""Brian (273954)"" wrote in message
news:200210190024.AAA02320@;groupstudy.com...
> We are bringing in a second DS3 line into our Cisco 7206 v12 router and
was
> hoping for some general advise.
> Our current provider is a 9mbps DS3 from Genuity. We are bringing in a
> seconds DS3 from PAJO at 6mbps for redundancy and to bring the usage down
on
> the Genuity line.
>
> My question is what commands do I need to look into when I have the BGP4
> setup on the router in order to handle the flow of traffic properly?
>
> 90% of our traffic is OUTBOUND (up to the internet) and we need to balance
> this traffic between the 9mbps and 6mbps connections. From what I am told
> this won't be an automatic process but something I will have to tweak on
> occation depending on if traffic demands change between the connections.
>
> How am I best going to control this outbound flow of traffic? My idea was
> that when one connection is using a high % I can manually modify a metric
of
> some sort to make the router believe that that connection is not as
> preferred as it once was and start sending a little of the traffic over
the
> other connection instead. Am I being realistic here?
See RFC 3272 sections 7&8. In practice this involves the following three
simple steps and there are only three ways to do it (I'm trying to make this
easy):
Ways to affect outbound traffic with BGP attributes:
1) local-preference
2) inbound as-path prepends
3) inbound metric (MED)
Steps to affect outbound traffic with BGP:
1) Hard part (try to get your "Top N AS destinations" using packet capture
+ prefix lookup (ARIN, RADB) or NetFlow (easiest method) with outbound
bits/sec first) - caution: there are many ways to do this wrong or
incomplete,
see http://www.nanog.org/mtg-0110/tundra.html for better ideas:
Configure an "ip as-path access-list" using BGP regular expressions and
destination ASes (e.g. _1_ or _701_ or _1239_ ... etc)
2) Easy part
Configure a route-map to match your "ip as-path access-list" and set one
of those BGP attributes above (read RFC 3272 and understand the BGP
decision process before deciding what to use where). You may want to
match on "ip community-lists" instead of "ip as-path access-lists", but
you
need to create them first (see the Cisco IOS documentation for further
details on bgp communities and community-lists).
Note: the Internet routing table changes constantly (you can see what
changes with "show ip route | include 00:00" every minute or by looking
at your BGP updates -- requiring zebra bgpd or Cisco debug mode).
Your route-map's view of the Internet and what it matches also changes.
This requires somewhat constant updating (at least you have to monitor
it). The best way of monitoring your circuit levels is by using either
internal or external RMON polling (internal means using the Cisco IOS
rmon command - setting up events and alarms to threshold ; external
means collecting SNMP or RMON from the interfaces and using an
external application, e.g. HPOV NNM, to set the RMON events and
alarms). You will also note that your route-maps may match differently
when a circuit resets or the router reboots. This can be for a number
of
reasons, most of them beyond the scope of this email.
3) Careful part
Configure the route-map on your neighbor and set your inbound policy
(affecting outbound traffic) on your neighbor's routes.
E.g. router bgp x ; neighbor x.x.x.x route-map AS1_OUTBOUND_TE in ; end
; wr mem
clear ip bgp x.x.x.x (or ASN #) soft in ( or just "clear ip bgp
x.x.x.x in")
This is also detailed more in this new book:
http://www.oreilly.com/catalog/bgp/chapter/ch06.html
But the author doesn't seem to understand some of the logic in BGP-4 and
Inter-Domain
Traffic Engineering, especially in terms of affecting inbound (I wouldn't
implement outbound
with local-preference all the time, and I wouldn't ever announce
more-specifics without
reading RFC 2519 and "knowing what you are doing and why you are doing it"
to affect
inbound traffic). But it's a well-written overview of traffic engineering,
even though it
somewhat encourages worst-practice.
Here are some really good resources on the topic:
http://www.nanog.org/mtg-0206/te.html
http://www.nanog.org/mtg-0202/te.html
http://www.nanog.org/mtg-0206/feamster.html
http://www.nanog.org/mtg-9901/ppt/bgp102/index.htm
http://www.nanog.org/mtg-9811/ppt/avi/index.htm
http://www.nanog.org/mtg-0006/confed.html
-dre
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=55919&t=55918
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
