-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi All, Trying to work out a multi-homing BGP configuration where I have a router at two different locations (connected via a dedicated link) with a different provider in each location and the complication that ISP 2 must only be used for transit when ISP 1 is completely down. I am receiving only default and directly connected routes from each ISP. ISP 1 ISP 2 | | +---+ +---+ | A |---------| B | +---+ +---+ At present, I have router B set a low local preference on the default received from ISP 2 and router A set to always inject the default route into the network via OSPF. This causes all traffic to flow from B to A via the dedicated link. The issues I am having getting this working the way I want is: * The default received from each provider is not passed through the iBGP session to the to other site. Have not been able to work out how to get this to happen. * If I enable distribute-default=if-installed on router B, it takes no effect if the only default is the BGP default. It appears OSPF needs a statically defined default. * If I enable distribute-default=always on router B, it causes it to remove the OSPF default received from router A from the routing table, so I can't use distance to steer the traffic. Has anyone tried to get a setup like this working? I've tried a few things with scripts to monitor the BGP sessions and toggle static routes and OSPF config but none of them have worked satisfactorily. The only other work around I can think of is to VLAN ISP 2 back over to router A, although I would really really like to not do that (the sites are interstate from each other). The routers are involved are a CCR1072 and a CCR1036, both running 6.36. 2. Thanks Darryl -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEARECAAYFAlgVOokACgkQ/XQ6DbmPjom7QQCfWIlcI2RZmqxH/jCQhGcujq3V Y+oAn2iZgKqByn5R4KxKGfjK5jDmbcDq =QtUg -----END PGP SIGNATURE-----
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Darryl Ross Sent: Sunday, 30 October 2016 11:11 AM To: public@talk.mikrotik.com.au Subject: [MT-AU Public] Multihoming BGP - Different Sites
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi All,
Trying to work out a multi-homing BGP configuration where I have a router at two different locations (connected via a dedicated link) with a different provider in each location and the complication that ISP 2 must only be used for transit when ISP 1 is completely down. I am receiving only default and directly connected routes from each ISP.
ISP 1 ISP 2 | | +---+ +---+ | A |---------| B | +---+ +---+
At present, I have router B set a low local preference on the default received from ISP 2 and router A set to always inject the default route into the network via OSPF. This causes all traffic to flow from B to A via the dedicated
Hi Darryl, Assuming that routers A and B are default gateways for hosts at their respective locations, you need to use route filters to change priority of default route received from the other. Alternatively, if you also want to avoid routing to 'directly connected' networks of ISP2 via that link, just increase default route learned via BGP to greater than 20 (e.g. 25) Cheers, Mike. link.
The issues I am having getting this working the way I want is:
* The default received from each provider is not passed through the iBGP session to the to other site. Have not been able to work out how to get this to happen. * If I enable distribute-default=if-installed on router B, it takes no effect if the only default is the BGP default. It appears OSPF needs a statically defined default. * If I enable distribute-default=always on router B, it causes it to remove the OSPF default received from router A from the routing table, so I can't use distance to steer the traffic.
Has anyone tried to get a setup like this working? I've tried a few things
with
scripts to monitor the BGP sessions and toggle static routes and OSPF config but none of them have worked satisfactorily.
The only other work around I can think of is to VLAN ISP 2 back over to router A, although I would really really like to not do that (the sites are interstate from each other).
The routers are involved are a CCR1072 and a CCR1036, both running 6.36. 2.
Thanks Darryl
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iEYEARECAAYFAlgVOokACgkQ/XQ6DbmPjom7QQCfWIlcI2RZmqxH/jCQhGcujq 3V Y+oAn2iZgKqByn5R4KxKGfjK5jDmbcDq =QtUg -----END PGP SIGNATURE-----
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
Any reason you are not simply running iBGP between the two routers to handle default route distribution (I am assuming you a receiving a default route from each ISP)? Is your current setup only advertising to your secondary upstream AFTER primary service fails? are you doing this with scripts on your routers? or do you have another mechanism to deal with managing which ISP inbound traffic uses? Kind regards murray@tasmanet.com.au Sent from my Samsung devicewit -------- Original message -------- From: Darryl Ross <darryl@afoyi.com> Date: 30/10/2016 11:12 a.m. (GMT+10:00) To: public@talk.mikrotik.com.au Subject: [MT-AU Public] Multihoming BGP - Different Sites -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi All, Trying to work out a multi-homing BGP configuration where I have a router at two different locations (connected via a dedicated link) with a different provider in each location and the complication that ISP 2 must only be used for transit when ISP 1 is completely down. I am receiving only default and directly connected routes from each ISP. ISP 1 ISP 2 | | +---+ +---+ | A |---------| B | +---+ +---+ At present, I have router B set a low local preference on the default received from ISP 2 and router A set to always inject the default route into the network via OSPF. This causes all traffic to flow from B to A via the dedicated link. The issues I am having getting this working the way I want is: * The default received from each provider is not passed through the iBGP session to the to other site. Have not been able to work out how to get this to happen. * If I enable distribute-default=if-installed on router B, it takes no effect if the only default is the BGP default. It appears OSPF needs a statically defined default. * If I enable distribute-default=always on router B, it causes it to remove the OSPF default received from router A from the routing table, so I can't use distance to steer the traffic. Has anyone tried to get a setup like this working? I've tried a few things with scripts to monitor the BGP sessions and toggle static routes and OSPF config but none of them have worked satisfactorily. The only other work around I can think of is to VLAN ISP 2 back over to router A, although I would really really like to not do that (the sites are interstate from each other). The routers are involved are a CCR1072 and a CCR1036, both running 6.36. 2. Thanks Darryl -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEARECAAYFAlgVOokACgkQ/XQ6DbmPjom7QQCfWIlcI2RZmqxH/jCQhGcujq3V Y+oAn2iZgKqByn5R4KxKGfjK5jDmbcDq =QtUg -----END PGP SIGNATURE----- _______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
To add to this. eBGP routes are preferred over iBGP routes on default settings (hot potato routing). As for controlling inbound traffic, that advice will depend on the size of your ip address space and your addressing plan.
On 30 Oct 2016, at 1:50 PM, Murray Southwell <Murray.Southwell@tasmanet.com.au> wrote:
Any reason you are not simply running iBGP between the two routers to handle default route distribution (I am assuming you a receiving a default route from each ISP)?
Is your current setup only advertising to your secondary upstream AFTER primary service fails? are you doing this with scripts on your routers? or do you have another mechanism to deal with managing which ISP inbound traffic uses?
Kind regards murray@tasmanet.com.au
Sent from my Samsung devicewit
-------- Original message -------- From: Darryl Ross <darryl@afoyi.com> Date: 30/10/2016 11:12 a.m. (GMT+10:00) To: public@talk.mikrotik.com.au Subject: [MT-AU Public] Multihoming BGP - Different Sites
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi All,
Trying to work out a multi-homing BGP configuration where I have a router at two different locations (connected via a dedicated link) with a different provider in each location and the complication that ISP 2 must only be used for transit when ISP 1 is completely down. I am receiving only default and directly connected routes from each ISP.
ISP 1 ISP 2 | | +---+ +---+ | A |---------| B | +---+ +---+
At present, I have router B set a low local preference on the default received from ISP 2 and router A set to always inject the default route into the network via OSPF. This causes all traffic to flow from B to A via the dedicated link.
The issues I am having getting this working the way I want is:
* The default received from each provider is not passed through the iBGP session to the to other site. Have not been able to work out how to get this to happen. * If I enable distribute-default=if-installed on router B, it takes no effect if the only default is the BGP default. It appears OSPF needs a statically defined default. * If I enable distribute-default=always on router B, it causes it to remove the OSPF default received from router A from the routing table, so I can't use distance to steer the traffic.
Has anyone tried to get a setup like this working? I've tried a few things with scripts to monitor the BGP sessions and toggle static routes and OSPF config but none of them have worked satisfactorily.
The only other work around I can think of is to VLAN ISP 2 back over to router A, although I would really really like to not do that (the sites are interstate from each other).
The routers are involved are a CCR1072 and a CCR1036, both running 6.36. 2.
Thanks Darryl
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iEYEARECAAYFAlgVOokACgkQ/XQ6DbmPjom7QQCfWIlcI2RZmqxH/jCQhGcujq3V Y+oAn2iZgKqByn5R4KxKGfjK5jDmbcDq =QtUg -----END PGP SIGNATURE-----
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
participants (4)
-
Craig Askings
-
Darryl Ross
-
Mike Everest
-
Murray Southwell