ExtremeSwitching (EXOS)

Expand all | Collapse all

BGP advertise-map in XOS

Jarek

Jarek06-20-2017 12:24

Jarek

Jarek06-20-2017 12:24

  • 1.  BGP advertise-map in XOS

    Posted 06-20-2017 11:05
    I have a Multi-homed Routers connected to 2 ISPs. I need to Create like an Advertise-map on the Standby Router connected to the Standby ISP to only advertise my Public address if the primary link goes down .

    Is there a way of doing it in XOS ?
    Thank You,
    Elie



  • 2.  RE: BGP advertise-map in XOS

    Posted 06-20-2017 11:46
    look towards configuring different localpref for different ISP-s



  • 3.  RE: BGP advertise-map in XOS

    Posted 06-20-2017 14:05
    Hi Elie,

    first of all you need to know what BGP communities are accepted by your ISP's.
    You should ask them, because sometimes they do not publish all BGP communities 🙂.

    You can use for example well known (if they are accepted):
    - no-export - which means do not export to any eBGP neighbor
    - no-advertise - which means, do not export to any BGP neighbor at all.--

    Jarek



  • 4.  RE: BGP advertise-map in XOS

    Posted 06-20-2017 15:30
    what if the primary link fails to the other ISP . how will the secondary ISP knows that so that their routers can remove these communities


  • 5.  RE: BGP advertise-map in XOS

    Posted 06-20-2017 15:38
    Guys, i have had a case open with Expedient and Cognet for almost a Year and ISPs are hard to deal with and it takes forever. i am trying to implement a Solution from my side . in my initial post i mentioned if someone know if there is a feature like bgp advertise-map as in cisco.
    thank you ,



  • 6.  RE: BGP advertise-map in XOS

    Posted 06-20-2017 17:16
    I hate to agree with the others here but your first step has to be working with the upstream provider you are paying good money to for the best way they would support your scenario. They each have their own rules on how they will send traffic back to you from other customers of theirs that are directly connected to them. They would prefer that traffic to remain on their direct connection to you and may be ignoring any community or pre-pend you are sending out. You must escalate and work through sales channel if you have to. Tell you get responses back from them you are just guessing and hoping for the best....


  • 7.  RE: BGP advertise-map in XOS

    Posted 06-20-2017 18:56
    Elie,

    This is only an idea and I don't have a time to put it all together, but...
    lets assume you have scenario like this bellow:

    Router Expedient - Low speed link
    /
    Your Standby Router (EXOS switch)
    |
    |
    |
    Your Main Router (EXOS switch)
    \
    Router Cogent - High speed link

    You advertise your prefix for example 10.0.0.0/24 from Main router:
    - dirtect to Cogent
    - to Standby Router and then to Expedient

    On Main Router you can have a UPM script and BGP export policy.

    The UPM script will check if some route is in table and this route nexthop is via Cogent
    or if the session is up and so on.
    If the route does not exists, you apply iBGP_export_Stby.pol to iBGP peer out to Standby Router
    and advertise prefix with community 65535:100
    If all is ok, unconfigure policy iBGP_export_Stby.pol

    ================= iBGP_export_Stby.pol =====================

    entry iBGP_peer_Main { if match all {
    nlri 10.0.0.0/24;
    } then {
    permit;
    community set 65535:100;
    }}

    ========================================================

    On Stanby Router you can have a policy that import prefix from Main router like this:
    If I receive my prefix from IBGP peer Main Router with community 65535:100
    then I will permit and then advertise to Expedient.
    If not deny the prefix and don't advertise anything.

    example
    ========== iBGP_import_Main.pol =============================
    entry iBGP_peer_Main { if match all {
    community 65535:100;
    nlri 10.0.0.0/24;
    } then {
    permit;
    }}

    entry IP_BGP_deny { if {
    } then {
    deny;
    }}
    ===========================================================

    --
    Jarek



  • 8.  RE: BGP advertise-map in XOS

    Posted 06-20-2017 12:24
    Elie,

    My understanding is that you would like to advertise only the public network to the ISP, with that in mind the below configuration should work. (please correct me if the requirement is something different)

    Below is the policy to filter the routes to be advertised and the command to apply the policy for a neighbor.

    edit policy Route_Filter

    entry permit-route {
    if match any {
    nlri 10.249.2.0/24;
    } then {
    permit;
    } }

    configure bgp neighbor 10.250.1.12 route-policy out Route_Filter



  • 9.  RE: BGP advertise-map in XOS

    Posted 06-20-2017 11:46
    the reason why i am looking into the advertise-map becasue i want to affect inbound traffic , i used the community tags and as-prepend , it is not working as expected



  • 10.  RE: BGP advertise-map in XOS

    Posted 06-20-2017 11:46
    do you use communities which your ISP-s understand?


  • 11.  RE: BGP advertise-map in XOS

    Posted 06-20-2017 11:46
    Hi Nick , Yes i use the https://onestep.net to configure the communities . the thing is i have a backup link of just 10 mbps and if only one internet source tries to route inbound to me on this link it will get over utilized , so i am looking into a solution that works 100 percent .



  • 12.  RE: BGP advertise-map in XOS

    Posted 06-20-2017 11:46
    But do your ISP-s support reading those communities?
    You may find out that by
    whois as65536 [/code]where 65536 is a number of autonomus system of your backup ISP


  • 13.  RE: BGP advertise-map in XOS

    Posted 06-20-2017 12:24
    They need to only advertise Public address if the primary link goes down .


  • 14.  RE: BGP advertise-map in XOS

    Posted 06-20-2017 12:24
    Hi Balaji, thank you for your reply , your configuration is correct which accomplish half of what i am looking for , the other half is that i want to advertise only this public prefix only and only if the connection to the primary ISP Fails. ( i have 2 routers connected to 2 different ISPs)


  • 15.  RE: BGP advertise-map in XOS

    Posted 06-20-2017 12:24
    my idea is to add a static blakchole route and track it by and ip sla , and add this route along with my public prefix in a route-map as an AND operation. so if the static route is there then permit the public prefix to be advertised


  • 16.  RE: BGP advertise-map in XOS

    Posted 06-20-2017 12:24
    Elie, your idea is not correct
    Your backup ISP should accept you announces with a minimal localpref
    So your prefixes will be accepted only if your first BGP session fails

    Our backup ISP does that automatically when we announce prefixes with a specific community:
    whois as20850 | grep ackup remarks: | 20850:50 will set Local Preference to 50 for use as Backup[/code]



  • 17.  RE: BGP advertise-map in XOS

    Posted 06-20-2017 12:24
    can you please explain more your idea or setup



  • 18.  RE: BGP advertise-map in XOS

    Posted 06-20-2017 12:24
    which AS numbers of you uplink ISP-s?
    I will help you to find out if your uplinks accept communities


  • 19.  RE: BGP advertise-map in XOS

    Posted 06-20-2017 12:24
    Cognet AS 174 (Primary) Expedient AS 17054 Secondary 


  • 20.  RE: BGP advertise-map in XOS

    Posted 06-20-2017 12:24
    Well, both uplinks are in ARIN area -- they do not have a strict policy to have an up-to-date information about peering as in RIPE area:
    Compare info about your secondary ISP https://whois.arin.net/rest/asn/AS17054 and our one: https://apps.db.ripe.net/search/lookup.html?source=ripe&key=AS20850&type=aut-num

    Therefore, you should manually write an e-mail to Expedient support or NOC team to find out if they support communities or localprefs or if they cat accept your announces with a minimal local preference



  • 21.  RE: BGP advertise-map in XOS

    Posted 06-20-2017 12:24
    Hi Nick,

    local preference is an attribute that routers exchange in the same AS.
    eBGP peer is not aware about it.

    --
    Jarek


  • 22.  RE: BGP advertise-map in XOS

    Posted 06-20-2017 12:24
    Elie,

    do you have your own AS and IP net block ?
    Or you have some IP's from Cogent and some from Expedient ?

    --
    Jarek



  • 23.  RE: BGP advertise-map in XOS

    Posted 06-20-2017 12:24
    I do not agree with you:
    If an ISP gets all prefix announces from their uplinks with, say, localpref 100, and from a specific customer on a direct link they get prefix announces with 50, then direct announce will become active only if their prefix will become invisible from their uplinks


  • 24.  RE: BGP advertise-map in XOS

    Posted 06-20-2017 12:24
    Nick,

    please see RFC4277 (https://tools.ietf.org/html/rfc4277)

    Page 6 says:

    BGP has a separate metric parameter for IBGP and EBGP. This allows policy-based metrics to overwrite the distance-based metrics; this allows each autonomous system to define its independent policies in Intra-AS, as well as Inter-AS. BGP Multi Exit Discriminator (MED) is used as a metric by EBGP peers (i.e., inter- domain), while Local Preference (LOCAL_PREF) is used by IBGP peers (i.e., intra-domain) ... and so on...

    As a customer you can't add localpref direct in your ISP/Upstream/Transit AS.
    Your ISP/Upstream/Transit can configure for customers on their own router/routers BGP community that you could use to change localpref for your prefix/prefixes in their AS.

    --
    Jarek



  • 25.  RE: BGP advertise-map in XOS

    Posted 06-20-2017 12:24
    Jarek, that's the point I'm trying to explain
    Or your upstream can manually accept your prefixes with a different localpref if you ask them to do that.


  • 26.  RE: BGP advertise-map in XOS

    Posted 06-20-2017 12:24
    You mean: upstream can accept BGP community that will change localpref for your prefix 🙂 ?

    --
    Jarek



  • 27.  RE: BGP advertise-map in XOS

    Posted 06-20-2017 12:24
    Yes, e.g. if you announce your prefixes to as20850 with community 20850:50 -- they will accept your announce and change localpref to 50
    Please see https://apps.db.ripe.net/search/lookup.html?source=ripe&key=AS20850&type=aut-num



  • 28.  RE: BGP advertise-map in XOS

    Posted 06-20-2017 12:24
    Ok, now it is clear :)

    --
    Jarek


  • 29.  RE: BGP advertise-map in XOS

    Posted 06-20-2017 12:24
    Ok, now it is clear :)

    --
    Jarek


  • 30.  RE: BGP advertise-map in XOS

    Posted 06-20-2017 15:30
    As i wrote before https://community.extremenetworks.com/extreme/topics/bgp-advertise-map-in-xos?topic-reply-list%5Bset...
    if secondary ISP receives routes with localpref 50 and from other uplinks with 100, then routes will become unavailable through other uplinks and become active through direct connection