NetworkTalk & BGP

B.2.d) Ebgp setup between RT-A and ISP-D-Link2 upstream link.

1. Same template as ISP-D-Link1 Ebgp link, however we will tag with LocalPref 90 the full Internet routing table received by ISP-D-Link2. Remember that by default, we wish, that upload/egress traffic leave across ISP-D-Link1 Ebgp speaker.

2. For ZONE-C we will force upload/outbound traffic through ISP-D-Link2 link by using policy base routing and next hop instructions.

For that purpose, we will use “set ip next-hop recursive” command.

If ISP-D-Link2 Ebgp neighbor is not available or joinable, and by so, the next-hop is not valid : the outbound traffic for ZONE-C will go through ISP-D-Link1 link, thanks to the recursive option which will search another active link to upload.

Remember the next-hop is the physical IP-address of the Ebgp neighbor connected to our router (careful to not be confused with the multi-hop feature).

3. Redirection of outbound traffic of Customers zones through ISP-D-Link-2:

 interface POS1/1/0
description “STM16-ISP-D-Link2 AS500”
ip address 40.40.40.6 255.255.255.252

interface POS1/1/1
description “Customer-ZONE-C_C AS2000”
ip address 11.11.225.1 255.255.255.252
ip policy route-map ZONE-C-UP

route-map ZONE-C-UPLOAD permit 10
match ip address ZONE-C-UPLOAD
set ip next-hop recursive 40.40.40.5


//We force ZONE-C Customer upload traffic to leave through ISP-D-Link2 Ebgp speaker

4.        Ebgp session with ISP-D-Link2 upstream link:

Table B-6

router bgp 1000
bgp log-neighbor-changes
neighbor 40.40.40.5 remote-as 500
neighbor 40.40.40.5 description ISP-D-Link2-Ebgp-Session
neighbor 40.40.40.5 version 4
!
neighbor 40.40.40.5 activate
neighbor 40.40.40.5 send-community both
neighbor 40.40.40.5 route-map AS-500-Link2-INCOMING in
neighbor 40.40.40.5 route-map AS-500-Link2-OUTGOING out

5. Route-map for downloading full routing table from ISP-D-Link2 Ebgp neighbor and tagged with LocalPref 90

ip as-path access-list 1 permit ^500_
route-map AS-500-Link2-INCOMING permit 10
match as-path 1
set local-preference 90

6. Route-maps for advertising Zone_C as-number (and its belonged prefixes):

ip as-path access-list 3 permit ^2000_
route-map AS-500-Link2-OUTGOING permit 10
match as-path 3
//all others zones will not use this link as backup for its ingress traffic

7. Ebgp session with Zone_C customer :

Zone-C customer has its own as-number and desires only that we sent them the default-route “0.0.0.0” and not the full Internet routing table which contains the 440k prefixes.

For information, you can find the template below.
We also limit the networks advertisement coming from Zone-C in order to not advertise by accident any non-desirable prefixes which do not belong to Customer-C as-number. Why?
It can happen that Customer-C sends accidently the entire Internet table to ISP-A (for instance an empty route-map), and by so ISP-A in his turn, advertises all the prefixes of Customer-C to ISP-D.

However if ISP-D puts a limit of receiving prefixes on its customer and a mechanism to cut the Ebgp session or damping, consequences will be unexpected and will degrade the service considerably.
For avoiding it, it is better to limit Customer-C to a specific list of announcement. The list needs of course to be communicated by Zone-C customer.

router bgp 1000
neighbor 11.11.225.2 remote-as 2000
neighbor 11.11.225.2 version 4
neighbor 11.11.225.2 description CustomerC-Ebgp-Session
neighbor 11.11.225.2 activate
!
neighbor 11.11.225.2 send-community
neighbor 11.11.225.2 default-originate
neighbor 11.11.225.2 prefix-list DEFAULT out
neighbor 11.11.225.2 route-map AS-2000-INCOMING in
ip as-path access-list 3 permit ^2000_
ip prefix-list DEFAULT seq 10 permit 0.0.0.0/0
ip prefix-list Zone-C-Network seq 10 permit 50.50.64.0/18

ip prefix-list Zone-C-Network seq 160 permit 50.50.72.0/22
route-map AS-2000-INCOMING permit 10
match ip address prefix-list Zone-C-Network

top

Come back to Tutorial Index”