I am having some issues with my config, and was looking for some help with the config for my CCR1036-12G-4S.
A few notes
ISP 1 = Current receiving Full Routes - 450646 prefixes.
ISP 2 = I want to receive Full Routes, and load balance outbound/inbound traffic.
ISP 3 = IX = When receiving Full Routes from ISP1, IPS3 drops my connection. (I have a feeling i am broadcasting all routes to them).
My core switches are Cisco 3560.
I have a /21 and a /24.
My Objective:
- Fix the BGP annoucnment so the IX doesn’t drop my connection.
- Take 2 ports from the 3560 and truck them into the CCR1036-12G-4S.
- On the Cisco I would like to break up my /21 into smaller sub-nets with there own vlans.
- All traffic from the VLANs should routed back to out the CCR1036-12G-4S.
Any help would be much appreciated.
You can creat a route filter to drop all announcements except for your IP’s and use the filter on your bgp interfaces to ensure you only announce your ip space.
Do you have a sample config on how to setup this filter?
See attached route filters
chain=bgpfilter-21 prefix=1XX.XXX.XXX.0/21 prefix-length=21-24 invert-match=no action=accept set-bgp-prepend-path=“”
chain=bgpfilter-21 invert-match=no action=discard set-bgp-prepend-path=“”
I have both my ISP’s set to Out Filter=bgpfilter-21.
Where do I need to use the in Filter, or just the out?
It sounds like you got it. You could call your upline and have them watch your routes and then ensure that you are not attempting to advertise something you shouldn’t then try to advertise a private or something to ensure your filter is right.
Or if you have a couple of routers you can build your own test then watch the routes and route filter effects to gain comfort with them.
These rules work, but now I have another issue. When I enable the BGP with my IPX, my network ips stop responding. Any suggestions.
I am not sure what you mean by IPX, do you mean the Novel protocol IPX (http://en.wikipedia.org/wiki/Internetwork_Packet_Exchange)?
All BGP is doing is communicating routes. If enabling BGP is breaking something then I would suppose that your not advertising a route or not receiving route advertisements properly.
/routing bgp> network print
NETWORK SYNCHRONIZE
0 198.XXX..0/21 no
/routing> bgp peer print
INSTANCE REMOTE-ADDRESS REMOTE-AS
0 E default 64.xxx.xxx.xxx 19XXX
1 E default 208.XXX.XXX.5 1XX92
/routing> filter print
0 chain=bgpfilter-21 prefix=198.XXX.XXX.0/21 prefix-length=21-24
invert-match=no action=accept set-bgp-prepend-path=“”
1 chain=bgpfilter-21 invert-match=no action=discard set-bgp-prepend-path=“”
As soon as I enable the 2nd peer my IP’s no longer respond. The 2nd Peer is on a local Exchange.
Any help on this would be much appreciated, as I think google is going to ban me for too much searching 
.
You can look at how your BGP advertisements are working here: http://lg.level3.net/bgp/lg_bgp_main.php
If both ISP’s are accepting your routes and your routes to them are correct then I don’t know how it would be a BGP issue.
It could be a firewalling issue however: Check to see if you are dropping any traffic that has a TCP state of invalid. If you are routing all traffic out the first BGP peer, bringing the second peer up may cause the traffic to return over the second peer. Traffic that goes out one peer and returns on another peer would not all belong to the same TCP connection so the state would be invalid.
One solution would be to receive full routing tables from both peers which may allow your router to make the same routing decisions that the return path routers are making.