a part of their larger net. And inbound traffic is normally far higher than outbound.

Also if you have a separate firewall to each ISP, you will have problems if traffic goes out through one ISP and back in the other ISP (or vice versa).
0
 
naderzCommented:
1. You can have a public AS with IP addresses from an ISP.
2. ISPs will route IP addresses of the other ISPs assigned to you. IP address subnet, however, cannot be smaller that /24.
3. Load-balancing concerns can be addressed depending on the architecture.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 6
  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now