Community discussions

MUM Europe 2020
 
boardman
Member Candidate
Member Candidate
Topic Author
Posts: 260
Joined: Fri May 28, 2004 11:10 pm
Location: Mexico
Contact:

BGP Multihomed - One route INACTIVE

Tue Jan 08, 2013 9:50 pm

Hello,

I a trying to do BGP peering with two bandwidth providers, according to example http://wiki.mikrotik.com/wiki/Manual:Si ... ultihoming en el setup que se llama “Load Sharing”.

My problem is one of the dynamic obtained routes is inactive

/ip route> print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
2 ADb 0.0.0.0/0 12.250.170.117 20
5 Db 0.0.0.0/0 50.84.34.213 20


Number 5 is NOT ACTIVE ... WHY? --- Attached screenshot .

Here's my conf, can you please help pointing me in the right direction?

/routing bgp instance
set default as=13959 client-to-client-reflection=no comment="Autophone of Laredo" disabled=no ignore-as-path-len=no name=default out-filter="" redistribute-con
no redistribute-ospf=no redistribute-other-bgp=no redistribute-rip=no redistribute-static=no router-id=0.0.0.0 routing-table=""

/routing bgp network
add disabled=no network=216.150.33.0/24 synchronize=no
add disabled=no network=216.150.32.0/24 synchronize=no
add disabled=no network=216.150.34.0/24 synchronize=no
add disabled=no network=216.150.35.0/24 synchronize=no
add disabled=no network=216.150.36.0/24 synchronize=no
add disabled=no network=216.150.37.0/24 synchronize=no
add disabled=no network=216.150.38.0/24 synchronize=no
add disabled=no network=216.150.39.0/24 synchronize=no
add disabled=no network=216.150.40.0/24 synchronize=no
add disabled=no network=216.150.41.0/24 synchronize=no
add disabled=no network=216.150.42.0/24 synchronize=no
add disabled=no network=216.150.43.0/24 synchronize=no
add disabled=no network=216.150.44.0/24 synchronize=no
add disabled=no network=216.150.45.0/24 synchronize=no
add disabled=no network=216.150.46.0/24 synchronize=no
add disabled=no network=216.150.47.0/24 synchronize=no

/routing bgp peer
add address-families=ip as-override=no comment="ACC AT&T" default-originate=never disabled=no hold-time=3m in-filter=isp1-in instance=default multihop=no name=
nexthop-choice=default out-filter=isp1-out passive=no remote-address=12.250.170.117 remote-as=7018 remove-private-as=no route-reflect=no tcp-md5-key="" ttl
use-bfd=no
add address-families=ip as-override=no comment=TWC default-originate=never disabled=no hold-time=3m in-filter=isp2-in instance=default multihop=no name=toISP2
nexthop-choice=default out-filter=isp2-out passive=no remote-address=50.84.34.213 remote-as=11427 remove-private-as=no route-reflect=no tcp-md5-key="" ttl=
use-bfd=no

/routing filter
add action=accept chain=isp1-out comment="Accept our own network and prepend second network" disabled=no invert-match=no prefix=12.217.156.216/29 set-bgp-prepend-path=""
add action=accept chain=isp1-out disabled=no invert-match=no prefix=216.150.32.0/24 set-bgp-prepend-path=""
add action=accept chain=isp1-out disabled=no invert-match=no prefix=216.150.33.0/24 set-bgp-prepend-path=""
add action=accept chain=isp1-out disabled=no invert-match=no prefix=216.150.34.0/24 set-bgp-prepend-path=""
add action=accept chain=isp1-out disabled=no invert-match=no prefix=216.150.35.0/24 set-bgp-prepend-path=""
add action=accept chain=isp1-out disabled=no invert-match=no prefix=216.150.36.0/24 set-bgp-prepend-path=""
add action=accept chain=isp1-out disabled=no invert-match=no prefix=216.150.37.0/24 set-bgp-prepend-path=""
add action=accept chain=isp1-out disabled=no invert-match=no prefix=216.150.38.0/24 set-bgp-prepend-path=""
add action=accept chain=isp1-out disabled=no invert-match=no prefix=216.150.39.0/24 set-bgp-prepend-path=""
add action=accept chain=isp1-out disabled=no invert-match=no prefix=216.150.40.0/24 set-bgp-prepend=3 set-bgp-prepend-path=""
add action=accept chain=isp1-out disabled=no invert-match=no prefix=216.150.41.0/24 set-bgp-prepend=3 set-bgp-prepend-path=""
add action=accept chain=isp1-out disabled=no invert-match=no prefix=216.150.42.0/24 set-bgp-prepend=3 set-bgp-prepend-path=""
add action=accept chain=isp1-out disabled=no invert-match=no prefix=216.150.43.0/24 set-bgp-prepend=3 set-bgp-prepend-path=""
add action=accept chain=isp1-out disabled=no invert-match=no prefix=216.150.44.0/24 set-bgp-prepend=3 set-bgp-prepend-path=""
add action=accept chain=isp1-out disabled=no invert-match=no prefix=216.150.45.0/24 set-bgp-prepend=3 set-bgp-prepend-path=""
add action=accept chain=isp1-out disabled=no invert-match=no prefix=216.150.46.0/24 set-bgp-prepend=3 set-bgp-prepend-path=""
add action=accept chain=isp1-out disabled=no invert-match=no prefix=216.150.47.0/24 set-bgp-prepend=3 set-bgp-prepend-path=""
add action=discard chain=isp1-out comment="Discard the rest" disabled=no invert-match=no set-bgp-prepend-path=""
add action=accept chain=isp2-out comment="Accept our networks and prepend AS path three times" disabled=no invert-match=no prefix=12.217.156.216/29 set-bgp-prepend=3 \
set-bgp-prepend-path=""
add action=accept chain=isp2-out disabled=no invert-match=no prefix=216.150.32.0/24 set-bgp-prepend=3 set-bgp-prepend-path=""
add action=accept chain=isp2-out disabled=no invert-match=no prefix=216.150.33.0/24 set-bgp-prepend=3 set-bgp-prepend-path=""
add action=accept chain=isp2-out disabled=no invert-match=no prefix=216.150.34.0/24 set-bgp-prepend=3 set-bgp-prepend-path=""
add action=accept chain=isp2-out disabled=no invert-match=no prefix=216.150.35.0/24 set-bgp-prepend=3 set-bgp-prepend-path=""
add action=accept chain=isp2-out disabled=no invert-match=no prefix=216.150.36.0/24 set-bgp-prepend=3 set-bgp-prepend-path=""
add action=accept chain=isp2-out disabled=no invert-match=no prefix=216.150.37.0/24 set-bgp-prepend=3 set-bgp-prepend-path=""
add action=accept chain=isp2-out disabled=no invert-match=no prefix=216.150.38.0/24 set-bgp-prepend=3 set-bgp-prepend-path=""
add action=accept chain=isp2-out disabled=no invert-match=no prefix=216.150.39.0/24 set-bgp-prepend=3 set-bgp-prepend-path=""
add action=accept chain=isp2-out disabled=no invert-match=no prefix=216.150.40.0/24 set-bgp-prepend-path=""
add action=accept chain=isp2-out disabled=no invert-match=no prefix=216.150.41.0/24 set-bgp-prepend-path=""
add action=accept chain=isp2-out disabled=no invert-match=no prefix=216.150.42.0/24 set-bgp-prepend-path=""
add action=accept chain=isp2-out disabled=no invert-match=no prefix=216.150.43.0/24 set-bgp-prepend-path=""
add action=accept chain=isp2-out disabled=no invert-match=no prefix=216.150.44.0/24 set-bgp-prepend-path=""
add action=accept chain=isp2-out disabled=no invert-match=no prefix=216.150.45.0/24 set-bgp-prepend-path=""
add action=accept chain=isp2-out disabled=no invert-match=no prefix=216.150.46.0/24 set-bgp-prepend-path=""
add action=accept chain=isp2-out disabled=no invert-match=no prefix=216.150.47.0/24 set-bgp-prepend-path=""
add action=discard chain=isp2-out comment="Discard the rest" disabled=no invert-match=no set-bgp-prepend-path=""
add action=discard chain=isp1-in comment="We do not need any routes from both ISPs, because default route is used to force outgoing traffic through ISP1 and leave ISP2 as backup\
. OJO ESTO PUEDE O NO REQUERIRSE !!!" disabled=yes invert-match=no set-bgp-prepend-path=""
add action=discard chain=isp2-in disabled=yes invert-match=no set-bgp-prepend-path=""

Thanks a lot for your help.

J. Boardman
You do not have the required permissions to view the files attached to this post.
 
boardman
Member Candidate
Member Candidate
Topic Author
Posts: 260
Joined: Fri May 28, 2004 11:10 pm
Location: Mexico
Contact:

Re: BGP Multihomed - One route INACTIVE

Wed Jan 09, 2013 12:50 am

BUMP
 
User avatar
nz_monkey
Forum Guru
Forum Guru
Posts: 1825
Joined: Mon Jan 14, 2008 1:53 pm
Location: Straya
Contact:

Re: BGP Multihomed - One route INACTIVE

Wed Jan 09, 2013 5:01 am

I dont see the problem, this is the behavior I would expect with two default routes received via BGP.

You cannot have two active routes to the same prefix with BGP, it does not support ECMP natively.
http://thebrotherswisp.com/ | Mikrotik MTCNA, MTCRE, MTCINE | Fortinet FTCNA, FCNSP, FCT | Extreme Networks ENA
 
savage
Forum Guru
Forum Guru
Posts: 1218
Joined: Mon Oct 18, 2004 12:07 am
Location: Cape Town, South Africa
Contact:

Re: BGP Multihomed - One route INACTIVE

Wed Jan 09, 2013 8:11 am

Yep.

Default expected behaviour. You are receiving two routes, with equal path length and cost.

If you want to distribute your traffic between your two peers, you will need to receive full routing tables from both your providers. BGP will then use AS Path length to determine which provider to use for which prefix
Regards,
Chris
 
boardman
Member Candidate
Member Candidate
Topic Author
Posts: 260
Joined: Fri May 28, 2004 11:10 pm
Location: Mexico
Contact:

Re: BGP Multihomed - One route INACTIVE

Wed Jan 09, 2013 8:13 pm

I dont see the problem, this is the behavior I would expect with two default routes received via BGP.

You cannot have two active routes to the same prefix with BGP, it does not support ECMP natively.
Thanks, that is what I had in mind but wanna be sure, what's the best way you recommend to balance the load between the two providers? By using Prepend, Local Preference or AS-PATH?
And for Upload... Policy routing? Or is there some BGP attribute that can be used?

Jorge
 
boardman
Member Candidate
Member Candidate
Topic Author
Posts: 260
Joined: Fri May 28, 2004 11:10 pm
Location: Mexico
Contact:

Re: BGP Multihomed - One route INACTIVE

Wed Jan 09, 2013 8:14 pm

Yep.

Default expected behaviour. You are receiving two routes, with equal path length and cost.

If you want to distribute your traffic between your two peers, you will need to receive full routing tables from both your providers. BGP will then use AS Path length to determine which provider to use for which prefix

Thanks, that is what I had in mind but wanna be sure, what's the best way you recommend to balance the load between the two providers? By using Prepend, Local Preference or AS-PATH?
And for Upload... Policy routing? Or is there some BGP attribute that can be used?

Do I forcefully have to receive full routing tables from both providers in order to be able to distribute traffic?

Jorge
 
boardman
Member Candidate
Member Candidate
Topic Author
Posts: 260
Joined: Fri May 28, 2004 11:10 pm
Location: Mexico
Contact:

Re: BGP Multihomed - One route INACTIVE

Fri Jan 11, 2013 2:25 am

Anyone ?

Thanks
 
samsung172
Forum Guru
Forum Guru
Posts: 1186
Joined: Sat Apr 04, 2009 3:45 am
Location: Østfold - Norway
Contact:

Re: BGP Multihomed - One route INACTIVE

Fri Jan 11, 2013 2:39 am

From manual :


Load sharing setup

Using previous setup we are kind of wasting one link. So it is possible to redesign our setup as illustrated below to utilize both links. Bgp-multihoming-download-sharing.png

The same as in previous setup BGP AS prepend will be used to achieve our goal. This time we will advertise one of the netowrks to ISP1 without prepend and another network prepended three times. The opposite for ISP2.

Outgoing filters to ISP1:
/routing filter
#accept our networks and prepend second network
add chain=isp1-out prefix=10.1.1.0/24 action=accept
add chain=isp1-out prefix=10.1.2.0/24 action=accept set-bgp-prepend=3
#discard the rest
add chain=isp1-out action=discard


Outgoing filters to ISP2:
/routing filter
#accept our networks and prepend first network
add chain=isp2-out prefix=10.1.1.0/24 action=accept set-bgp-prepend=3
add chain=isp2-out prefix=10.1.2.0/24 action=accept
#discard the rest
add chain=isp2-out action=discard


Configuration above is only for packets going to our network. There are several options how to deal with packets going from our network:
leave gateways as in main/backup configuration - this will result in only one link utilized and asymmetric routing
use policy routing to force outgoing packets over the same link as incoming
use BGP to receive full routing tables from both peers and using BGP attributes make part of the routes available through one link and other part through another link. For example, traffic local to your country is sent over ISP1 the rest is sent over ISP2.


All those methods are covered in other articles and will not be shown here.

[ Top | Back to Content ]
 
boardman
Member Candidate
Member Candidate
Topic Author
Posts: 260
Joined: Fri May 28, 2004 11:10 pm
Location: Mexico
Contact:

Re: BGP Multihomed - One route INACTIVE

Fri Jan 11, 2013 2:56 am

Thanks for your kind reply samsun172

If you see the first post, my router configuration is exactly as the example you are mentioning, I used precisely that one. But for some reason I can't find there's traffic on both ISP links; I have sixteen /24 networks, first set of 8 I want to get feed by ISP1 and second set of 8 by ISP2, so I setup my filters that way, using prepend=3. Currently there are NO users on the second set of networks, but I can see (torch) download traffic coming from BOTH ISP's ....

Any idea why? prepend=3 not enough? maybe prepend=10 should do it? ... I am not receiving full routes from ISP's should I ask them to forward those to me?

Any help will be really appreciated.


Best Regards
J. Boardman
 
samsung172
Forum Guru
Forum Guru
Posts: 1186
Joined: Sat Apr 04, 2009 3:45 am
Location: Østfold - Norway
Contact:

Re: BGP Multihomed - One route INACTIVE

Fri Jan 11, 2013 4:45 pm

If you peer With an AS'nr you should always get the full Internett BGP table from Your peer. Its a bit memory consuming, but to one peer 1 gig would do. 2 peer, should be ok with about 2gig memory.

The bgp route, would always take the AS path with shortest distance. If you have a default route (0.0.0.0.0/0) from one provider, and "low" distance, it's always used. If you have a lot of routes, all with different cost, the router will choose the one witch have the lowest path. After reciving full internet table, remember to remove the default route.

about the prepend stuff, its not easy to do it right without knowlege on what you do. and why. i have a little something. Read, and try to understand:

http://oreilly.com/catalog/bgp/chapter/ch06.html
 
cupis
Frequent Visitor
Frequent Visitor
Posts: 74
Joined: Sun Apr 10, 2011 1:25 am

Re: BGP Multihomed - One route INACTIVE

Fri Jan 11, 2013 6:04 pm

Any idea why? prepend=3 not enough? maybe prepend=10 should do it? ... I am not receiving full routes from ISP's should I ask them to forward those to me?
I'd suggest that you need to advertise your allocated /20 route (216.150.32.0/20). If your router will handle it, you can also ask your providers if they will give you partial+default routes (or full routes). This will mean that both providers will be routing inbound traffic for your and you will be automatically sharing your outbound traffic between the two based on standard BGP route-selection.

Get that all working and you'll likely find that you don't need to advertise the de-aggregated /24 prefixes, and you don't need to use path-prepending.

Regards,
 
boardman
Member Candidate
Member Candidate
Topic Author
Posts: 260
Joined: Fri May 28, 2004 11:10 pm
Location: Mexico
Contact:

Re: BGP Multihomed - One route INACTIVE

Fri Jan 11, 2013 6:44 pm

If you peer With an AS'nr you should always get the full Internett BGP table from Your peer. Its a bit memory consuming, but to one peer 1 gig would do. 2 peer, should be ok with about 2gig memory.

The bgp route, would always take the AS path with shortest distance. If you have a default route (0.0.0.0.0/0) from one provider, and "low" distance, it's always used. If you have a lot of routes, all with different cost, the router will choose the one witch have the lowest path. After reciving full internet table, remember to remove the default route.

about the prepend stuff, its not easy to do it right without knowlege on what you do. and why. i have a little something. Read, and try to understand:

http://oreilly.com/catalog/bgp/chapter/ch06.html
Thanks samsung172
 
boardman
Member Candidate
Member Candidate
Topic Author
Posts: 260
Joined: Fri May 28, 2004 11:10 pm
Location: Mexico
Contact:

Re: BGP Multihomed - One route INACTIVE

Fri Jan 11, 2013 6:45 pm

Any idea why? prepend=3 not enough? maybe prepend=10 should do it? ... I am not receiving full routes from ISP's should I ask them to forward those to me?
I'd suggest that you need to advertise your allocated /20 route (216.150.32.0/20). If your router will handle it, you can also ask your providers if they will give you partial+default routes (or full routes). This will mean that both providers will be routing inbound traffic for your and you will be automatically sharing your outbound traffic between the two based on standard BGP route-selection.

Get that all working and you'll likely find that you don't need to advertise the de-aggregated /24 prefixes, and you don't need to use path-prepending.

Regards,
Thanks cupis

Who is online

Users browsing this forum: No registered users and 6 guests