I would defiantly check out http://onesc.net/communities/ it lists communities of major providers. You can see if your ISP_2 is on there and supports modifying the LOCAL_PREF with communities. That happened to me before where one ISP was setting a higher preference for a path with longer AS.
Tom -----Original Message----- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Christian Koch Sent: Saturday, March 14, 2009 7:34 PM To: Stig Johansen Cc: Burak Dikici; cisco-nsp@puck.nether.net Subject: Re: [c-nsp] BGP - Multihoming I'd agree with Stig's suggestions and his assumption about the local pref is probably correct. I'd also suggest you check if your SP's have defined communities to send in order to alter attributes of the prefixes you are sending. On Sat, Mar 14, 2009 at 5:07 PM, Stig Johansen <stig.johan...@atea.no> wrote: > Burak Dikici wrote: >>I would like consult some subject about BGP to the experienced BGP users. We >>are making a BGP connection to a two different ISPs via central site router. >>We are announcing our subnet via ISP-1 normally , but for ISP2 we are >>announcing the subnet with AS path prepending configuration. As a result , we >>still see inbound traffic from internet to our subnet via ISP-2. Is that >>possible to adjust more tuning for inbound traffic ? We would like to achieve >>that there will be no inbound traffic via ISP-2. >>By the way , in the next step of the configuration we would like to configure >>our multihomed BGP router with PBR & NBAR. What we are going to try with this >>is that for example p2p traffic from our subnet to the internet will be >>detected with NBAR and it will be forwarded to the ISP-2 connection with PBR >>and the return traffic of this connection will be come through the ISP-2 >>connection. (Symmetric traffic flow) How can be achive that ? > > Hi there, > > Maybe someone has better ideas, but here goes anyway; > > 1) If you prepend your AS various times towards ISP-2, the BGP best path > selection should prefer the path with the shortest AS-PATH, and therefore use > your ISP-1 connection. > 2) If your ISP-2 has a policy of assigning a higher LOCAL PREFERENCE for > prefixes originated from any of it's customers, all of the customers of ISP-2 > (and the ISP-2 it self) will use ISP-2's connection to you by default. This > is reasonable for ISP-2, as it would use it's own internal network to reach > you. > > I'm not sure if ISP-2 would like to change this configuration, as it would > inflict a higher usage of it's other peeringlinks, but asking doesn't hurt.. > :) > > If you want certain traffic to use the ISP-2 link with PBR, you would need to > make sure the traffic uses IP-addresses which are preferred on the ISP-link. > If you don't know which source-addresses will need to use this link, but use > NBAR to discover this, you'll have to use NAT'ing. > > A) Either get a pool of IP-addresses from ISP-2 (which will be preferred on > ISP-2 anyway), or use a smaller prefix of your own addresses (and make sure > they are preferred on the ISP-2 link, using the methods as cited above) > B) Use PBR with NBAR to make the interesting traffic use the ISP-2-link and > configure NAT'ing to the addresses you aquired in A). > > Best regards, > Stig Meireles Johansen > _______________________________________________ > cisco-nsp mailing list cisco-...@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
