Community discussions

 
User avatar
bclewl1ns
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 60
Joined: Sat Jul 06, 2013 7:38 am
Contact:

BGP with two ISP's Load balanceing

Wed Apr 15, 2015 11:45 am

I have no idea what i am doing wrong. I have a CCR1036-12G-4S EM router. We are setting up BGP between two ISP's. ISP1 - ISP2 We are getting full routes from both ISP's. We are also advertising 4 routes.

The problem is we get a OPEN error: authentication failure on the second ISP.

A little back story we originally had ISP2 working prior to moving over ISP1. We were routing fine. IP's were propagating all was well. Then we hooked up ISP1. On ISP1 we were getting the authentication error. We connected the Carrier and they said we were sending them to many routes. During the trouble shooting we disabled ISP2 and ISP1 connect with no problems. But now we are getting the Authentication error on ISP2. - Same problem we are sending them to many routes

See config.

/routing bgp instance
set default as=62819 client-to-client-reflection=no router-id=XX.XXX.XXX.XX
/routing bgp network
add network=205.X.X.X/21 synchronize=no
add network=64.X.X.X/24 synchronize=no
add network=64.1.X.X/23 synchronize=no
add network=63.X.X.X/24 synchronize=no
/routing bgp peer
add name=toISP1-L3 out-filter=isp1-out remote-address=66.X.X.X remote-as=2XXX
add name=toISP2-CL out-filter=isp2-out remote-address=67.X.X.X remote-as=4XXX
/routing filter
add action=accept chain=isp1-out prefix=205.X.X.X/21
add action=accept chain=isp1-out prefix=64.X.X.X/24
add action=accept chain=isp1-out prefix=64.1.X.X/23
add action=accept chain=isp1-out prefix=63.X.X.X/24 set-bgp-prepend=3
add action=accept chain=isp2-out prefix=63.X.X.X/24
add action=accept chain=isp2-out prefix=64.1.X.X/24 set-bgp-prepend=3
add action=accept chain=isp2-out prefix=64.X.X.X/23 set-bgp-prepend=3
add action=accept chain=isp2-out prefix=205.X.X.X/21 set-bgp-prepend=3
add action=discard chain=isp1-out locally-originated-bgp=no
add action=discard chain=isp2-out locally-originated-bgp=no

In Winbox we are seeing under the advertisements tab
"There are to many advertisements to show them all.nPlease specify more specific Prefix filter.n

But when you click on "Or click to see them all. There are only 4 advertised routes to ISP1 and none to ISP2 as it is not connected.

I have no idea how we are sending routes from one Peer to another peer. any help here would be FANTASTIC.

We just upgraded to ROS6.28 (Yes i know bleeding edge but it fixed our negotiation problems)
Brett

What is understood need not be discussed.
 
User avatar
ZeroByte
Forum Guru
Forum Guru
Posts: 4051
Joined: Wed May 11, 2011 6:08 pm

Re: BGP with two ISP's Load balanceing

Wed Apr 15, 2015 3:17 pm

/routing filter
add action=accept chain=isp1-out prefix=205.X.X.X/21
add action=accept chain=isp1-out prefix=64.X.X.X/24
add action=accept chain=isp1-out prefix=64.1.X.X/23
add action=accept chain=isp1-out prefix=63.X.X.X/24 set-bgp-prepend=3
add action=accept chain=isp2-out prefix=63.X.X.X/24
add action=accept chain=isp2-out prefix=64.1.X.X/24 set-bgp-prepend=3
add action=accept chain=isp2-out prefix=64.X.X.X/23 set-bgp-prepend=3
add action=accept chain=isp2-out prefix=205.X.X.X/21 set-bgp-prepend=3
add action=discard chain=isp1-out locally-originated-bgp=no
add action=discard chain=isp2-out locally-originated-bgp=no
I would suggest that you change the discard rules to simply discard all. (no match criteria at all - just discard)
Your prefix lists already specify what prefixes you do want to allow, so then don't limit the default discard rule.

Another thing you could do to test is set up an ebgp test peer - just a router on a stick with a private IP and a private ASN number. Make sure it doesn't originate anything at all - then when you provision it as a neighbor in your production router, you can set out-filter=isp1-out and see what routes your test router learns. Make any "experimental" changes with a test-filter-out and when you get the results you want, modify isp1-out to match the test filter.
(if you change filters, you'll cause a BGP flap, so don't do that)
When given a spoon,
you should not cling to your fork.
The soup will get cold.

Who is online

Users browsing this forum: No registered users and 18 guests