BGP peering + Load balancing

We have a basic BGP setup in house to host our own dedicated subnet and AS with a single ISP.

This was setup by the previous tech with the help of the ISP several years ago.

Our company now wants to replace our BGP router with a pair of redundant Cisco routers and add a second peered ISP for failover.


What is the optimal configuration for this?

Should I run each of the two routers on one ISP each? or setup both ISPs on both devices?
How do I load balance the traffic between the two? or is it best to have them active/passive?
LVL 1
PerimeterITAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

pergrCommented:
There are more than one way to skin a cat...

Hence, if possible, I would prefer to putting both ISP on both routers. However, that would require each ISP to either peer on a /29 network, possibly using a switch between the ISP and the two routers. An alternative is using two point-to-point links to each ISP (/30 or /31).

Note that if you want to load balance your outgoing traffic, then you need to (ideally) receive and hold the full internet routing table from both ISP - which requires quite large routers. Perhaps you plan on buying large routers anyway - you do not mention what bandwidth you serve. Keep IPv6 in mind too.

With two routers it is also good to plan how you connect to your internet network - possibly to your firewall(s) - and how that routers out. The simplest way might be VRRP to a virtual IP running between the routers.

If you have VRRP, with master on Router 1, and also have both ISP connected to both routers, then you can have Router 1 send traffic directly to any ISP. If you have each ISP connected to only one router, then Router 1 would need to forward traffic to Router 2, if ISP 2 is the preferred one for the destination network.

In any case, you also need to run iBGP between the two routers.

There is no right or wrong here - just many ways to skin a cat.

Only one ISP on each router is possibly easier to design, configure and troubleshoot - and redundant enough. You will just have problems if ISP 1 has a problem at the same time as you have a problem with Router 2 (and vise versa).
pergrCommented:
PS. I would buy two Juniper MX104-MX5-AC, for a box with 20 x 1G interfaces, able to carry the full internet routing tables, IPv4 and IPv6.
PerimeterITAuthor Commented:
The routers we got are not powerful enough for a full BGP table. We are running 2x 2811's with max RAM until our budget cycle can come back around.

Regardless bandwidth wise it's a pair of 10mb sync connections. It's not alot of throughput.

If I ran each router with a single ISP and only ran a partial table what would be the limitations?

Should I still use VRRP in that case?
I would assume I would have to set router 1 (the master) to send partial traffic to router 2 using PBR?


If I can't load balance then is it just a matter of running an IGP like EIGRP and setting router 2 as a backup gateway? how do I configure the BGP to accept traffic from both ISP during a failover event?
pergrCommented:
Under all circumstances you should run iBGP between the two routers.

If your inside network use static routing, then VRRP is your preferred choice to attract outgoing traffic.

Since you have only two routers, and I assume these are also directly connected to each other, you can run the iBGP session between interfaces. An alternative is to run OSPF between the two routers and the iBGP session between loopback interfaces...

You can accept partial tables from each ISP, and then share those between the two routers in the iBGP session. No PBR is needed.

You u need to figure out how many routes your routers can handle, and discuss it with the providers. Perhaps they can advertise to you a good choice of routes, such as their own customer routes, etc, They should also advertise a default route to you, and then you need to decide which ISP you will prefer the default route from and configure a higher Local Preference for that peer.

Make sure you advertise to your up links only your own routes, and not those from the other ISP (and not a default route).

BGP will handle fail over automatically.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Routers

From novice to tech pro — start learning today.