I have a situation where I have 2 different ISP's both providing GigE service to a single Cisco 7206vXR router. I have BGP configured, but when I look at the traffic flows almost all traffic is using single link, not both. In this case, What would be best config to have the traffic load balance between the 2?
In essence, ISP1 - 1.1.1.1/30, ISP2, 2.2.2.1/30 7206vXR G1/0 1.1.1.2/30 G12.2.2.2/30, Port-channel 1 3.3.3.1/28 to internal network. I have a /20 from ISP 1 and a /20 from Arin as a direct allocation. All traffic except web and email server is on Arin allocation which is announced via my ARIN obtained AS#. web and email server are on /20 from ISP1. Thoughts? Help please? I am trying to endure that I have 2 gig worth of bandwidth for end users to use (not at same time. Most bandwidth provided to end user is about 100 Meg.)
if, for example, your prefix is 192.168.0.0/22 and your ASN is 65535 then
sh ip bgp 192.168.0.0/22 | i 65535
Look at the paths available as known from this device. Unless both providers are middle to small and they connect upstream to the same set of providers, then I would expect to see both provider ASNs in the path. Count the number of ASNs in the path. Everything else being equal, the shortest path wins (fewer ASNs).
0
There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.
There are two equal paths between both providers. I would except *some* traffic via 174. Are you seeing none?
I would try updating your advertisements to announce the /20 to both, one /21 to one provider and the other /21 to the other provider. Make sure that both providers will accept /20 le 24.
0
Wyant NiswongerPresidentAuthor Commented:
Hi Jan.
Trying to make sure I get this right...
(names changed to protect the not so innocent)
ip prefix-list Cogent seq 5 permit 38.XX.XX.0/22
ip prefix-list Cogent seq 10 permit 38.XX.YY.0/22
ip prefix-list Cogent seq 20 permit 45.XX.XX.0/20
!
ip prefix-list InternetDefault seq 5 permit 0.0.0.0/0
!
ip prefix-list Arin seq 5 permit 45.XX.XX.0/20
route-map Cogent-Nitel-Out permit 10
match ip address prefix-list Arin
!
route-map Cogent-Nitel permit 10
match ip address prefix-list InternetDefault
!
route-map Cogent-Out permit 10
match ip address prefix-list Cogent
This is an example of splitting your inbound traffic between two providers. Your router will pick one default route. So, some incoming from both, all outgoing to one.
! insert the routes into the routing table
ip route 38.XX.XX.0/22 null0 250
ip route 38.XX.YY.0/22 null0 250
ip route 45.XX.XX.0/21 null0 250
ip route 45.XX.YY.0/21 null0 250
ip route 45.XX.XX.0/20 null0 250
! prefixes that you want to announce to Cogent
ip prefix-list Cogent seq 5 permit 38.XX.XX.0/22 le 24
ip prefix-list Cogent seq 10 permit 38.XX.YY.0/22 le 24
ip prefix-list Cogent seq 20 permit 45.XX.XX.0/20 le 24
ip prefix-list Cogent seq 30 permit 45.XX.XX.0/21 le 24
! prefixes that you want to announce to Nitel
ip prefix-list Nitel seq 5 permit 38.XX.XX.0/22 le 24
ip prefix-list Nitel seq 10 permit 38.XX.YY.0/22 le 24
ip prefix-list Nitel seq 20 permit 45.XX.XX.0/20 le 24
ip prefix-list Nitel seq 30 permit 45.XX.YY.0/21 le 24
! what you're willing to accept from either provider
ip prefix-list InternetDefault seq 5 permit 0.0.0.0/0
router bgp 3950NN
! networks that you want to advertise
! for simple announces without other traffic engineering
! just use prefix-lists
neighbor 38.104.XX.XX remote-as 174
neighbor 38.104.XX.XX soft-reconfiguration inbound
neighbor 38.104.XX.XX prefix-list InternetDefault in
neighbor 38.104.XX.XX prefix-list Cogent out
neighbor 64.191.XX.XX remote-as 53828
neighbor 64.191.XX.XX soft-reconfiguration inbound
neighbor 64.191.XX.XX prefix-list InternetDefault in
neighbor 64.191.XX.XX prefix-list Nitel out
The null routes combined with the network statements and prefix lists will determine what you send to your provider. If you send 45.xx.xx.0/20 and 45.xx.xx.0/21, you should see both of those being advertised. Most specific (/21) will win.
0
Wyant NiswongerPresidentAuthor Commented:
Sorry for the long delay. The changes recommended have not helped. I am seeing significant packet loss. I am on with one of the providers now.
0
Wyant NiswongerPresidentAuthor Commented:
When I setup your recommended solution, I cannot do the null 0 250. Here is the setup:
7206vXR
g0/1 --> Cogent ISP x.x.x.x/30
g0/3 --> Nitel ISP y.y.y.y/30
g0/2 --> Port Channel 1 to 2960 switch (Cat 6 copper) to G0/21
g4/0 --> Port Channel 1 to 2960 switch (Cat 6 copper) to G0/22
Port Channel 1 38.69.x.x/28
Router BGP statements ref'd above.
ip route 38.69.x.x/28 Cogent ISP
ip route 45.x.x.x/20 38.69.x.y/28 --> Without this traffic to uBR and from Customer segment stops. No routing protocol between internal devices.
ip route 38.12.x.x/21 38.69.x.y/28 -->See statement above
ip route 10.x.x.x/21 38.69.x.y/28 --> See statement above
2960 (no vlan 1, vlan 38 - 38.69.x.z/28. IP Default gateway Port-channel 1 on 7206 IP)
G0/1-4 -->Port Channel 3 to Windows server.(Web, email, etc)
G0/21-22 -->Port Channel 1 to 7206
G0/23-24 --> Port Channel 2 to uBR10K (MM Fiber)
uBR10K
G1/2/0-1 --> Port Channel 2 to 2960 38.69.x.y/28
Bundle 1
10.x.x.x CM
45.X.X.X/20 CPE
38.X.X.X CPE
static route 0 0 38.69.x.x/28 (Port channel 1 on router)
These are not valid routing statements on a 7206.
ip route 38.69.x.x/28 Cogent ISP
ip route 45.x.x.x/20 38.69.x.y/28
So, if you have a downstream device to which you need to route all subnets (for example),
ip route 38.XX.XX.0/22 38.69.x.x
ip route 38.XX.YY.0/22 38.69.x.x
ip route 45.XX.XX.0/21 38.69.x.x
ip route 45.XX.YY.0/21 38.69.x.x
ip route 45.XX.XX.0/20 38.69.x.x
If you want to send just the routing information from the 7206 (ip route, prefix-list, all bgp, etc) to my EE inbox, I can give you exact information back and then generically comment what was done here.
Want an exciting career in an emerging field? Earn your MS in Cybersecurity and get certified in ethical hacking or computer forensic investigation. WGU’s MSCSIA degree program was designed to meet the most recent U.S. Department of Homeland Security (DHS) and NSA guidelines.
Have you checked any route views tables to see if one provider carries a longer path than the other?
Are you doing any traffic engineering?