I have a multi-homing BGP setup (2 interfaces, 2 ISPs, 2 BGP sessions, receiving full-updates and partial updates respectively) with MT as edge router. On the same router I have another 2 interfaces with internet connectivity (no BGP here).
On the inside interfaces I have the network which will be advertised into BGP (1.2.3.0/24) but also other networks that have to use the other internet connections to go outside.
My question is how can I route the traffic coming from 1.2.3.0/24 network to always exit through BGP and the traffic coming from another inside network to be routed through the other 2 connections to the internet? The ISP failover is based on local preference for the outgoing traffic and AS prepend and prefix length for the incoming traffic and I don’t want to override this.
I’m thinking on marking the traffic that has to go through BGP in prerouting but not sure how to implement it afterwards in order not to mess the actual BGP path selection mechanism.
I think I’ve got a little bit closer to the solution I’m looking for but I’m not able to test it in a lab environment. I’m thinking to:
stamp the incoming BGP routes with a route mark (e.g. bgp_mark) using routing filters applied to BGP peers as incoming
mark the traffic coming from 1.2.3.0/24 in prerouting with the same bgp_mark
add a route rule for all the packets with the mark bgp_mark (source IP in the 1.2.3.0/24), to lookup in the table bgp_mark that contains all the received BGP routes
First of all… why do you have Two BGP sessions, and another 2 'Internet Connectivity" ?
However having said that…
You are on the right track…
However I would not mark the bgp traffic, but do the policy routing for the other two internet connections.
I have two sessions with 2 different ISPs for production network. I also have another 2 connections to 2 ISP for branch internet access. The production and branch traffic will use the same MT router.
Your suggestion makes sense to mark only the branch traffic. My initial thought was to mark both production and branch traffic just to make sure there’s a firm sepparation on how they will exit.