With a dual-homed design, at least two links exist between the Enterprise and the ISP.
The Enterprise can announce to the ISP a value (MED) that tells the ISP which path into the Enterprise is best.
As a result, the ISP can discriminate between the multiple exit points from that ISP to the Enterprise.
Because MED lets the Enterprise ASN tell just the neighboring ASN which link into the Enterprise to use, engineers typically use MED when advertising an Enterprise’s public IP address space.
R1:
!
interface Loopback1
ip address 1.1.1.1 255.255.255.255
!
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 101.101.101.101 remote-as 101
neighbor 101.101.101.101 password ccnp
neighbor 101.101.101.101 ebgp-multihop 2
neighbor 101.101.101.101 update-source Loopback1
neighbor 102.102.102.102 remote-as 102
neighbor 102.102.102.102 ebgp-multihop 2
neighbor 102.102.102.102 update-source Loopback1
no auto-summary
!
ip forward-protocol nd
ip route 101.101.101.101 255.255.255.255 201.1.1.2
ip route 102.102.102.102 255.255.255.255 202.2.2.2
!
R2:
!
interface Loopback2
ip address 2.2.2.2 255.255.255.255
!
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 102.102.102.102 remote-as 102
neighbor 102.102.102.102 ebgp-multihop 2
neighbor 102.102.102.102 update-source Loopback2
no auto-summary
!
ip forward-protocol nd
ip route 102.102.102.102 255.255.255.255 202.2.2.6
!
R101:
!
interface Loopback101
ip address 101.101.101.101 255.255.255.255
!
router bgp 101
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 password ccnp
neighbor 1.1.1.1 ebgp-multihop 2
neighbor 1.1.1.1 update-source Loopback101
neighbor 104.104.104.104 remote-as 104
neighbor 104.104.104.104 password ccnp
neighbor 104.104.104.104 ebgp-multihop 2
neighbor 104.104.104.104 update-source Loopback101
no auto-summary
!
ip forward-protocol nd
ip route 1.1.1.1 255.255.255.255 201.1.1.1
ip route 104.104.104.104 255.255.255.255 114.1.1.2
!
R102:
!
interface Loopback102
ip address 102.102.102.102 255.255.255.255
!
router bgp 102
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 ebgp-multihop 2
neighbor 1.1.1.1 update-source Loopback102
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 ebgp-multihop 2
neighbor 2.2.2.2 update-source Loopback102
neighbor 103.103.103.103 remote-as 103
neighbor 103.103.103.103 ebgp-multihop 2
neighbor 103.103.103.103 update-source Loopback102
no auto-summary
!
ip forward-protocol nd
ip route 1.1.1.1 255.255.255.255 202.2.2.1
ip route 2.2.2.2 255.255.255.255 202.2.2.5
ip route 103.103.103.103 255.255.255.255 123.1.1.2
!
R103:
!
interface Loopback103
ip address 103.103.103.103 255.255.255.255
!
router bgp 103
no synchronization
bgp log-neighbor-changes
neighbor 102.102.102.102 remote-as 102
neighbor 102.102.102.102 ebgp-multihop 2
neighbor 102.102.102.102 update-source Loopback103
neighbor 104.104.104.104 remote-as 104
neighbor 104.104.104.104 ebgp-multihop 2
neighbor 104.104.104.104 update-source Loopback103
no auto-summary
!
ip route 102.102.102.102 255.255.255.255 123.1.1.1
ip route 104.104.104.104 255.255.255.255 134.1.1.2
!
R104:
!
interface Loopback40
ip address 192.168.40.40 255.255.255.255
!
interface Loopback41
ip address 192.168.41.41 255.255.255.255
!
interface Loopback42
ip address 192.168.42.42 255.255.255.255
!
interface Loopback43
ip address 192.168.43.43 255.255.255.255
!
interface Loopback44
ip address 192.168.44.44 255.255.255.255
!
interface Loopback104
ip address 104.104.104.104 255.255.255.255
!
router bgp 104
no synchronization
bgp log-neighbor-changes
network 192.168.40.40 mask 255.255.255.255
network 192.168.41.41 mask 255.255.255.255
network 192.168.42.42 mask 255.255.255.255
network 192.168.43.43 mask 255.255.255.255
network 192.168.44.44 mask 255.255.255.255
neighbor 101.101.101.101 remote-as 101
neighbor 101.101.101.101 password ccnp
neighbor 101.101.101.101 ebgp-multihop 2
neighbor 101.101.101.101 update-source Loopback104
neighbor 103.103.103.103 remote-as 103
neighbor 103.103.103.103 ebgp-multihop 2
neighbor 103.103.103.103 update-source Loopback104
no auto-summary
!
ip route 101.101.101.101 255.255.255.255 114.1.1.1
ip route 103.103.103.103 255.255.255.255 134.1.1.1
!
Note: MED uses smallest-is-best logic.
For this lab we will first disable the link between R2 and R101 and the link between R2 and R1:
R1(config)#int se 0/1
R1(config-if)#shut
R2(config)#int fa 0/0
R2(config-if)#shut
R2(config-if)#int se 0/1
R2(config-if)#shut
R101(config)#int fa 0/1
R101(config-if)#shut
We can now simulate the case in which the Enterprise has two connections to the ISP from R1 and one connection from R2.
R1#show ip bgp summary
...
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
101.101.101.101 4 101 29 29 6 0 0 00:24:04 5
102.102.102.102 4 102 25 25 6 0 0 00:20:54 5
R2#show ip bgp summary
...
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
102.102.102.102 4 102 30 29 6 0 0 00:25:10 5
We will consider that the Enterprise engineer prefers the top BGP neighborship (R1-R101) as the best path to use for inbound routes (MED 10), the middle (R1-R102) link next (Med 20), and the bottom connection (R2-R102) last (MED 30).
R1 and R2 will notify the ISPs to which they are connected which are the best routes they can use for reaching Loopback10 172.16.10.10 on R5.
Tweak: For this lab and to illustrate the influence of the MED parameter, we will first prepend another AS to the AS Path advertised by R1, so that all routes between the Enterprise and AS104 will have equal AS Paths, thus enabling the BGP Path Algorithm to postpone the decision making process to the next steps.
The initial routes on R104 to R5's Loopback10:
R104#show ip bgp
BGP table version is 13, local router ID is 192.168.44.44
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 172.16.10.10/32 101.101.101.101 0 101 100 i
* 103.103.103.103 0 103 102 100 i
*> 192.168.40.40/32 0.0.0.0 0 32768 i
*> 192.168.41.41/32 0.0.0.0 0 32768 i
*> 192.168.42.42/32 0.0.0.0 0 32768 i
*> 192.168.43.43/32 0.0.0.0 0 32768 i
*> 192.168.44.44/32 0.0.0.0 0 32768 i
Now, to tweak the AS Path advertised by R1:
R101(config)#access-list 101 permit ip host 172.16.10.10 host 255.255.255.255
R101(config)#route-map set-as permit 10
R101(config-route-map)#match ip address 101
R101(config-route-map)#set as-path prepend 101
R101(config-route-map)#route-map set-as permit 20
R101(config)#router bgp 100
R101(config-router)#neighbor 1.1.1.1 route-map set-as in
R101#clear ip bgp 1.1.1.1 soft
At this point, R4 has two BGP routes to the 172.16.10.10 destination inside the Enterprise, both having the same AS Path length.
R104#show ip bgp
BGP table version is 16, local router ID is 192.168.44.44
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 172.16.10.10/32 101.101.101.101 0 101 101 100 i
* 103.103.103.103 0 103 102 100 i
*> 192.168.40.40/32 0.0.0.0 0 32768 i
*> 192.168.41.41/32 0.0.0.0 0 32768 i
*> 192.168.42.42/32 0.0.0.0 0 32768 i
*> 192.168.43.43/32 0.0.0.0 0 32768 i
*> 192.168.44.44/32 0.0.0.0 0 32768 i
Now, the Enterprise can advertise different MED values for the links connecting it to the ISPs, thus influencing the inbound routing decision.
All the BGP path selection steps down to the MED tie in this case:
Step 1. Weight: Not set on the ISP router.
Step 2. Local_Pref: Not set on the ISP router.
Step 3. Locally injected? All these public routes from the Enterprise will be learned with eBGP and not locally injected.
Step 4. AS_Path length: Tie, using the above tweak.
Step 5. Origin: Whatever the Origin is (I or ?), it should tie.
Step 6. MED: None of the other steps determined the best route, so now MED takes effect.
MED configuration usually occurs on the routers in the AS that want to control inbound routes from the neighboring AS.
So, in our topology, routers R1 and R2 will have the MED values configured, using route-maps applied to the outbound direction.
R1(config)#ip prefix-list med-172-16 permit 172.16.10.10/32
R1(config)#route-map set-med-to-r101 permit 10
R1(config-route-map)#match ip address prefix-list med-172-16
R1(config-route-map)#set metric 10
R1(config)#route-map set-med-to-r102 permit 10
R1(config-route-map)#match ip address prefix-list med-172-16
R1(config-route-map)#set metric 20
R1(config)#router bgp 100
R1(config-router)#neighbor 101.101.101.101 route-map set-med-to-r101 out
R1(config-router)#neighbor 102.102.102.102 route-map set-med-to-r102 out
R2(config)#ip prefix-list med-172-16 permit 172.16.10.10/32
R2(config)#route-map set-med-to-r102 permit 10
R2(config-route-map)#match ip address prefix-list med-172-16
R2(config-route-map)#set metric 30
R2(config)#router bgp 100
R2(config-router)#neighbor 102.102.102.102 route-map set-med-to-r102 out
R1#clear ip bgp 101.101.101.101 soft
R1#clear ip bgp 102.102.102.102 soft
R2#clear ip bgp 102.102.102.102 soft
R101#show ip bgp
BGP table version is 12, local router ID is 101.101.101.101
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 172.16.10.10/32 1.1.1.1 10 0 101 100 i
R102#show ip bgp
BGP table version is 8, local router ID is 102.102.102.102
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 172.16.10.10/32 1.1.1.1 20 0 100 i
* 2.2.2.2 30 0 100 i
R101#show ip route 172.16.10.10 255.255.255.0 longer-prefixes
...
172.16.0.0/32 is subnetted, 1 subnets
B 172.16.10.10 [20/10] via 1.1.1.1, 00:11:12
R102#show ip route 172.16.10.10 255.255.255.0 longer-prefixes
...
172.16.0.0/32 is subnetted, 1 subnets
B 172.16.10.10 [20/20] via 1.1.1.1, 00:11:52
Two conclusions about MED can be drawn after the above tests:
1. The lower MED is preferred, if all the previous BGP steps tie.
This can be seen in the above output of R102. Having two BGP routes to the destination, one with a metric of 20 and the other with a metric of 30, BGP and the routing process choose the route with MED 20 as best.
2. The MED is advertised by one AS into another, propagated inside the AS, but not sent to any other autonomous systems.
This can be seen in the output of R104. R101 receives the routes with the MED advertised by R1, but does not send that MED values further to R104, even after clearing the BGP peering.
R104#show ip bgp
BGP table version is 7, local router ID is 192.168.44.44
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* 172.16.10.10/32 103.103.103.103 0 103 102 100 i
*> 101.101.101.101 0 101 101 100 i
*> 192.168.40.40/32 0.0.0.0 0 32768 i
*> 192.168.41.41/32 0.0.0.0 0 32768 i
*> 192.168.42.42/32 0.0.0.0 0 32768 i
*> 192.168.43.43/32 0.0.0.0 0 32768 i
*> 192.168.44.44/32 0.0.0.0 0 32768 i
In this case, R104 has chosen the path via 101.101.101.101 based on the decision made considering Step 9, due to the fact that all the upper steps tie.
BGP Path Selection algorithm review:
0. (N) Next-hop reachability - should be reachable
1. (W) Weight - bigger wins - popular to influence outbound routes
2. (L) Local Preference - bigger wins - popular to influence outbound routes
3. (L) Locally injected routes - locally injected (network command or redistribution better than iBGP and eBGP)
4. (A) AS_PATH - smaller wins - popular to influence outbound routes
5. (O) ORIGIN - prefer I over E over ?
6. (M) MED - smaller wins - popular to influence inbound routes
7. (N) Neighbor type - prefer eBGP over iBGP
8. (I) IGP Metric to next-hop - smaller wins
9. Oldest (longest-known) eBGP route
10. Lowest neighbor BGP RID
11. Lowest neighbor IP address
No comments:
Post a Comment