Routing
Routing

Two BGP sessions, issues with gateway

‎02-16-2015 11:01 PM

I run two BGP sessions with two different providers. I am announcing a few prefixes through one provider and a few more through the other. Just to clarify, this is not a multi-homed setup, I simply want to route certain prefixes through different transits.

 

What I noticed on EX3200 with the config below - the switch wants to send all traffic to same carrier, even if a certain subnet is announced through the other one. I was hoping someone could help me out a little.

 

In the configuration below I am announcing 111.111.111.0/24 through "bgp-transit1" (AS 11111) carrier and 222.222.222.0/24 through "bgp-transit2" (AS 22222). Relevant parts of the configuration:

 

 

    
interfaces {
    ...
    ge-0/0/46 {
        unit 0 {
            description bgp-transit1;
            family inet {
                address 10.10.10.154/30;
            }
        }
    }
    ge-0/0/47 {
        description bgp-transit2;
        unit 0 {
            family inet {
                address 20.20.20.186/29;
            }
        }
    }
    vlan {
        unit 1000 {
            family inet {
                address 111.111.111.1/24;
                address 222.222.222.1/24;
            }
        }
    }
}
routing-options {
    static {
        route 111.111.111.0/24 discard;
        route 222.222.222.0/24 discard;
    }
}
protocols {
    bgp {
        group bgp-transit1 {
            type external;
            export export_bgp_transit1;
            peer-as 11111;
            local-as 99999;
            neighbor 10.10.10.153;
        }
        group bgp-transit2 {
            type external;
            export export_bgp_transit2;
            peer-as 22222;
            local-as 99999;
            neighbor 20.20.20.185;
        }
    }
}
policy-options {
    policy-statement export_bgp_transit1 {
        from {
            route-filter 111.111.111.0/24 exact;
        }
        then accept;
    }
    policy-statement export_bgp_transit2 {
        from {
            route-filter 222.222.222.0/24 exact;
        }
        then accept;
    }
}

 

Thanks for any feedback!

9 REPLIES 9
Routing

Re: Two BGP sessions, issues with gateway

‎02-17-2015 05:19 AM

Hi,

 

I tried same config in my routers and seeing expected outputs  like one prefix is sending routes to one neighbor  nd vice versa.

 

Pl paste the bgp output of > show route advertising-protocol bgp <neighbor's IP> 

of both neighbors.

 

And for reference pl see my tested config and outputs as well.

 

 

........
If this worked for you please flag my post as an "Accepted Solution".

Best Regards,
Suresh Mudhireddy

Attachments

Routing

Re: Two BGP sessions, issues with gateway

‎02-17-2015 04:03 PM

Here are the outputs:

 

root@switch> show route advertising-protocol bgp 10.10.10.153

inet.0: 42 destinations, 60 routes (42 active, 0 holddown, 0 hidden)
  Prefix                  Nexthop              MED     Lclpref    AS path
* 111.111.111.0/24         Self                                    I

*************************************

root@switch> show route advertising-protocol bgp 20.20.20.185

inet.0: 42 destinations, 60 routes (42 active, 0 holddown, 0 hidden)
  Prefix                  Nexthop              MED     Lclpref    AS path
* 0.0.0.0/0               Self                                    11111 I
* 222.222.222.0/24          Self                                    I

*************************************

root@switch> show bgp summary

Groups: 2 Peers: 2 Down peers: 0
Table          Tot Paths  Act Paths Suppressed    History Damp State    Pending
inet.0
                       2          1          0          0          0          0
Peer                     AS      InPkt     OutPkt    OutQ   Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
20.20.20.185         22222         26         33       0       4       13:06 0/1/1/0              0/0/0/0
10.10.10.153          11111       5474       5453       0       1 1d 16:46:48 1/1/1/0              0/0/0/0

*************************************

root@switch> show route

inet.0: 42 destinations, 60 routes (42 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0          *[BGP/170] 1d 16:50:03, MED 0, localpref 100
                      AS path: 11111 I, validation-state: unverified
                    > to 10.10.10.153 via ge-0/0/46.0
                    [BGP/170] 00:16:21, localpref 100
                      AS path: 22222 I, validation-state: unverified
                    > to 20.20.20.185 via ge-0/0/47.0
222.222.222.0/24     *[Direct/0] 1d 16:47:35
                    > via vlan.1000
                    [Static/5] 1d 16:47:36
                      Discard
222.222.222.1/32     *[Local/0] 1d 16:47:35
                      Local via vlan.1000
111.111.111.0/24    *[Direct/0] 1d 16:58:10
                    > via vlan.1000
                    [Static/5] 1d 17:01:57
                      Discard
111.111.111.1/32    *[Local/0] 1d 17:08:43
                      Local via vlan.1000
...

 

(this was taken from the live working system, I am just auto-replacing my "real" prefixes and AS numbers with 111s and 222s)

 

Traceroutes confirm that while *inbound* traffic is routed correctly, everything going *out* of my switch always goes through  carrier AS11111, even though the prefix from which I am doing the traceroute was not announced through it.

 

Please let me know if there is anything else I could try.

Routing

Re: Two BGP sessions, issues with gateway

‎02-17-2015 08:35 PM

HI,

As per your ouput I understood you configure the default route towards AS 1111. 

 

Pl change or deactivate the default route and test.

 

For more understand pl share your entire config here.

........
If this worked for you please flag my post as an "Accepted Solution".

Best Regards,
Suresh Mudhireddy
Routing

Re: Two BGP sessions, issues with gateway

‎02-18-2015 10:18 AM

Hi

 

I think you need to understand that when your advertize the BGP routes you are influencing only the incoming traffic and NOT the outing traffic.


@Boomstick wrote:

Here are the outputs:

 

root@switch> show route

inet.0: 42 destinations, 60 routes (42 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0          *[BGP/170] 1d 16:50:03, MED 0, localpref 100
                      AS path: 11111 I, validation-state: unverified
                    > to 10.10.10.153 via ge-0/0/46.0
                    [BGP/170] 00:16:21, localpref 100
                      AS path: 22222 I, validation-state: unverified
                    > to 20.20.20.185 via ge-0/0/47.0
222.222.222.0/24     *[Direct/0] 1d 16:47:35
                    > via vlan.1000
                    [Static/5] 1d 16:47:36
                      Discard
222.222.222.1/32     *[Local/0] 1d 16:47:35
                      Local via vlan.1000
111.111.111.0/24    *[Direct/0] 1d 16:58:10
                    > via vlan.1000
                    [Static/5] 1d 17:01:57
                      Discard
111.111.111.1/32    *[Local/0] 1d 17:08:43
                      Local via vlan.1000
...

 



 

Based on the above snapshot, it appears  the default route has selected AS "11111" as the preferred outgoing path and this may be the reason why you see traceroute always taking this carrier if the traceroute address is using default route.

 

Regards

Surya

Routing

Re: Two BGP sessions, issues with gateway

‎02-18-2015 10:56 AM

I do not have a default route specified anywhere in the configurationi file:

 

routing-options {
    static {
        route 111.111.111.0/24 discard;
        route 222.222.222.0/24 discard;
    }
}

 

However I have just checked:

show route receive-protocol bgp 10.10.10.153

 

inet.0: 41 destinations, 58 routes (41 active, 0 holddown, 0 hidden)
  Prefix                  Nexthop              MED     Lclpref    AS path
* 0.0.0.0/0               10.10.10.153        0                  11111 I

 

So the default route is coming from my upstreams. Does this mean I should bug them about this or I could do something on my end about it?

Routing

Re: Two BGP sessions, issues with gateway

‎02-18-2015 12:52 PM

Hi,

 

The default route is indeed coming from other side as it is a BGP route:

 

0.0.0.0/0          *[BGP/170] 1d 16:50:03, MED 0, localpref 100
                      AS path: 11111 I, validation-state: unverified
                    > to 10.10.10.153 via ge-0/0/46.0
                    [BGP/170] 00:16:21, localpref 100
                      AS path: 22222 I, validation-state: unverified
                    > to 20.20.20.185 via ge-0/0/47.0

 So let me understand the requirement, do you want to load balance the traffic between AS 11111 and 22222 or do you want direct some traffic through AS 11111 and other through AS 22222?

 

If the requirement is to load-balance between these 2 uplinks, then you can modify the BGP config as below to achieve this:

 

protocols {
    bgp {
        group bgp-transit {
            multipath multiple-as;
            neighbor 10.10.10.153 {
                export export_bgp_transit1;
                peer-as 11111;
                local-as 99999;
            }
            neighbor 20.20.20.185 {
                export export_bgp_transit2;
                peer-as 22222;
                local-as 99999;
            }
        }
    }

 

Also don't forget to enable per-packet loading balancing on forwarding-path.

http://www.juniper.net/techpubs/en_US/junos13.2/topics/usage-guidelines/policy-configuring-per-packe...

 

Regards

Surya

Routing

Re: Two BGP sessions, issues with gateway

‎02-18-2015 02:22 PM

Thanks for confirming! I think I now better understand what is going on Smiley Happy

 

My goal is to direct some traffic to AS 11111 and some to AS 22222. More specifically, prefixes I am announcing through AS11111 must be routed to the same AS, and same for AS 22222.

 

 

Routing

Re: Two BGP sessions, issues with gateway

‎02-18-2015 03:07 PM

Ok, then the option is to use filter based forwarding much like the one that I provided in below post

 

http://forums.juniper.net/t5/Routing/Routing-separation-question/td-p/268701

 

Regards

Surya

Routing

Re: Two BGP sessions, issues with gateway

‎02-19-2015 05:55 PM

Is there a way to make use of the existing policy-statement (export_bgp_transit1 in my example) and build an outbound routing table based on that?

Or perhaps I could somehow apply, say, export_bgp_transit1 policy to filter the routes I *receive* from upstream? This way 0.0.0.0/0 would turn into more specific prefixes from export_bgp_transit1/export_bgp_transit2.

Or doing it via routing instances is my only option?