Subnet Toolsand other network tips

AS Path Prepend in a multipath network

In this scenario we have a dual connected site and are using BGP multipath to load balance the traffic over the two connections. This is very dangerous to do when beancounters are around because they often want you to use both connections to 100% (or at least over 50%) so you end up without the redundancy you wanted. There are reasons for doing it such as to mitigate the slow convergence time of BGP by having the other route ready and waiting in the routing table in case one of the circuits fails.

In the scenario we want to do some maintenance on the routers so want to be able to make one route active and the other passive for a controlled period. Obviously you could just power down the router and let if fail over or shut the external serial link down however that may not always be desirable in an IT service oriented organisation.

The easiest way is to use AS Path Prepend on the router you wish to make passive to prepend a few copies of the ASN to the AS Path. This will make the route appear less desirable both to internal iBGP hosts and external eBGP neighbours such as your MPLS service provider.

Here’s the inital config:

 

hostname R1
!
 interface Loopback0
 ip address 1.1.1.1 255.255.255.255
 !
 interface FastEthernet0/0
 ip address 192.168.0.0 255.255.255.254
 duplex auto
 speed auto
 !
 interface Serial0/0
 ip address 192.168.0.9 255.255.255.254
 clock rate 2000000
 !
 interface FastEthernet0/1
 ip address 192.168.0.13 255.255.255.254
 duplex auto
 speed auto
 !
 router eigrp 5
 network 1.1.1.1 0.0.0.0
 network 192.168.0.0 0.0.0.1
 network 192.168.0.12 0.0.0.1
 no auto-summary
 !
 router bgp 555
 no synchronization
 bgp log-neighbor-changes
 network 1.1.1.1 mask 255.255.255.255
 neighbor 2.2.2.2 remote-as 555
 neighbor 2.2.2.2 update-source Loopback0
 neighbor 2.2.2.2 soft-reconfiguration inbound
 neighbor 7.7.7.7 remote-as 555
 neighbor 7.7.7.7 update-source Loopback0
 neighbor 7.7.7.7 next-hop-self
 neighbor 192.168.0.8 remote-as 1010
 neighbor 192.168.0.8 soft-reconfiguration inbound
 no auto-summary
 !

 

hostname R2
!
interface Loopback0
 ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
 ip address 192.168.0.1 255.255.255.254
 duplex auto
 speed auto
!
interface Serial0/0
 ip address 192.168.0.11 255.255.255.254
 clock rate 2000000
!
interface FastEthernet0/1
 ip address 192.168.0.15 255.255.255.254
 duplex auto
 speed auto
!
router eigrp 5
 network 2.2.2.2 0.0.0.0
 network 192.168.0.0 0.0.0.1
 network 192.168.0.14 0.0.0.1
 no auto-summary
!
router bgp 555
 no synchronization
 bgp log-neighbor-changes
 network 2.2.2.2 mask 255.255.255.255
 neighbor 1.1.1.1 remote-as 555
 neighbor 1.1.1.1 update-source Loopback0
 neighbor 1.1.1.1 soft-reconfiguration inbound
 neighbor 7.7.7.7 remote-as 555
 neighbor 7.7.7.7 update-source Loopback0
 neighbor 7.7.7.7 next-hop-self
 neighbor 192.168.0.10 remote-as 1010
 neighbor 192.168.0.10 soft-reconfiguration inbound
 no auto-summary
!
hostname R3
!
interface Loopback0
 ip address 3.3.3.3 255.255.255.255
!
interface FastEthernet0/0
 ip address 192.168.0.2 255.255.255.254
 duplex auto
 speed auto
!
interface Serial0/0
 ip address 192.168.0.8 255.255.255.254
 clock rate 2000000
!
interface FastEthernet0/1
 ip address 192.168.0.6 255.255.255.254
 duplex auto
 speed auto
!
router eigrp 10
 network 3.3.3.3 0.0.0.0
 network 192.168.0.2 0.0.0.1
 network 192.168.0.6 0.0.0.1
 no auto-summary
!
router bgp 1010
 no synchronization
 bgp log-neighbor-changes
 network 3.3.3.3 mask 255.255.255.255
 neighbor 4.4.4.4 remote-as 1010
 neighbor 4.4.4.4 update-source Loopback0
 neighbor 4.4.4.4 soft-reconfiguration inbound
 neighbor 5.5.5.5 remote-as 1010
 neighbor 5.5.5.5 update-source Loopback0
 neighbor 5.5.5.5 next-hop-self
 neighbor 5.5.5.5 soft-reconfiguration inbound
 neighbor 192.168.0.9 remote-as 555
 neighbor 192.168.0.9 soft-reconfiguration inbound
 no auto-summary
!

 

hostname R4
!
interface Loopback0
 ip address 4.4.4.4 255.255.255.255
!
interface FastEthernet0/0
 ip address 192.168.0.3 255.255.255.254
 duplex auto
 speed auto
!
interface Serial0/0
 ip address 192.168.0.10 255.255.255.254
 clock rate 2000000
!
interface FastEthernet0/1
 ip address 192.168.0.4 255.255.255.254
 duplex auto
 speed auto
!
router eigrp 10
 network 4.4.4.4 0.0.0.0
 network 192.168.0.2 0.0.0.1
 network 192.168.0.4 0.0.0.1
 no auto-summary
!
router bgp 1010
 no synchronization
 bgp log-neighbor-changes
 network 4.4.4.4 mask 255.255.255.255
 neighbor 3.3.3.3 remote-as 1010
 neighbor 3.3.3.3 update-source Loopback0
 neighbor 3.3.3.3 soft-reconfiguration inbound
 neighbor 5.5.5.5 remote-as 1010
 neighbor 5.5.5.5 update-source Loopback0
 neighbor 5.5.5.5 next-hop-self
 neighbor 5.5.5.5 soft-reconfiguration inbound
 neighbor 192.168.0.11 remote-as 555
 neighbor 192.168.0.11 soft-reconfiguration inbound
 no auto-summary
!

 

hostname R5
!
interface Loopback0
 ip address 5.5.5.5 255.255.255.255
!
interface FastEthernet0/0
 ip address 192.168.0.7 255.255.255.254
 duplex auto
 speed auto
!
interface Serial0/0
 no ip address
 shutdown
 clock rate 2000000
!
interface FastEthernet0/1
 ip address 192.168.0.5 255.255.255.254
 duplex auto
 speed auto
!
router eigrp 10
 network 5.5.5.5 0.0.0.0
 network 192.168.0.4 0.0.0.1
 network 192.168.0.6 0.0.0.1
 no auto-summary
!
router eigrp 1010
 auto-summary
!
router bgp 1010
 no synchronization
 bgp log-neighbor-changes
 network 5.5.5.5 mask 255.255.255.255
 neighbor 3.3.3.3 remote-as 1010
 neighbor 3.3.3.3 update-source Loopback0
 neighbor 3.3.3.3 soft-reconfiguration inbound
 neighbor 4.4.4.4 remote-as 1010
 neighbor 4.4.4.4 update-source Loopback0
 neighbor 4.4.4.4 soft-reconfiguration inbound
 maximum-paths 2
 maximum-paths ibgp 2
 no auto-summary
!

 

hostname R7
!
interface Loopback0
 ip address 7.7.7.7 255.255.255.255
!
interface FastEthernet0/0
 ip address 192.168.0.12 255.255.255.254
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 192.168.0.14 255.255.255.254
 duplex auto
 speed auto
!
router eigrp 5
 network 7.7.7.7 0.0.0.0
 network 192.168.0.12 0.0.0.1
 network 192.168.0.14 0.0.0.1
 no auto-summary
!
router bgp 555
 no synchronization
 bgp log-neighbor-changes
 network 7.7.7.7 mask 255.255.255.255
 neighbor 1.1.1.1 remote-as 555
 neighbor 1.1.1.1 update-source Loopback0
 neighbor 2.2.2.2 remote-as 555
 neighbor 2.2.2.2 update-source Loopback0
 maximum-paths 2
 maximum-paths ibgp 2
 no auto-summary
!

A quick look on R5 at the routes to R7 shows us that we’ve got two valid router via both of our WAN routers.

R5#sh ip route 7.7.7.7
Routing entry for 7.7.7.7/32
 Known via "bgp 1010", distance 200, metric 0
 Tag 555, type internal
 Last update from 3.3.3.3 00:02:04 ago
 Routing Descriptor Blocks:
 * 4.4.4.4, from 4.4.4.4, 00:02:04 ago
 Route metric is 0, traffic share count is 1
 AS Hops 1
 Route tag 555
 3.3.3.3, from 3.3.3.3, 00:02:04 ago
 Route metric is 0, traffic share count is 1
 AS Hops 1
 Route tag 555
R5#sh ip bgp 7.7.7.7
BGP routing table entry for 7.7.7.7/32, version 10
Paths: (2 available, best #1, table Default-IP-Routing-Table)
Multipath: eBGP iBGP
Flag: 0x820
 Not advertised to any peer
 555, (received & used)
 3.3.3.3 (metric 409600) from 3.3.3.3 (3.3.3.3)
 Origin IGP, metric 0, localpref 100, valid, internal, multipath, best
 555, (received & used)
 4.4.4.4 (metric 409600) from 4.4.4.4 (4.4.4.4)
 Origin IGP, metric 0, localpref 100, valid, internal, multipath
R5#

To change the AS path prepend start with a route map on R3. In this case we are going to prepend the AS twice. Once this is done it can be applied to the R3 neighbourship with the service provider router.

route-map BACKUP-IN permit 10
 set as-path prepend 555 555
!
route-map BACKUP-OUT permit 10
 set as-path prepend 1010 1010
!
router bgp 1010
 neighbor 192.168.0.9 route-map BACKUP-IN in
 neighbor 192.168.0.9 route-map BACKUP-OUT out

You will then have to do a clear ip bgp 192.168.0.9 to apply and then check the routing on R5 again.

R5#sh ip bgp 7.7.7.7
BGP routing table entry for 7.7.7.7/32, version 16
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Multipath: eBGP iBGP
Flag: 0x800
  Not advertised to any peer
  555 555 555, (received & used)
    3.3.3.3 (metric 409600) from 3.3.3.3 (3.3.3.3)
      Origin IGP, metric 0, localpref 100, valid, internal
  555, (received & used)
    4.4.4.4 (metric 409600) from 4.4.4.4 (4.4.4.4)
      Origin IGP, metric 0, localpref 100, valid, internal, best
R5#sh ip route 7.7.7.7
Routing entry for 7.7.7.7/32
  Known via "bgp 1010", distance 200, metric 0
  Tag 555, type internal
  Last update from 4.4.4.4 00:11:55 ago
  Routing Descriptor Blocks:
  * 4.4.4.4, from 4.4.4.4, 00:11:55 ago
      Route metric is 0, traffic share count is 1
      AS Hops 1
      Route tag 555

R5#

You can see why by taking a look at the AS path.

R5#sh ip bgp | begin Network
   Network          Next Hop            Metric LocPrf Weight Path
* i1.1.1.1/32       3.3.3.3                  0    100      0 555 555 555 i
*>i                 4.4.4.4                  0    100      0 555 i
* i2.2.2.2/32       3.3.3.3                  0    100      0 555 555 555 i
*>i                 4.4.4.4                  0    100      0 555 i
r>i3.3.3.3/32       3.3.3.3                  0    100      0 i
r>i4.4.4.4/32       4.4.4.4                  0    100      0 i
*> 5.5.5.5/32       0.0.0.0                  0         32768 i
* i7.7.7.7/32       3.3.3.3                  0    100      0 555 555 555 i
*>i                 4.4.4.4                  0    100      0 555 i
R5#

Tags: , ,

Comments are currently closed.