Routing
Highlighted
Routing

Which topology is best with BGP Multihoming on a vMX (conserving routes)

a week ago

I'm doing VRRP for egress so only one router will be a 'master' at a given point in time but I'm peering with two providers.  Which topology tends to make the most sense?  I'm not sure if 'route limits' are counted against the RIB or the FIB but assuming ~800k routes per transit provider would you do.  At some sites I'm using a VMX-1G-ADV which gives 2m routes.

 

1) Topology one.  This puts 2.4m routes in the RIB per router.  One set from carrier A, one from carrier B, one from iBGP.

2) Topology two. This puts 1.6m routes in the RIB, one set from each carrier and I drop iBGP.

3) Topology three. This also puts 1.6m routes int he RIB.  One from a carrier and another from iBGP.  My ingress and egress traffic near balance so I don't like to saturate the inside of my network over the iBGP link if I can avoid it (i.e. VRRP master is R1, best path is through R2)

 

Is there something else that's more recommended?  Such as on R2 just take default route only since R1 should be active "most of the time".

 

Topologies

https://imgur.com/a/Vd7Dqe3

 

3 REPLIES 3
Highlighted
Routing

Betreff: Which topology is best with BGP Multihoming on a vMX (conserving routes)

a week ago

Hello junosuser33,

 

if you really want an active-backup routing scenario, in which Carrier 1 should be always used and Carrier 2 should only be used in case of Carrier 1 is offline, it is absolutely enough that Carrier 1 and 2 just send you a default route by BGP. A full BGP table is only necessary in case of an active-active BGP scenario. Another advantage of default-route only is the faster convergence in case Carrier 1 BGP sessions drops (one route is faster withdrawed than 800k routes).

 

Topology 3 would be absolutely enough and not "overengineered". You can perform traffic engineering by BGP local-pref and as-path prepending to make Carrier 2 a complete backup

 

Topology 2 is not recommended, in such a setup iBGP is necessary.

Topology 1 is too much in my opinion, especially for debugging purposes.

 

We have hundreds of Topology 3 setups and it works like a charm.

--------------------------------------------------

If this solves your problem, please mark this post as "Accepted Solution".
If you think that my answer was helpful, please spend some Kudos.
Highlighted
Routing

Betreff: Which topology is best with BGP Multihoming on a vMX (conserving routes)

[ Edited ]
a week ago

@F1ght3r wrote:

Hello junosuser33,

 

if you really want an active-backup routing scenario, in which Carrier 1 should be always used and Carrier 2 should only be used in case of Carrier 1 is offline, it is absolutely enough that Carrier 1 and 2 just send you a default route by BGP. A full BGP table is only necessary in case of an active-active BGP scenario. Another advantage of default-route only is the faster convergence in case Carrier 1 BGP sessions drops (one route is faster withdrawed than 800k routes).

 

Topology 3 would be absolutely enough and not "overengineered". You can perform traffic engineering by BGP local-pref and as-path prepending to make Carrier 2 a complete backup

 

Topology 2 is not recommended, in such a setup iBGP is necessary.

Topology 1 is too much in my opinion, especially for debugging purposes.

 

We have hundreds of Topology 3 setups and it works like a charm.


Not sure if the default route will work.  I do like getting full routes from each provider especially in remote (non US) locations.  Sometimes one provider will have very bad peering with either the local incumbent or destination sites.  We don't staff a full time traffic engineer so I really want a "set it and forget it" type of approach without manually tuning.  For the most part it seems to work and BGP does it's thing to give me good latency to the destinations through either of the providers.

 

One scenario is we host in several IX locations and sometimes get transit from HE.  Some routes are good to some things, some routes are not.  Same goes for our transit provider.

 

Not sure if the full routes are overkill.  Is it a common strategy to do default route and just take routes for the "big guys" (Facebook, Amazon, Microsoft, etc.) or will it result in a lot of manual traffic engineering?

 

Also what are the thoughts on the "fourth" topology proposed where I do default only on R2 and full routes on R1 w\ IBGP.  Given R1 will be the VRRP master most egress traffic will take that.  This avoids crossing the link due to iBGP in the event the second provder is better.

Highlighted
Routing

Betreff: Which topology is best with BGP Multihoming on a vMX (conserving routes)

a week ago

Please note that a "good" (means least ASN hops) BGP path has nothing to do with RTT values. You can have 300 ms RTT where the destination needs just one AS hop, and 20 ms RTT with five AS hops. That's one of the disadvantages of BGP, there is no RTT policy available.

 

> Is it a common strategy to do default route and just take routes for the "big guys"

> (Facebook, Amazon, Microsoft, etc.) or will it result in a lot of manual traffic engineering?

 

It always depends what you need. To get just the prefixes of the "big guys" is technically possible, but I guess there is no commercial IP upstream provider who will do this. Mostly you can choose between "default-route only" and "full routing table", that's it. You can just configure an inbound as-path filter on your Routers based on the as-path of the "big guys" if really needed.

 

If you really want to have an active-active setup where both IP upstreams are used the same way for outbound traffic, you need to have the full routing table so that the routers can decide where to send it out based on the AS path.

 

> Also what are the thoughts on the "fourth" topology proposed where I do default only on R2 and full routes on R1 w\ IBGP.

 

Actually this is the most useless option. There is no reason to have a full routing table only to get the traffic out of this IP upstream. For traffic engineering, you have to use the BGP well known attributes, like local-preference and as-path prepending.

With these attributes, even with the "default-route only" option for both IP upstreams, you can set Carrier 1 as primary and Carrier 2 as secondary (ingress and egress).

 

Topology 4 is the classical active-backup topology with a "default-route only" setup.

 

So as a summary:

*) You want to use only Carrier 1 until it fails, then use Carrier 2 --> "default-route only" with "local-preference" and if needed "as-path prepending"

*) You want to use Carrier 1 and Carrier 2 at the same time for egress transit --> Full BGP table for both Routers

--------------------------------------------------

If this solves your problem, please mark this post as "Accepted Solution".
If you think that my answer was helpful, please spend some Kudos.