Re: [c-nsp] Outbound Load balancing using eBGP
Hi, On Wed, Dec 22, 2010 at 10:33:57PM +, RAZ MUHAMMAD wrote: I would appreciate if someone can shed some further light on using the default route or full routing table scenario while multi homed. In this case hardware is not an issue, I am trying to assess the operational, differences, or the outcome in terms of traffic patterns. This very much depends on the ISPs involved, and their view of the world. We pretty much do not fiddle with BGP *at all*, since we've choosen our uplinks in a way that traffic balances pretty much on its own - one of the uplinks is strong for the european market and has very tight peerings there, one of the others is strong for USA and Asia, and so traffic naturally distributes itself. Bandwidth commitment is then purchased according to need. This is something nobody can give you a definite answer - as it depends on too many local factors (is one of the ISPs more expensive? faster, slower? what is BGP doing if left alone - and why is this not what you want?). gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpTvklFzWZMN.pgp Description: PGP signature ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Outbound Load balancing using eBGP
If it is internal WAN environment, why not use PfR/OER? It comes with IOS and has improved a lot. PfR could dynamically load balance traffic. For Internet facing the PfR would NOT balance for full routing table but would do upto five thousand routes or so. I maybe off on the numbers. But still for 5k routes or so it works pretty good. Mack On Wed, Dec 22, 2010 at 5:31 PM, Keegan Holley keegan.hol...@sungard.comwrote: In addition to the manual route map method there are also appliances such as internap and F5 link controller that will you to match your bgp metrics more closely to the traffic traversing your AS. I think the internap supports dynamic metric changes based in traffic flow. Sent from my iPhone On Dec 20, 2010, at 4:30 PM, RAZ MUHAMMAD raz.muham...@gmail.com wrote: Hi all, I would like to find out how one can use BGP to load balance outbound traffic, while multi homed to 2 transit providers or ISPs and getting full routing tables, no default routes? The BGP peer at the client end is a non Cisco router, so would not be able to use the multipath feature. The load balancing is intended for all routes in the routing table, or at least to achieve some kind of load distribution. Is there any other way to achieve an optimal outbound load balancing method using eBGP? Regards ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Outbound Load balancing using eBGP
I still recommend at least checking out the BGP appliances. You'll never get any where near even distribution without some kind of active processing. However, if you are dead set on manual configuration do you have any idea what your traffic spread is? For example if your customers are predominantly in one AS or IP block, or if you are a hosting company you can choose some of the larger ISP's and nail their traffic to one link or another. Implementing netflow will help with this as well. Unfortunately in there isn't a single easy configuration that makes this work as different business have different traffic patterns and different needs. On Mon, Dec 20, 2010 at 4:30 PM, RAZ MUHAMMAD raz.muham...@gmail.comwrote: Hi all, I would like to find out how one can use BGP to load balance outbound traffic, while multi homed to 2 transit providers or ISPs and getting full routing tables, no default routes? The BGP peer at the client end is a non Cisco router, so would not be able to use the multipath feature. The load balancing is intended for all routes in the routing table, or at least to achieve some kind of load distribution. Is there any other way to achieve an optimal outbound load balancing method using eBGP? Regards ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Outbound Load balancing using eBGP
Hi, I would like to thank everyone who contributed to this thread. Your valuable feedback on the subject is quite useful and would greatly help me in planning the next move. Just for your interest, the box I am talking about is a beefed up box running Vyatta. Regards On 20 December 2010 21:30, RAZ MUHAMMAD raz.muham...@gmail.com wrote: Hi all, I would like to find out how one can use BGP to load balance outbound traffic, while multi homed to 2 transit providers or ISPs and getting full routing tables, no default routes? The BGP peer at the client end is a non Cisco router, so would not be able to use the multipath feature. The load balancing is intended for all routes in the routing table, or at least to achieve some kind of load distribution. Is there any other way to achieve an optimal outbound load balancing method using eBGP? Regards ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Outbound Load balancing using eBGP
Hi Jay, Many thanks for providing a practical example and a good piece of advice on using default routes for dynamic load balancing. Raz On 22 December 2010 23:15, Jay Hennigan j...@west.net wrote: On 12/22/10 2:33 PM, RAZ MUHAMMAD wrote: I would appreciate if someone can shed some further light on using the default route or full routing table scenario while multi homed. In this case hardware is not an issue, I am trying to assess the operational, differences, or the outcome in terms of traffic patterns. Outbound is easier than inbound. In general, use a route map to set local preference or another attribute based on as-path and apply to each neighbor. Say you're multi-homed to AS100 and AS200. You would do something like: ip as-path access-list 100 deny _200_ ip as-path access-list 100 permit _100$ ip as-path access-list 100 permit _100_[0-9]+$ ip as-path access-list 100 permit _100_[0-9]+_[0-9]+$ ip as-path access-list 200 deny _100_ ip as-path access-list 200 permit _200$ ip as-path access-list 200 permit _200_[0-9]+$ ip as-path access-list 200 permit _200_[0-9]+_[0-9]+$ Then towards your AS100 neighbor apply a route-map to bump local-pref to a value of 110 any inbound announcements matching as-path 100, likewise same on AS200 for as-path 200. All else matches the default local-pref of 100. Other traffic will use the regular BGP metrics to choose a path. This sends your traffic to AS100 targets, its customers, and second level out the link to AS100 and likewise for AS200. If you lose either link, the other will pick up all traffic. After a while you'll get a sense of how well balanced things are and you can tweak the lists to prefer one path or the other for portions of your outbound traffic to other networks. For example, if AS200 is only taking 20% of your outbound traffic and you send quite a bit to AS300, then add a permit to as-path list 200 to prefer sending AS300 traffic out that path. Don't try to dynamically load-balance individual flows between your two neighbors. You'll have horrible issues with packets out of order and things will get very ugly. You'll never get anywhere close to an exact 50-50 balance and it will vary a lot depending on what destinations become popular and unpopular with your customers at what time of day, etc. -- Jay Hennigan - CCIE #7880 - Network Engineering - j...@impulse.net Impulse Internet Service - http://www.impulse.net/ Your local telephone and internet company - 805 884-6323 - WB6RDV ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Outbound Load balancing using eBGP
On Wed, Dec 22, 2010 at 16:33, RAZ MUHAMMAD raz.muham...@gmail.com wrote: Unfortunately the vendor does not support multipath or anything similar on their platform. As you asked on a Cisco list, you got a response on what can be done with Cisco equipment - use multipath. You might try asking the vendor if they have any tricks. Otherwise, you should try looking for a user group mailing list for whatever vendor that may be (it would be quite a bit more helpful to identify what equipment you are using). There are Alcatel, Extreme, Foundry, Force10, HP, Huawei and Juniper mailing lists hosted on puck @ http://puck.nether.net/mailman/listinfo/ Possibly they can be of use, being that the users of whatever type of equipment you are using are in the same boat. Good Luck, Andrew Koch ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Outbound Load balancing using eBGP
On 12/22/10 2:33 PM, RAZ MUHAMMAD wrote: I would appreciate if someone can shed some further light on using the default route or full routing table scenario while multi homed. In this case hardware is not an issue, I am trying to assess the operational, differences, or the outcome in terms of traffic patterns. Outbound is easier than inbound. In general, use a route map to set local preference or another attribute based on as-path and apply to each neighbor. Say you're multi-homed to AS100 and AS200. You would do something like: ip as-path access-list 100 deny _200_ ip as-path access-list 100 permit _100$ ip as-path access-list 100 permit _100_[0-9]+$ ip as-path access-list 100 permit _100_[0-9]+_[0-9]+$ ip as-path access-list 200 deny _100_ ip as-path access-list 200 permit _200$ ip as-path access-list 200 permit _200_[0-9]+$ ip as-path access-list 200 permit _200_[0-9]+_[0-9]+$ Then towards your AS100 neighbor apply a route-map to bump local-pref to a value of 110 any inbound announcements matching as-path 100, likewise same on AS200 for as-path 200. All else matches the default local-pref of 100. Other traffic will use the regular BGP metrics to choose a path. This sends your traffic to AS100 targets, its customers, and second level out the link to AS100 and likewise for AS200. If you lose either link, the other will pick up all traffic. After a while you'll get a sense of how well balanced things are and you can tweak the lists to prefer one path or the other for portions of your outbound traffic to other networks. For example, if AS200 is only taking 20% of your outbound traffic and you send quite a bit to AS300, then add a permit to as-path list 200 to prefer sending AS300 traffic out that path. Don't try to dynamically load-balance individual flows between your two neighbors. You'll have horrible issues with packets out of order and things will get very ugly. You'll never get anywhere close to an exact 50-50 balance and it will vary a lot depending on what destinations become popular and unpopular with your customers at what time of day, etc. -- Jay Hennigan - CCIE #7880 - Network Engineering - j...@impulse.net Impulse Internet Service - http://www.impulse.net/ Your local telephone and internet company - 805 884-6323 - WB6RDV ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Outbound Load balancing using eBGP
In addition to the manual route map method there are also appliances such as internap and F5 link controller that will you to match your bgp metrics more closely to the traffic traversing your AS. I think the internap supports dynamic metric changes based in traffic flow. Sent from my iPhone On Dec 20, 2010, at 4:30 PM, RAZ MUHAMMAD raz.muham...@gmail.com wrote: Hi all, I would like to find out how one can use BGP to load balance outbound traffic, while multi homed to 2 transit providers or ISPs and getting full routing tables, no default routes? The BGP peer at the client end is a non Cisco router, so would not be able to use the multipath feature. The load balancing is intended for all routes in the routing table, or at least to achieve some kind of load distribution. Is there any other way to achieve an optimal outbound load balancing method using eBGP? Regards ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Outbound Load balancing using eBGP
On Mon, Dec 20, 2010 at 10:30 PM, RAZ MUHAMMAD raz.muham...@gmail.com wrote: Hi all, I would like to find out how one can use BGP to load balance outbound traffic, while multi homed to 2 transit providers or ISPs and getting full routing tables, no default routes? The BGP peer at the client end is a non Cisco router, so would not be able to use the multipath feature. The load balancing is intended for all routes in the routing table, or at least to achieve some kind of load distribution. Is there any other way to achieve an optimal outbound load balancing method using eBGP? Just do maximum path 2 to loadbalance on equal paths. Per session is default. Also if you want to ignore as path use bgp bestpath as-path multipath-relax If your non Cisco router is capable of handling full routing table, surley it must support at least multipath. Check with the vendor. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Outbound Load balancing using eBGP
Hi all, I would like to find out how one can use BGP to load balance outbound traffic, while multi homed to 2 transit providers or ISPs and getting full routing tables, no default routes? The BGP peer at the client end is a non Cisco router, so would not be able to use the multipath feature. The load balancing is intended for all routes in the routing table, or at least to achieve some kind of load distribution. Is there any other way to achieve an optimal outbound load balancing method using eBGP? Regards ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
