RE: Dual Homed BGP for failover

["Ahmed Yousuf" <ayousuf0079 () gmail com>]

Thanks to all for the responses, certainly illuminating.  I'm now more aware
of what I can do and what tools are available.  The following makes sense to
me:

 

-          Take full routing tables and default from both ISPs and decide
how I filter the routes that get installed in my routers.

-          Originally apply the same filters on both and monitor the links
to see what the natural distribution is, when we let the BGP process decide
how the traffic is routed.  Need to think more about which filters to apply
here, the SRX210s are quoted as having capacity for 16k routes.

-          Once we have a better idea of the traffic profiles start changing
the filters to preference certain traffic over the higher speed link.  One
way this might be done, is to filter based on RIPE or ARIN addresses.  We
are most concerned about maintaining capacity for European traffic, so
install RIPE routes on the higher capacity link and ARIN routes on the lower
capacity links. 

-          Accept that we are never going to get an ideal distribution of
traffic and continue monitoring and adjusting local pref/prepends etc. as
and when we need to change the distribution of traffic.  Hopefully we don't
need to do this that often.

 

Thoughts?

 

Ahmed

 

 

 

From: Max Pierson [mailto:nmaxpierson () gmail com] 
Sent: 18 January 2011 21:30
To: Jack Carrozzo
Cc: Jack Bates; ayousuf0079 () gmail com; nanog group
Subject: Re: Dual Homed BGP for failover

 

Me <3's "commit confirmed" ... maybe someone from Cisco should be watching
:)

On Tue, Jan 18, 2011 at 3:21 PM, Jack Carrozzo <jack () crepinc com> wrote:

Yep, the great thing about IOS without 'commit confirmed' is when you remove
a bgp filter, it runs out of memory, reboots, brings up peers, runs out of
memory, reboots... meanwhile if you're trying to get in over a public
interface you're cursing John Chamber's very existence. Not that that's ever
happened to me of course...

-Jack Carrozzo


On Tue, Jan 18, 2011 at 4:19 PM, Jack Bates <jbates () brightok net> wrote:

> On 1/18/2011 3:03 PM, Jack Carrozzo wrote:
>
> > I don't think this is the case, on IOS at least. Some years ago I was
> > rocking some 7500s with $not_enough ram for multiple full tables, but
> > with a prefix list to accept le 23  they worked fine.
> On JunOS, I know I can view pre and post filtered bgp updates ingress and
> egress. I seem to recall seeing similar functionality introduced into IOS,
> though I'm less certain. It's still always advisable to be careful. :)
>
>
> Jack