BGP Load Sharing

Can someone give me a good generic way to load share BGP outbound. I have three connections a 40Mb/s; 20Mb/s; and a 20Mb/s connection. This is currently being done thought PBR. I have a /21 of internet ips and PBR says if you are in a certain /24 go out this connection. This does a good job sharing the outbound load but creates problems when we have a ISP failure.

On all three connections I am taking a partail table + default. Thanks.

BTW I am hoping to spawn a big discussion with this one..

Reply to
jcle
Loading thread data ...

Are your three connections to a single ISP, or different ISPs? If a single ISP, you can use "maximum paths."

Reply to
John Agosta

I am not against discussions, however I don't much fancy load sharing - ever really.

The problem with it is that when load sharing is used failures can be *much* more difficult to deal with.

Even the simplest case where say per packet load sharing is done through two outbound connections. If one connection suddenly goes bad and generates a 50% packet loss rate users will experience a 25% loss but it may well be difficult to figure out what is going on. What tools will you use to figure out which connection is bad?

Also remember that even when load sharing you can only influence outbound traffic - unless of course you use NAT after the load sharing point which is yet another layer of potential troubleshooting nightmare.

The correct answer when management says "Surely we can get something out of that expensive second circuit? Leaving it idle all of the time is making my head hurt." is to explain the the alternative is to have a less reliable network that is harder or even impossible to fix.

Just remember to make sure that the second path is regularly tested, preferrably with automatic tools.

Reply to
bod43

Thanks for the input The three different ISPs so peering loopbacks ebgp multihop with per packet is not an option.

The problem is that this is non profit with no budget..

If I pull off PBR which should be pulled off b/c it creates a routing loop when an isp goes down. We will be over CIR on any of the three connections.

Reply to
jcle

if you take a partial feed from each then you should already be automatically sending traffic to each ISP for their AS - they should be sending routes for anything local to them.

So the PBR should only be handling "other" stuff that doesnt go into your routing table?

maybe you need more than a partial BGP feed on at least some of the pipes so you can split by destination for other ASes?

a cisco article that may help:

formatting link

Reply to
Stephen

Stephen thanks for the input. The problem is that the providers are tier 3 so I don't see a whole lot of connectivity to other customers of the providers, otherwise getting provider generated routes would be the way to go. I think I am just going to have to get a full table from all providers and match different attributes with netflow reports to get it to work correctly.

The current PBR solution is legacy to me tenure. There are two edge routers in this senerio. They are tied with HSRP on the inside ip space. All traffic hits the master and there is a PBR statement on that interface that says if you are coming from this source IP set next hop to this ISP. The problem is if that ISP goes down PBR sends it there and that router gets a defualt route back at the hsrp master. So we get a routing loop. BGP can't really do its job. It works fine and dandy if all ISPs are up.

Reply to
jcle

Hi there,

Might it be easier to ask the ISPs to send you the routes?

Maybe you could negotiate that if the links are a bit old, and for the same price maybe you could get a upgrade? (I recently added 20Mbit for the same price on a 2 year old link that still has 1 year to go... ;) ).

That way you could share it with the routes from the ISP and fine tune it a bit...

Route maps (the link from Cisco someone posted has some nice tips on that...) may be a good choice too.

Oh, and check the local AND remote ISP IP address for your link for monitoring purposes... it's a pain when one of your links goes down and you reach the remote ISP route through THE OTHER active link... ;)

Cheers, Nuno

Reply to
Alael

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.