BGP Load Sharing Dual router with ISP- Complete Design and Configuration

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hi and welcome everyone my name is Sandeep welcome to another session of BGP this busy position will be more exciting than my previous videos because we are going to configure a lot of things in this BGP so we are going to discuss today about load sharing in BGP it's a deal home to a single ISP which means that we have got two routers and we are at our internal network and we have a single service provider with two routers ok so we are going to pay P R with with our ISP and then we are going to accomplish some task let me quickly take a screenshot of this so I can explain it in more detail ok so we have got this topology so what we are going to achieve here is ok so you would have seen that all the internet service providers are usually advertising a default route to your ID to your local network so we are going to do the same thing the first task we see here is that autonomous system 200 is going to advertise a default route to router 1 and to router 2 so we are receiving the default route now so if any of the users from our land side here if they want to reach to the internet they are going to use this default route so now we are receiving the default route from both the sides we will apply some policies and we will make a load balancing possible in the BGP so how we are going to accomplish that let's see so let's understand our outbound policy so let's say what we need to achieve here are one should use R 1 R 3 link for internet so for example if this computer is sitting here and any traffic is coming to router 1 he should use this link to access the internet if this link fails if this link fails the traffic should be diverted to router 2 let's say if this link is fails and the packets are coming to after one the router one should send the packet back to router two and then he then the user should access the Internet similarly we are going to apply for a router to any packets from this host coming to router 2 should always pass through router 2 to router 4 so we should always access the internet from this router suppose this link is failed or if there are any issues with is P then this traffic should pass by ibgp and to the router 1 and it should you know the internet should be accessible to these users this is about the outgoing policy how about the incoming policy so let's understand this traffic from internet destined to this primary subnet should come from r3 r1 so let's say we have some server sitting here if he wants to access any of my network let's say I'm advertising this lemon dot 0 dot 0 network and if they want to access this 11000 Network we are going to define in such a way that the traffic should always come by this this path route 2 3 2 router 1 this year if you want to see that the traffic from destined to this second network that is 12 network ok if anyone trying to access from Internet this network so the traffic should always come where the second link in this direction ok I hope this is clear so far if one of the links fails let's say if this link fails the traffic should automatically come where this link and if this link fails the traffic should automatically go over at this link so this is our requirement and I've seen that most of the network setups will be in this way ok so let's see how we are going to configure this and what is our how we can you know crack this and how we'll configure so let's see our strategy first before we configure anything we just need to think about how we will do it so here is my strategy plan for this task okay so the first thing in my network what I will do is I will configure a primary and secondary IP addresses on LAN side of the interface so here I am going to configure primary and secondary IP addresses in the l network it would you know you would have two different subnets so I will do on this interface I will configure the primary IP address as 11 and 12 as my secondary IP address okay this this is used for testing purpose right so okay this is done second thing advertising both networks - I spin BGP very simple we are going to advertise these two networks to the ISP Network okay so we will advertise by a R 1 as well as R 2 so we will have a ebgp between router 1 and ro 2 3 similarly we will have ebgp between router 2 and router for this is clear now the third step is ibgp between R 1 and R 2 so I will have a IBG position between R 1 and R 2 I will configure next hop self because you know this is a BGP will will process it that way so we need to configure the next hop self here on the ibgp ok then we will configure maximum path because we may learn this route from multiple paths because we have two parts and the BGP by default will select only one best path so to have two two paths in our routing table we should use a maximum path okay so I will configure maximum path here in the BGP process then we need to focus on these policies outbound policy and inbound policy so to accomplish this I will do one thing I will configure two standard access lists to permit a network 11 and 12 so I will configure one sec and I tell that you should permit this level network and then I will configure one more SEL and I will tell that okay you should permit this 12 network once we do that we will configure a route map okay so the route map will be applied to the ebgp neighbor on this as well as on this network okay so in this what I will do is I need to prefer so the first task what I see is I should for the inbound traffic I need to set the autonomous system yes path to the higher level so in this case we are going to use the es path metric so that our traffic should come we are on the second link which means that let's say this users okay they want to access this 12 network or 11 Network okay so this users wants to access the 11 network and what we are saying that in our this policy this these users should always use this link okay so we will accomplish this by configuring the higher s part numbers so I will prepend more a s path here so that you know this this network will be preferred so I will prepend more s numbers 4:12 net 12 network so it always you it always use 12 net Network where this path and 11 network we had this path this accomplishes our task okay so I I think that that's that's the strategy and plan and I hope we should start doing the configurations the verification will come come at the later point of time how we are going to verify this there are a lot of verification steps we need to follow so let's quickly jump onto this to her to understand this better I have already configured the IP addresses here on my routers however I have not done any configurations about the BGP so let's not spend much time let's start configuring the BGP okay so I am on a router one let me quickly move this here so that I can see what's happening and the in the background okay so I want a router one here let me configure router bgp 100 and let me just quickly bring up this I will configure ebgp neighbor first with router 3 the commands are straightforward neighbor 10 dot one dot dot in dot the mod autonomous system is 200 similarly I will form IBC be nimble here neighbor okay so I bgp neighbor I will form how would i form the IBC be neighbor okay what are the IP addresses let's let me quickly verify the IP addresses to show IP interface brief I have one of the interfaces admin down so let me bring that interface okay Sal former IBT with 1100 - neighbor [Music] Rooter bgp 100 neighbor 11.0 dot 0 dot to remote autonomous system is going to be the same because this is ibgp neighbor okay then we will configure maximum path for we should be good with the two but let's configure it as three then what else we could do neighbor 1100 - next how self okay then let's do the similar configuration son router to router bgp 100 neighbor let me configure the ibgp first neighbor 1000 one next hop self then what else I am going to do is okay neighbor my ebgp plate 10.1 or 24 then dot one dot 24 dot 24.4 remote autonomous system is going to be 200 and that's it I think we should be good now so IP BGP summary I'm not forming any neighbor shaprut being 0 0 1 let me see if the ping is working between router 2 and outer one which is not working that is not a good sign so I be interface brief okay this interface looks disabled interface fa0 / - IP interface brief let's verify this interface is up now so I should for my ibgp neighbor here okay let's give some time for BGP to come I'm jumping on to the router 3 which is this router router 3 I will form a ebgp with this router 1/200 neighbor 10.30 not system is 100 and I will form ibgp neighbor with the $10 here is it going to be this ok 200 I can configure with 200 IP address so let's go ahead and see if I have already configured the p2p show IP interface brief do so IP interface brief do I have this ok I have this put the interfaces down router bgp 200 neighbor system is going to be 200 so this is done we will come back and verify the BGP neighbors [Music] okay so my first neighbor is ten dot one dot dot one dot 24.2 dot one dot d 4.2 remote autonomous system is 100 neighbor 200.000 dot three the more autonomous system will be 200 this ibgp and this is a BGP okay so am I missing anything for the ibgp neighbors let's go ahead and do update source next off self similarly for router 3 next maximum and we should be summary this is still not active this is still active so let's bring this IP address ping 10.1.1.10 I P address is not reachable between router for and router 2 so let's go ahead and verify ok so it looks like I have configured 24.1 has IP address wherein in the BCP I have configured 24.2 so let's let me change this IP address IP address is going to be 24.2 let me bring in one 24.4 see the bgp has come up okay let's verify show IP BGP summary I should see two bgp neighbors on router - I wonder outer - so I have BGP neighbor with 24.4 which is this router for and also I have BGP neighbor with router one which is this similarly I will verify the same thing here show IP visibly summary and I see I have two neighbors which are up with router 3 and with router - ok let's verify the same here so IP BGP summary I should see two neighbors here and I should see two neighbors here ok this looks good so far we what we have done is we I have found ibgp neighbor between this this - I wish every neighbor between these two then I have evcp neighbor here then I have even everything okay so let me take this screenshot again and we will start working okay alright so far we have done IBC penny worship now let's go ahead and see what is our strategy okay this is our strategy primary secondary address we have configured this is done advertise both network to ISP in BGP this we have not done so let's go ahead and do that let's advertise these two network into BGP so I am going to jump on router one network mask to 0 similarly I will update 0 mask mask and I will paste it here ok so what we have done is we are advertising these two routes now to router 3 and router for let's quickly verify if I have received this route show IP BGP summary again ok so I am seeing the two prefixes received here ok so let me just do peer out you see the route okay so 11 is here learn from B's event well is here learn from Bisbee similarly I will verify show IP route you could see that the two networks with what we have advertised are already here on the on the route to 3 and router for so let's go back to our strategy and we have done with this we have step number one is done step number 2 is done step number three is what ibgp between the outer one and router to which we have already done next top self we have configured and maximum path we have configured this is done step three is done so step four is my step four and this is step 5 so in the step 4 what I will do is I will configure the access list standard ACL and I will I will permit this so let's go ahead and do that on router one access list a simple standard access list access list one per meet dot 0 dot 0 dot 0 I need to specify the mask access list too and I will permit this okay so I've configured to access list to show IP similarly I need to configure the to AC else in router to ok take this take this second one and I will add it on the router too so far we are good right ok there's a lot of work here so we have configured to access list 11 and 12 I mean the access list is layer 1 and 2 and I have added these networks the next thing is that the important step is that we need to configure the route map and we need to call that route map into the ebgp neighbors so what we will do is we will configure a route map with the name r1 r3 ok we will call the name with r1 r3 let's understand this a bit I'm going to configure a route map with the name r1 r3 r1 r3 and I will call the access list number two I will call the ACL number two this is my ACL - this is my ACL - and this is my ACL one is l1 so what I want to do is I want to set up additional a spot prepend to this network so what I will do is I will call this ACL - and I will set the s prepend okay so let's go ahead and do that on router one I will configure do show access list and just quickly verify the access list that we have correct entries okay we we are having route map r-13 I will name it as r1 r3 only for ease of understanding permit then then what I will do is I will call the ACL match IP address match IP address then what is the access list number access number is two then what I will do is I will set the a a spot prepend I will prevent the a s path with hundred hundred hundred let's say four times four let's do it five times okay I have done this prepending of s path for this particular route map now what I will do is I will configure one more road map entry with permit 20 and I will call the second ACL so that the traffic to second I mean the traffic should not block and it should still pass IP address - what have you done okay so we are permitting it again r1 r3 and we are calling the access list instead of two this time it should be access list 1 so let's quickly verify route map show route map so you could see that our first sequence number shows that access list - so access list 2 is nothing but 12000 and I am preparing with yes but ok hundred hundred hundred so that what what is going to happen that whenever some users from this trying to access this leaven network ok the leaven network will pass over this link because the s path prepending will be less here for 12 network it will be saying that s is s path is one hundred hundred hundred hundred and it will think that this is the least path so let's do that the similar steps on router 2 and we will verify that once we are done okay so I will be back on router to route map I will configure so this time I will give name as router to to router for I'll give permit permit then match IP address this time what I need to do is on the router - I need to prepend this Levin network so that always 12 network should come with this link and 11 networks should go as other link so what I will do is I will configure match IP address IP address one set yes path prepend hundred hundred hundred hundred okay and what I will do is this is the exit I will do a second entry second route map entry and I will call the second ACL match match IP address - okay so we are done with the road map configurations show route map you could see that I'm doing a ACL I am calling a cell 1 ok I am prepending it where and the second is per my statement I'm calling the access list - ok I hope you are following and it is clear so far now let's go ahead and start applying it ok so the first I will come back to router 1 and I will do I will apply the this route map for this neighbor this neighbor and we will be applying it in our direction because we are influencing the incoming traffic we need to apply it in our direction if you want to do any outbound traffic then you need to apply it in inbound direction it's it's exactly the opposite way for the inbound traffic you need to apply it in out direction so let's go ahead and do it in the out direction router1 okay so show running section BGP I will do let's see what is my neighbor it should be ten dot one dot dot e dot three okay aunty BGP hundred neighbor [Music] ten dot one dot dot dot and then I will call the route map the route map name is r1 r3 and as I said it is going to be outbound direction similarly on the router to show running section BGP you are going to verify that compte router bgp hundred you will put the route map for the ebgp neighbor which is this one and what i will do here okay route map route map name is r2 r4 and it will be out direction okay so far we are good with our configurations so let's I think one more piece of it we are missing that we are not advertising this 200 Network into the BGP here so let's go ahead and do that I wrote iseman of 200 Network in the BGP so that we should receive that 200 Network here and then I think then that's it we should be good to proceed with the testing of T Rooter bgp 200 network mask 2 Phi 2 Phi 2 Phi dot 0 similarly get on to the router for coffee router bgp 200 Network 200 0 0 0 mask 255 255 255 0 and let's quickly verify what is the routes we are seeing here you could see that the ACL is logging here list to access list to is permitted okay so let's do a quick check show IP route first and we should see that 200 Network is learnt here similarly on the router to show IP route we should see 200 Network is learnt here ok so now the verification part the strategy for our verification is on the router - we need to see show IP route and show IP BGP so we have done show IP route here and you could see that this 200 Network is coming from router r1 r3 this is a router one router 3 so this is what we wanted our one should use r1 are thrilling for Internet ok there's one more piece missing in this that we said that this is the internet but we are not advertising any default route so we could advertise a default route as well from here so let's do that on the router 3 let me jump onto the router 3 so how are we going to advertise a default route the command is let's do a quick quickly verify how what is section BGP okay router bgp 200 neighbor 10.1.1.1 and the command will be default or isn't it okay so default originated is going to advertise a default route let's quickly verify if you want to i should see your default route here okay you could see that the default route has come here in a BGP from router 3 similarly on the router for I'm going to do the same step show running section BGP compte route BGP 200 and what is my network okay what is my neighbor it's this one default originated and this and we should see what we did is we advertise a default route from this similarly we advertise a default route from this so now we verified on router 1 that we have 0 0 0 0 network and one router 2 we are going to verify the same router 2 we will verify that we have a default route see before before we advertise or before we add the command default originate you don't see a default route with 0 0 0 now when you do that you could see that the default route has come okay so in in our task the first thing was what our one should use r1 r3 link for internet so we should when when I execute show IP route here I should always learn the route from r1 our ceiling that is 10.1.1.1 let's verify the first part of it so IP BGP you could do okay when you do show IP BGP you could see that a default route has come from ok this 200 Network has come from ten dot one dot that into three and also the default route has come from 10.1.1.1 all the routes are coming from router three this is what we wanted right our one should use r1 r3 link for internet if you want to trace it from here in it and if the packet is going to router one it will always use this link similarly on the router - I should see 24.4 let's do verify the routing table here oke it is here 200 network is learnt by a 10.1 dot 24.4 and also default route is learn why this so we should be good with these two checks now the failover scenario will will check in a short shortly okay now we will verify inbound verification of inbound traffic so we what we will do is we will jump on to router 3 and router for and verify how the traffic is coming inbound traffic means we are sending this traffic right from 11 and 12 we are we are sending the traffic to the service provider so we will verify how we are learning that so what we had done is we had configured a s path prepend and as per a spunk prepend we should see the routes so let's go ahead and jump on to router 3 so IP BGP is my come on and you can see that this 11 dot 0 dot 0 dot 0 network the next hop is 10-1 13.1 ok and similarly for the 12 network it is having so many you know prepended yes but so if you want to if anyone wants to reach to this network let's say if someone sitting here and if the packet is coming to this guy okay he will always use this path for Lemon Network and this path for 12 Network because let's verify here show IP BGP see here for 11 Network he's not going to use this path because it has so many a spot prepended right for the 1212 12 month old it is the best show IP route so you could do for the 11 it is going to use 200 0:03 you could see that if you want to reach 211 Network okay it is going to send the traffic to 200 0:03 so I am here okay and if I want to reach this level network it is going to send the traffic to 200 0:03 which is this IP address here 200 0:03 okay and if you want to raise to 12 Network it is going to send the traffic to F 0 / 0 which is if you want to send the traffic to 12 network the next hop you could see that 24.2 24.2 is nothing but this one this is 24.2 here okay similarly you can be refined router 3 so IP route or router 3 you could see that if you want to reach to 11 network it is going to send the traffic to 11 13.1 if you want to reach to this primary network it is going to send the traffic to 13.1 which is this and if you want to raise to 12 network it is going to send the traffic to this IP address 200 dot for C 200 dot for okay so this is this is about our inbound policy whatever we advertised using the a s path prepend it's working correctly okay now the next step is a failover scenario so when the link fails what is going to happen that we will verify this is the final checks we will be doing so we verified show IP BGP show IP route now the failover tests are three our one link shutdown at our three site okay let's say okay let me take a snapshot again not good at drawings so please bear with me I will take a screenshot again here okay and now we are doing now we are performing failure test okay so the first failure check what we our strategy is if r1 r3 and let's shut down this link so what I am doing here I'm shutting down this link or this interface here okay and what it is that our one should use r1 r3 link for Internet so this router one is always using this link for Internet okay now this link itself is failing okay so when this link fails router one if any packet is coming to router one he should send that packet to router too okay so what we will do is we will shut down this interface and we will do the first check okay we will shut down this interface and we should see that the BGP neighbor for this particular 200 Network it should it should tell that this is my next house now now for the 200 Network it should be showing this as the next home let's verify that let's jump onto router one okay and I show IP route should do a show IP route for 200 Network currently router 3 is my next stop which is this one 13.1 13.3 this is the next stop okay so I will shut down this interface so you know this should automatically divert the next hop to this ibgp neighbor which is I believe will event dot 11.0 dot zero dot X okay so let's go ahead and do that on router 3 fi 0 / 0 interface FA 0 + 0 shutdown okay this should reflect our one router 1 we should see that this should change if it is working it will change if not then I don't know it is still the same I don't know what's happening let me clear the bgp neighbors once so IP BGP summary the neighbors are not coming up 11002 has come up this is my ibgp whereas my ebgp should not come up because i have shut down this interface my ebgp should not come up i should have taken some time because of convergence it would have automatically come there is no need to clear the BGP neighbors if you are dealing in the production network you don't do this so IP BGP summary is done then show IP route if I show IP route I'm not seeing any route coming okay now the 200 Network is coming here okay and you could see that earlier my next stop is 10.1.1.10 shop is this 111 dot 0 dot 0 dot 2 which is that which is coming from ibgp neighbor so this confirms my free load test when r1 r3 link fails okay similarly I need to do one more verification if one of these links fails it should come back to second available link which means that for the incoming traffic also right for the incoming traffic also I have configured this as a primary link for example any traffic for 11000 Network is always going where this now this link is down ok so if any packet is hitting to router 3 it should send the packet to router 4 and from this way it should come okay so let's verify on router 3 what is happening on router 3 if you check show IP BGP or the easiest ways to check show IP route it should show for the 11 network and 12 network for both the networks it should show 200 0 0 4 ok idly what it was doing for for the Levin Network it was showing this as the next hop and for 12 Network it was showing this as the next hop now for that 11 network also it is showing this as the next hop so we are good with the verification so far everything is looking very good and perfect so I will bring up the interface on router 3 it should take some convergence time and then I should see the changes shortly for the Levin Network for the Levin Network on the router 3 it should change to 10 dot 1.13 dot 1 so this next hop should change ok there it is for 11 network it has changed to 10.1.1.1 similarly for the next check for the second test what I need to do is similarly are to shoot now the router 2 is taking for the outgoing traffic it is always using this path ok if you shut down this link either this interface or this interface it will perform the same thing so you know so far we are good with this scenario and I think we have tested we have tasted most of the thing if you want me to test the other part also I can do that show IP interface brief so what I will do is let's check show IP route first ok if you do show IP route for the 12 network it is showing 10.1 or 24.2 this is the primary link for 11 Network it is showing for the 11 network it is going where this way ok so when I shut down this link for both 12 as well as 11 it should show this as a next hop which is 200 0:03 okay you can see that next for one thing it is showing 200 300 3 for other thing it is showing 10 124 interface if a 0/0 shut down I did I shut down here show IP route you could see okay it has taken the effect immediately okay so four eleven and twelve the traffic is going Maya this way because this interface is down let's say you have a user sitting here and if by chance the traffic is coming here he will send the traffic to router 3 and from router 3 it will go ok now similarly on the router - if you want to reach the 200 Network what used to happen if I have a computer here who is trying to reach to 200 network the traffic used to come here okay if it is hitting on router 2 it used to exit this way but now as this link is down the traffic should divert to router 1 so let's verify on router 2 what is happening so see earlier default route is coming by this way that is 24.4 if the traffic comes here he will definitely go or this interface as this interface is down it should change this behavior and I should what I should see is the traffic should go at this link here which is I will leave 11111 not sure whether it's a convergence time they still not taking the effect I may have to clear the busy position it would take some time so I don't want to wait here so I just cleared the neighbors so that I should see it this way I'm still not receiving the route the configuration looks correct everything is correct and I have received these four routes here now it is showing that I have received the four prefixes but it is not getting in there it is showing the referrer for some reason okay mark this has a best best route here and it is showing the next hop as 11001 so I should see it here okay so it is taking a convergence time now I can see that the default route and 200 Network is pointed to 100 zero zero zero so this way we have accomplished this task the complete network topology and complete set up how the failover is working and we have full redundant network we have - we have two two routers at our side and we have two routers at the ISP N and we have full redundancy if one link is going down we are still able to reach my other link and so on so I hope this has been informative to you and I want to thank you for watching this video if you liked this video hit the like button and please subscribe my channel so that I can come up with more scenarios and more such topologies thanks a lot have a good day

Info

Channel: Sandeep S

Views: 9,513

Rating: 5 out of 5

Keywords:

Id: zQgT4YkaDm0

Channel Id: undefined

Length: 50min 45sec (3045 seconds)

Published: Fri Oct 26 2018