BGP

Multihomed BGP
Configurations
Alvaro Retana
Cisco IOS®—Deployment
and Scalability
3203
1346_06_2000_c1_sec6 © 2000, Cisco Systems, Inc. 1
Agenda
• General Considerations
• Multihomed Networks
• Best Current Practices
3203
The Basics
General Considerations
3203
General Considerations
Agenda
• What is a multihomed network?

Motivation and Drivers
• BGP Route Selection Process
It’s effect on multihomed policy
3203
Stub Network
• No need for BGP

ISP advertises the stub
network
Policy confined within ISP AS
policy B 101
A
• Default to the border
AS
100
3203
Load-Sharing—Single Path
Router A:
interface loopback 0
ip address 10.60.0.1 255.255.255.255
!
router bgp 100
neighbor 10.200.0.2 remote-as 200
neighbor 10.200.0.2 update-source loopback0
neighbor 10.200.0.2 ebgp-multi-hop 2
Loopback 0
A 10.200.0.2
200
100
3203
Load-Sharing—Multiple Paths
from Same AS
Router A:
router bgp 100
maximum-paths 6
A 200
100
3203
What Is Multihoming?
• Connecting to two or more ISPs to

increase:
Reliability -- Ensure external connectivity
even if there’s a upstream failure
Performance -- Better paths to common
Internet destinations (policy settings)
Load Sharing -- Distribute traffic between
the different connections
3203
Multihomed Network
• Many situations possible

Separate connections to the same ISP
Secondary for only backup
Load sharing between primary and secondary
Selectively use different ISPs
AS 100
AS 300
A D
B C
AS 200
3203
BGP Route Selection Process
• Only ONE path is considered the

best at any time
• Policy can be set per router
to guarantee loop-free forwarding,
the policy should be consistent
across the AS
3203
Basic Decision Algorithm
Consider only (synchronized) routes with no AS loops

and valid next-hop, then prefer:
Highest WEIGHT
Highest LOCAL PREFERENCE
LOCALLY ORIGINATED (eg network/aggregate)
Shortest AS-PATH
Lowest ORIGIN (IGP < EGP < incomplete)
Lowest MED
EBGP
IBGP
Lowest IGP METRIC to next-hop
Lowest router-id
3203
AS_PATH
1883
• A list of AS to be traversed to 200.210.1.0/24 1881
reach a prefix 200.200.2.0/24
1880 1883 (AS_SEQUENCE)
• Path includes one or more

members of a set 1880 1882
{1880, 1881, 1882} (AS_SET) 200.200.3.0/24
• Used for loop detection! A
200.200.0.0/16 1880 {1881,1882}

200.210.1.0/24 1880 1883
3203
AS_PATH
B
690 1755 1880
193.0.32/24
A
• Configuration (rtr B): Needs to go to 690
router bgp 690 666
neighbor x.x.x.x remote-as 666
neighbor x.x.x.x route-map prepend
out 193.0.32/24 1880 1755 690
! 193.0.32/24 666 690 690 690
route-map prepend permit 10
match as-path 2
set as-path prepend 690 690
!
ip as-path access-list 2 permit ^$
3203
Multi-Exit Discriminator (MED)
• Indication (to external peers) of the

preferred path into an AS
used in multiple entry AS
non-transitive
• Compared only for routes received from
the same AS
unless bgp always-compare-med is enabled
• Lower MED value is more preferable
(default = 0)
3203
MED
690
1755 1880
B
209
• Configuration (rtr B):
router bgp 1755
neighbor x.x.x.x route-map set_MED out
!
route-map set_MED permit 10 Set MED = 2 for all
match as-path 2
routes originated in
set metric 2
! AS 690.
ip as-path access-list 2 permit _690$
3203
MED & IGP Metric
• set metric-type internal

enable BGP to advertise a MED which
corresponds to the IGP metric values
changes are monitored (and re-
advertised if needed) every 600s
bgp dynamic-med-interval <secs>
3203
MED - Example
200.200.1.0/24
AS 200
D
E
200.200.1.0/24 200.200.1.0/24
MED = 10 MED = 40
A B
AS 400
C Chooses the
C shortest path to the
3203 destination.
Deterministic MED
• By default, the prefixes are compared

in order of arrival
it may result in inconsistent decisions
use bgp deterministic-med
the bestpath is recalculated as soon as
the command is entered
3203
LOCAL_PREF
• Indication of preferred path to exit the

local AS
• Global to the local AS
• Paths with highest LOCAL-PREF are
most desirable (default = 100)
bgp default local-preference value
3203
LOCAL_PREF (Cont.)
690
1755 1880
A
• Configuration (rtr A): Needs to go to 690
router bgp 109 666
neighbor x.x.x.x route-map foo in
!
route-map foo permit 10 Set LOCAL_PREF =
match as-path 2 120 for all the routes
set local-preference 120
received from AS 1880.
!
ip as-path access-list 2 permit ^1880_
3203
Community Attribute
• Used to group destinations to help

scale policy application
• Each prefix can belong to multiple
communities
• Not propagated by default
neighbor ip-address send-community
3203
Problem: Scale Routing Policy

Solution: COMMUNITY
Communities:
1:100—customer routes Set Community
1:80—peer routes 1:80
CORE Peer A
Match Community
1:100
Match Community
1:100 1:80 Match Community
1:100
Set Community
1:100
Customer A Customer B
Full Routes Customer Routes
3203
Double the Fun!
Multihomed Networks
3203
Multihomed Networks
Agenda
• Types of Multihoming
Outbound Traffic
• Address Allocation Issues
Inbound Traffic
3203
Typical Multihomed E-Commerce
Network
ISP1
ISP2
Border Routers
(BGP and IGP) Si Si
Internal Routers
(BGP and/or IGP)
3203
Types of Multihoming
• Three common cases:

Default from all providers
Customer+Local routes from all
providers (partial routes)
Full routes from all providers
3203
Default from All Providers
• Low memory/CPU solution

• Provider sends BGP default
exit point selected by IGP metrics
to reach default
• All the local routes are advertised to
the provider
inbound path decided by Internet
influence using AS-path prepend
3203
AS 100
160.10.0.0/16
AS 200 AS 300
D E
0.0.0.0 0.0.0.0
A B
AS 400
C Chooses Lowest
C IGP Metric to Default
3203
AS 100
160.10.0.0/16
AS 200 AS 300
D E
0.0.0.0 0.0.0.0
A B
AS 400
Closest exit used -
C D “watershed effect”
3203
Partial Routes from All Providers
• Medium memory and CPU

• Best path is usually determined by the
shortest AS-path
• Use local-preference to override based
on prefix, as-path, or community
• IGP metric to default used for all other
destinations
3203
Customer
AS 100
160.10.0.0/16
Provider Provider
AS 200 AS 300
D E
A B
C Chooses
AS 400
Shortest AS Path
C
3203
Customer
AS 100
160.10.0.0/16
Provider Provider
AS 200 AS 300
D 800 E
A B ip prefix-list AS100 permit

C Chooses Highest
AS 400 16.10.0.0/16
Local-Preference route-map AS300in permit 10
match ip address prefix-list AS100
C set local-preference 800
3203
Full Routes from All Providers
• Higher memory/CPU solution

• Reach all destinations by selecting
the best path—usually shortest AS
path
• May still manually tune using local-
pref and as-path/community/prefix
matches
3203
Full Routes from All Providers
AS 100 AS 500
AS 200 AS 300
D E
A B
AS 400
C Chooses
Shortest AS Path C
3203
Controlling Inbound Traffic?
• Very difficult due to lack of transitive

metric.
• Dependency on ownership of the IP
address space.
• Can divide outgoing updates across
providers, but what happens to
redundancy?
3203
Address Allocation Cases
• Provider Derived Address Space

• Provider Independent Address Space
(portable block)
• Address Space owned by other
Providers
• Address Space owned by both
Providers
3203
Address Allocation
“A multihomed network cannot

use a provider’s connection
unless the provider advertises
the network’s routes to the rest
of the Internet.
Praveen Akkiraju,
Multihoming Strategies for Internet Connectivity
”
3203
Provider Derived Address Space
• Simple addressing scheme

• Major providers own CIDR blocks.
The assign part of it to their customers.
The provider may aggregate the
customer routes back into its CIDR
block.
• Must use with provider’s policy
3203
Aggregation
• Example:
router bgp 1880 1883
network 200.200.1.0 200.200.2.0/24
aggregate-address 200.200.0.0 255.255.0.0 as-set
1880
200.200.1.0/24 1881
200.200.3.0/24
200.200.0.0/16 1880 {1881,1883}

A
3203
Provider Derived Address Space
AS 100
200.200.0.0/16 200.200.1.0/24
Provider Provider
AS 200 AS 300
D E
200.200.1.0/24 200.200.1.0/24
A B
AS 400
The more specific
route of taken
C back.
3203
Portable Addressing
• The address space is owned by the

local network
• Policy set locally
• Can’t be aggregated by any provider
Prefix must be “leaked”
May be filtered upstream
3203
Portable Addressing
AS 100
210.210.1.0/24 210.210.1.0/24
Provider Provider
AS 200 AS 300
D E
210.210.1.0/24 210.210.1.0/24
A B
Any path may be AS 400
chosen by the remote
AS. C
3203
Using AS-PATH prepend
Customer 210.210.1.0/24 300 400 400

AS 100 210.210.1.0/24 200 400 (best)
Provider Provider
AS 200 AS 300
D E
A B ip prefix-list AS100 permit

AS 400 210.210.1.0/24
route-map AS300out permit 10
C match ip address prefix-list AS100
set as-path prepend 400
3203
Address Space owned by other

Providers
• One of the providers may aggregate,

but the other can’t
• Policy may be set locally
restricted if aggregated
3203
Address Space owned by other
Providers
AS 100 220.220.0.0/16
200.200.0.0/16 200.200.1.0/24
Provider Provider
AS 200 AS 300
D E
200.200.1.0/24 200.200.1.0/24
A B
AS 400
The more specific
route of taken
C back.
3203
Address Space owned by both

Providers
• Complex addressing scheme needed

• The advertisements must be leaked
by both providers
• Symmetry is not easily achievable
must leak all routes on all providers
use as-path prepend
3203
Address Space owned by both
Providers
220.220.1.0/24 AS 100 220.220.0.0/16

200.200.0.0/16 200.200.1.0/24
Provider Provider
AS 200 AS 300
D E
200.200.1.0/24 200.200.1.0/24
A B 220.220.1.0/24
220.220.1.0/24
AS 400
C
3203
Be a Good Neighbor
Best Current Practices
3203
Best Current Practices
Agenda
• BGP Specific Issues

MD5 Authentication
Route Dampening
• General Filtering
Use the same filters for packet
forwarding and received updates
3203
MD5 Authentication
• Used in BGP to authenticate the TCP

session
the contents of the session are not
authenticated
• Configure authentication to avoid
establishing sessions with rogue
peers router bgp 109
neighbor 1.1.1.1 password xxxx
3203
Route Flap Dampening
• Route flaps ripple through the entire

Internet
up and down of path
change in attributes
• Constant changes in the BGP table
wastes CPU and bandwith
• Objective: reduce the scope of route
flap propagation
3203
Route Flap Dampening
Suppress-Limit
Penalty Reuse-Limit
2
0
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Time
3203
Selective Dampening
• Selective dampening based on

AS-PATH
Community
Prefix
• Variable dampening
3203
Dampening Configuration
• bgp damping <halflife-time> <reuse> <suppress>

<maximum-suppress-time>
• Example:
router bgp 109
bgp dampening route-map SELECTIVE _DAMPENING
!
access-list 110 permit ip any 255.255.255.0 0.0.0.255
access-list 111 permit ip any any
!
route-map SELECTIVE_DAMPENING permit 10
match ip address 110
set dampening 30 125 2000 120
!
route-map SELECTIVE_DAMPENING permit 20
match ip address 111
set dampening 25 750 2000 45
3203
!
RFC 1918 Filtering
router bgp 109

neighbor 1.1.1.1 prefix-list rfc-1918 in
!
prefix-list rfc-1918 deny 10.0.0.0/8 le 32
prefix-list rfc-1918 permit 0.0.0.0/0 le 32
Customer
ISP Network
Network
Ingress to Internet
3203
Limit the Updates

router bgp 1
neighbor 1.1.1.2 prefix-list customer in
neighbor 1.1.1.2 maximum-prefix 500
!
prefix-list customer permit 200.200.1.0/24
prefix-list customer deny 0.0.0.0/0 le 32
Customer
ISP Network:
Network 200.200.1.0/24
router bgp 109

neighbor 1.1.1.1 prefix-list local in
neighbor 1.1.1.1 filter-list 1 out
!
prefix-list local deny 200.200.1.0/24 le 32
prefix-list local any 0.0.0.0/0 le 32
!
3203
Ip as-path access-list 1 permit ^$
References - Registration
• American Registry for Internet

Numbers (ARIN)
http://www.arin.net/
• The Internet Corporation of Assigned
Names and Numbers (ICANN)
http://www.icann.org
3203
References - BGP
• Requests for Comments (RFC)

1918 Address Allocation for Private
Internets
1998 An Application of the BGP
Community Attribute in Multi-home
Routing
2008 Implications of Various Address
Allocation Policies for Internet Routing
3203
References - BGP
2260 Scalable Support for Multi-homed

Multi-provider Connectivity
2827 Network Ingress Filtering:
Defeating Denial of Service Attacks
which employ IP Source Address
Spoofing
3203
References - BGP
• Enabling Enterprise Multihoming with

Cisco IOS Network Address
Translation
http://www.cisco.com/warp/public/cc/cisco/
mkt/ios/nat/tech/emios_wp.htm
• Internet Routing Architectures. Sam

Habali
3203
3203

BGP

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

BGP

Uploaded by

Copyright:

Available Formats

Multihomed BGP

• What is a multihomed network?

• No need for BGP

• Connecting to two or more ISPs to

• Many situations possible

BGP Route Selection Process

• Only ONE path is considered the

Consider only (synchronized) routes with no AS loops

• Path includes one or more

200.200.0.0/16 1880 {1881,1882}

Multi-Exit Discriminator (MED)

• Indication (to external peers) of the

MED & IGP Metric

• set metric-type internal

• By default, the prefixes are compared

• Indication of preferred path to exit the

• Used to group destinations to help

Problem: Scale Routing Policy

• Three common cases:

• Low memory/CPU solution

Default from All Providers

Partial Routes from All Providers

• Medium memory and CPU

Partial Routes from All Providers

A B ip prefix-list AS100 permit

• Higher memory/CPU solution

Full Routes from All Providers

• Very difficult due to lack of transitive

Address Allocation Cases

• Provider Derived Address Space

“A multihomed network cannot

Provider Derived Address Space

• Simple addressing scheme

200.200.0.0/16 1880 {1881,1883}

Provider Derived Address Space

• The address space is owned by the

Customer 210.210.1.0/24 300 400 400

A B ip prefix-list AS100 permit

Address Space owned by other

• One of the providers may aggregate,

Address Space owned by both

• Complex addressing scheme needed

220.220.1.0/24 AS 100 220.220.0.0/16

Best Current Practices

• BGP Specific Issues

• Used in BGP to authenticate the TCP

• Route flaps ripple through the entire

Route Flap Dampening

• Selective dampening based on

• bgp damping <halflife-time> <reuse> <suppress>

router bgp 109

Limit the Updates

router bgp 109

• American Registry for Internet

• Requests for Comments (RFC)

2260 Scalable Support for Multi-homed

• Enabling Enterprise Multihoming with

• Internet Routing Architectures. Sam

You might also like