Hi,

I the subnet for each isp BGP uplinks in the same ASN.

I would like to, 2 things:

1. have BGP to set new routes if next-hop comes unavailable.
2. the option to preference which route i would like to use as primary (next-hop) and secondary (qaulified-next-hop)

I have this config which do not failover when pulling the plug for next-hop. 

routing-instance-ISP {
     instance-type virtual-router;
     interface irb.10;
     routing-options {
         static {
             route 0.0.0.0/0 {
                 next-hop 1.2.3.4;
                 qualified-next-hop 2.3.4.5 {
                     preference 275;
                 }
                 preference 270;
             }
         }
         autonomous-system 64000;
     }
     protocols {
         bgp {
             traceoptions {
                 file ISP.log size 1m files 2 world-readable;
                 flag normal;
                 flag update detail disable;
             }
             log-updown;
             import policy-statement-import-alipes-ISP;
             export policy-statement-export-alipes-ISP;
             group ISP-multipath {
                 type external;
                 preference 170;
                 peer-as 1000;
                 neighbor 1.2.3.4;
             }         
             group ISP-multipath-backup {
                 type external;
                 preference 175;
                 peer-as 1000;
                 neighbor 2.3.4.5;
                 }
            }
     }
}

Can you kick-in if this the wrong approach? Thank you. 

/Carsten

I'm not following what you are trying to do with the next hop here.

for an eBGP session the next hop sent to the peer will be the BGP peer itself.
Are you trying to get the active next hop on your configured default route sent?

local preference is about your return route usage for the routes you receive from the peer.
What are you trying to affect here?

Policy you configure will override any global group settings, so what is the content of the import and export policy you have selected?

------------------------------
Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home
------------------------------

Original Message:
Sent: 03-26-2021 10:19
From: Unknown User
Subject: BGP for dual ISP uplink

Hi,

I the subnet for each isp BGP uplinks in the same ASN.

I would like to, 2 things:

1. have BGP to set new routes if next-hop comes unavailable.
2. the option to preference which route i would like to use as primary (next-hop) and secondary (qaulified-next-hop)

I have this config which do not failover when pulling the plug for next-hop. 

routing-instance-ISP {
     instance-type virtual-router;
     interface irb.10;
     routing-options {
         static {
             route 0.0.0.0/0 {
                 next-hop 1.2.3.4;
                 qualified-next-hop 2.3.4.5 {
                     preference 275;
                 }
                 preference 270;
             }
         }
         autonomous-system 64000;
     }
     protocols {
         bgp {
             traceoptions {
                 file ISP.log size 1m files 2 world-readable;
                 flag normal;
                 flag update detail disable;
             }
             log-updown;
             import policy-statement-import-alipes-ISP;
             export policy-statement-export-alipes-ISP;
             group ISP-multipath {
                 type external;
                 preference 170;
                 peer-as 1000;
                 neighbor 1.2.3.4;
             }         
             group ISP-multipath-backup {
                 type external;
                 preference 175;
                 peer-as 1000;
                 neighbor 2.3.4.5;
                 }
            }
     }
}

Can you kick-in if this the wrong approach? Thank you. 

/Carsten

Original Message:
Sent: 3/28/2021 6:11:00 AM
From: spuluka
Subject: RE: BGP for dual ISP uplink

I'm not following what you are trying to do with the next hop here.

for an eBGP session the next hop sent to the peer will be the BGP peer itself.
Are you trying to get the active next hop on your configured default route sent?

local preference is about your return route usage for the routes you receive from the peer.
What are you trying to affect here?

Policy you configure will override any global group settings, so what is the content of the import and export policy you have selected?

------------------------------
Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home
------------------------------

Original Message:
Sent: 03-26-2021 10:19
From: Unknown User
Subject: BGP for dual ISP uplink

Hi,

I the subnet for each isp BGP uplinks in the same ASN.

I would like to, 2 things:

1. have BGP to set new routes if next-hop comes unavailable.
2. the option to preference which route i would like to use as primary (next-hop) and secondary (qaulified-next-hop)

I have this config which do not failover when pulling the plug for next-hop. 

routing-instance-ISP {
     instance-type virtual-router;
     interface irb.10;
     routing-options {
         static {
             route 0.0.0.0/0 {
                 next-hop 1.2.3.4;
                 qualified-next-hop 2.3.4.5 {
                     preference 275;
                 }
                 preference 270;
             }
         }
         autonomous-system 64000;
     }
     protocols {
         bgp {
             traceoptions {
                 file ISP.log size 1m files 2 world-readable;
                 flag normal;
                 flag update detail disable;
             }
             log-updown;
             import policy-statement-import-alipes-ISP;
             export policy-statement-export-alipes-ISP;
             group ISP-multipath {
                 type external;
                 preference 170;
                 peer-as 1000;
                 neighbor 1.2.3.4;
             }         
             group ISP-multipath-backup {
                 type external;
                 preference 175;
                 peer-as 1000;
                 neighbor 2.3.4.5;
                 }
            }
     }
}

Can you kick-in if this the wrong approach? Thank you. 

/Carsten

I'm on-board with Steve, but here's some additional thoughts. BGP is a routing protocol. it advertises routes (sends them to neighbors) and it receives routes (processes advertised routes received from neighbors).

Per item 1: If you advertise the same routes to both neighbors, typically you can control preference of path used for inbound traffic by advertising a metric and/or by prepending your advertisements. For outbound preference, if you want an active/passive situation, then set the local preference to a higher value on the prefered neighbor.

Per item 2: If only 1 link is working, I'm sure you want to use that link for both ingress and egress traffic. I'm sure you mean how do you control which link is used durring an outage. If either link goes down, the other link becomes the only path and the routes become active (if they weren't already active.

Hope this helps. Please  let me know if you still have questions.

------------------------------
Brian Johnson
------------------------------

Original Message:
Sent: 03-28-2021 06:22
From: Unknown User
Subject: BGP for dual ISP uplink

Hi Steve,

 

Thanks for sharing your thoughts and your time.

 

I have two uplinks to our ISP. BGPe is established to both peers. I'm trying to setup:

 

1. Redundance. So if one uplink goes down, the other one takes over and the connection is still usable.

 

2. When 1 is working I would like to be able to choose which uplink used as primary – if it possible to preference this.

 

/Carsten

 

 

Original Message:
Sent: 3/28/2021 6:11:00 AM
From: spuluka
Subject: RE: BGP for dual ISP uplink

I'm not following what you are trying to do with the next hop here.

for an eBGP session the next hop sent to the peer will be the BGP peer itself.
Are you trying to get the active next hop on your configured default route sent?

local preference is about your return route usage for the routes you receive from the peer.
What are you trying to affect here?

Policy you configure will override any global group settings, so what is the content of the import and export policy you have selected?

------------------------------
Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home

Original Message:
Sent: 03-26-2021 10:19
From: Unknown User
Subject: BGP for dual ISP uplink

Hi,

I the subnet for each isp BGP uplinks in the same ASN.

I would like to, 2 things:

1. have BGP to set new routes if next-hop comes unavailable.
2. the option to preference which route i would like to use as primary (next-hop) and secondary (qaulified-next-hop)

I have this config which do not failover when pulling the plug for next-hop. 

routing-instance-ISP {
     instance-type virtual-router;
     interface irb.10;
     routing-options {
         static {
             route 0.0.0.0/0 {
                 next-hop 1.2.3.4;
                 qualified-next-hop 2.3.4.5 {
                     preference 275;
                 }
                 preference 270;
             }
         }
         autonomous-system 64000;
     }
     protocols {
         bgp {
             traceoptions {
                 file ISP.log size 1m files 2 world-readable;
                 flag normal;
                 flag update detail disable;
             }
             log-updown;
             import policy-statement-import-alipes-ISP;
             export policy-statement-export-alipes-ISP;
             group ISP-multipath {
                 type external;
                 preference 170;
                 peer-as 1000;
                 neighbor 1.2.3.4;
             }         
             group ISP-multipath-backup {
                 type external;
                 preference 175;
                 peer-as 1000;
                 neighbor 2.3.4.5;
                 }
            }
     }
}

Can you kick-in if this the wrong approach? Thank you. 

/Carsten

Hi,

Thank you for your time too Brian. Well i dont understand that the connection is functioning:

So I made a config like this:

routing-instance-ISP {
     instance-type virtual-router;
     interface irb.10;
     routing-options {
         autonomous-system 64000;
     }
     protocols {
         bgp {
             traceoptions {
                 file ISP.log size 1m files 2 world-readable;
                 flag normal;
                 flag update detail disable;
             }
             log-updown;
             import policy-statement-import-alipes-ISP;
             export policy-statement-export-alipes-ISP;
             group ISP-multipath {
                 type external;
                 multipath;
                 peer-as 1000;
                 neighbor 86.119.11.8/31;
                 neighbor 86.119.44.62/31;
                 }
            }
     }
}



irb {
     unit 10 {
         family inet {
             filter {
                             input trusted-servers;
                         }
                             address xxx.xxx.xxx.xxx/27;
                             address 86.119.11.9/31;
                             address 86.119.44.63/31;
                         }
             }




interfaces {
     xe-0/0/0 {
         description "ISP - Internet";
         unit 0 {
                     family ethernet-switching {
         vlan {
                     members internet;
                     }
             }
      }
}
xe-0/0/1 {
     description "ISP - Internet backup";
         unit 0 {
             family ethernet-switching {
                 vlan {
                                 members internet;
                             }
                 }
         }
}

If i disable xe-0/0/0, then xe-0/0/1 should provide connection. But it does not. Routes are showing the correct routes but no connection. BGP holdtime and keepalive are default  90 / 30.  What am i missing? Thank you.

//Carsten
Original Message:
Sent: 03-28-2021 13:51
From: Brian Johnson
Subject: BGP for dual ISP uplink

I'm on-board with Steve, but here's some additional thoughts. BGP is a routing protocol. it advertises routes (sends them to neighbors) and it receives routes (processes advertised routes received from neighbors).

Per item 1: If you advertise the same routes to both neighbors, typically you can control preference of path used for inbound traffic by advertising a metric and/or by prepending your advertisements. For outbound preference, if you want an active/passive situation, then set the local preference to a higher value on the prefered neighbor.

Per item 2: If only 1 link is working, I'm sure you want to use that link for both ingress and egress traffic. I'm sure you mean how do you control which link is used durring an outage. If either link goes down, the other link becomes the only path and the routes become active (if they weren't already active.

Hope this helps. Please  let me know if you still have questions.

------------------------------
Brian Johnson

Original Message:
Sent: 03-28-2021 06:22
From: Unknown User
Subject: BGP for dual ISP uplink

Hi Steve,

 

Thanks for sharing your thoughts and your time.

 

I have two uplinks to our ISP. BGPe is established to both peers. I'm trying to setup:

 

1. Redundance. So if one uplink goes down, the other one takes over and the connection is still usable.

 

2. When 1 is working I would like to be able to choose which uplink used as primary – if it possible to preference this.

 

/Carsten

 

 

Original Message:
Sent: 3/28/2021 6:11:00 AM
From: spuluka
Subject: RE: BGP for dual ISP uplink

I'm not following what you are trying to do with the next hop here.

for an eBGP session the next hop sent to the peer will be the BGP peer itself.
Are you trying to get the active next hop on your configured default route sent?

local preference is about your return route usage for the routes you receive from the peer.
What are you trying to affect here?

Policy you configure will override any global group settings, so what is the content of the import and export policy you have selected?

------------------------------
Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home

Original Message:
Sent: 03-26-2021 10:19
From: Unknown User
Subject: BGP for dual ISP uplink

Hi,

I the subnet for each isp BGP uplinks in the same ASN.

I would like to, 2 things:

1. have BGP to set new routes if next-hop comes unavailable.
2. the option to preference which route i would like to use as primary (next-hop) and secondary (qaulified-next-hop)

I have this config which do not failover when pulling the plug for next-hop. 

routing-instance-ISP {
     instance-type virtual-router;
     interface irb.10;
     routing-options {
         static {
             route 0.0.0.0/0 {
                 next-hop 1.2.3.4;
                 qualified-next-hop 2.3.4.5 {
                     preference 275;
                 }
                 preference 270;
             }
         }
         autonomous-system 64000;
     }
     protocols {
         bgp {
             traceoptions {
                 file ISP.log size 1m files 2 world-readable;
                 flag normal;
                 flag update detail disable;
             }
             log-updown;
             import policy-statement-import-alipes-ISP;
             export policy-statement-export-alipes-ISP;
             group ISP-multipath {
                 type external;
                 preference 170;
                 peer-as 1000;
                 neighbor 1.2.3.4;
             }         
             group ISP-multipath-backup {
                 type external;
                 preference 175;
                 peer-as 1000;
                 neighbor 2.3.4.5;
                 }
            }
     }
}

Can you kick-in if this the wrong approach? Thank you. 

/Carsten

This is not what I would consider to be a very standard design. Start with using the interface for the IP termination. This will cause the neighbor to go down when the interface drops.

interfaces {
    xe-0/0/0 {
        description "ISP - Internet";
        unit 0 {
            family inet {
                address 86.119.11.9/31;
            }
        }
    }
    xe-0/0/1 {
        description "ISP - Internet backup";
        unit 0 {
            family inet {
                address 86.119.44.63/31;
            }
        }
    }
}

Since i do not see your import or export policy, I'm not sure if that is causing you issues or not. Be sure to reference the physical interfaces in your routing instance if you make this change.

------------------------------
Brian Johnson
------------------------------

Original Message:
Sent: 03-29-2021 08:36
From: Unknown User
Subject: BGP for dual ISP uplink

Hi,

Thank you for your time too Brian. Well i dont understand that the connection is functioning:

So I made a config like this:

routing-instance-ISP {
     instance-type virtual-router;
     interface irb.10;
     routing-options {
         autonomous-system 64000;
     }
     protocols {
         bgp {
             traceoptions {
                 file ISP.log size 1m files 2 world-readable;
                 flag normal;
                 flag update detail disable;
             }
             log-updown;
             import policy-statement-import-alipes-ISP;
             export policy-statement-export-alipes-ISP;
             group ISP-multipath {
                 type external;
                 multipath;
                 peer-as 1000;
                 neighbor 86.119.11.8/31;
                 neighbor 86.119.44.62/31;
                 }
            }
     }
}



irb {
     unit 10 {
         family inet {
             filter {
                             input trusted-servers;
                         }
                             address xxx.xxx.xxx.xxx/27;
                             address 86.119.11.9/31;
                             address 86.119.44.63/31;
                         }
             }




interfaces {
     xe-0/0/0 {
         description "ISP - Internet";
         unit 0 {
                     family ethernet-switching {
         vlan {
                     members internet;
                     }
             }
      }
}
xe-0/0/1 {
     description "ISP - Internet backup";
         unit 0 {
             family ethernet-switching {
                 vlan {
                                 members internet;
                             }
                 }
         }
}

If i disable xe-0/0/0, then xe-0/0/1 should provide connection. But it does not. Routes are showing the correct routes but no connection. BGP holdtime and keepalive are default  90 / 30.  What am i missing? Thank you.

//Carsten
Original Message:
Sent: 03-28-2021 13:51
From: Brian Johnson
Subject: BGP for dual ISP uplink

I'm on-board with Steve, but here's some additional thoughts. BGP is a routing protocol. it advertises routes (sends them to neighbors) and it receives routes (processes advertised routes received from neighbors).

Per item 1: If you advertise the same routes to both neighbors, typically you can control preference of path used for inbound traffic by advertising a metric and/or by prepending your advertisements. For outbound preference, if you want an active/passive situation, then set the local preference to a higher value on the prefered neighbor.

Per item 2: If only 1 link is working, I'm sure you want to use that link for both ingress and egress traffic. I'm sure you mean how do you control which link is used durring an outage. If either link goes down, the other link becomes the only path and the routes become active (if they weren't already active.

Hope this helps. Please  let me know if you still have questions.

------------------------------
Brian Johnson

Original Message:
Sent: 03-28-2021 06:22
From: Unknown User
Subject: BGP for dual ISP uplink

Hi Steve,

 

Thanks for sharing your thoughts and your time.

 

I have two uplinks to our ISP. BGPe is established to both peers. I'm trying to setup:

 

1. Redundance. So if one uplink goes down, the other one takes over and the connection is still usable.

 

2. When 1 is working I would like to be able to choose which uplink used as primary – if it possible to preference this.

 

/Carsten

 

 

Original Message:
Sent: 3/28/2021 6:11:00 AM
From: spuluka
Subject: RE: BGP for dual ISP uplink

I'm not following what you are trying to do with the next hop here.

for an eBGP session the next hop sent to the peer will be the BGP peer itself.
Are you trying to get the active next hop on your configured default route sent?

local preference is about your return route usage for the routes you receive from the peer.
What are you trying to affect here?

Policy you configure will override any global group settings, so what is the content of the import and export policy you have selected?

------------------------------
Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home

Original Message:
Sent: 03-26-2021 10:19
From: Unknown User
Subject: BGP for dual ISP uplink

Hi,

I the subnet for each isp BGP uplinks in the same ASN.

I would like to, 2 things:

1. have BGP to set new routes if next-hop comes unavailable.
2. the option to preference which route i would like to use as primary (next-hop) and secondary (qaulified-next-hop)

I have this config which do not failover when pulling the plug for next-hop. 

routing-instance-ISP {
     instance-type virtual-router;
     interface irb.10;
     routing-options {
         static {
             route 0.0.0.0/0 {
                 next-hop 1.2.3.4;
                 qualified-next-hop 2.3.4.5 {
                     preference 275;
                 }
                 preference 270;
             }
         }
         autonomous-system 64000;
     }
     protocols {
         bgp {
             traceoptions {
                 file ISP.log size 1m files 2 world-readable;
                 flag normal;
                 flag update detail disable;
             }
             log-updown;
             import policy-statement-import-alipes-ISP;
             export policy-statement-export-alipes-ISP;
             group ISP-multipath {
                 type external;
                 preference 170;
                 peer-as 1000;
                 neighbor 1.2.3.4;
             }         
             group ISP-multipath-backup {
                 type external;
                 preference 175;
                 peer-as 1000;
                 neighbor 2.3.4.5;
                 }
            }
     }
}

Can you kick-in if this the wrong approach? Thank you. 

/Carsten

BTW. I am guessing on what IP goes on which interface... 😉

------------------------------
Brian Johnson
------------------------------

Original Message:
Sent: 03-29-2021 08:51
From: Brian Johnson
Subject: BGP for dual ISP uplink

This is not what I would consider to be a very standard design. Start with using the interface for the IP termination. This will cause the neighbor to go down when the interface drops.

interfaces {
    xe-0/0/0 {
        description "ISP - Internet";
        unit 0 {
            family inet {
                address 86.119.11.9/31;
            }
        }
    }
    xe-0/0/1 {
        description "ISP - Internet backup";
        unit 0 {
            family inet {
                address 86.119.44.63/31;
            }
        }
    }
}

Since i do not see your import or export policy, I'm not sure if that is causing you issues or not. Be sure to reference the physical interfaces in your routing instance if you make this change.

------------------------------
Brian Johnson

Original Message:
Sent: 03-29-2021 08:36
From: Unknown User
Subject: BGP for dual ISP uplink

Hi,

Thank you for your time too Brian. Well i dont understand that the connection is functioning:

So I made a config like this:

routing-instance-ISP {
     instance-type virtual-router;
     interface irb.10;
     routing-options {
         autonomous-system 64000;
     }
     protocols {
         bgp {
             traceoptions {
                 file ISP.log size 1m files 2 world-readable;
                 flag normal;
                 flag update detail disable;
             }
             log-updown;
             import policy-statement-import-alipes-ISP;
             export policy-statement-export-alipes-ISP;
             group ISP-multipath {
                 type external;
                 multipath;
                 peer-as 1000;
                 neighbor 86.119.11.8/31;
                 neighbor 86.119.44.62/31;
                 }
            }
     }
}



irb {
     unit 10 {
         family inet {
             filter {
                             input trusted-servers;
                         }
                             address xxx.xxx.xxx.xxx/27;
                             address 86.119.11.9/31;
                             address 86.119.44.63/31;
                         }
             }




interfaces {
     xe-0/0/0 {
         description "ISP - Internet";
         unit 0 {
                     family ethernet-switching {
         vlan {
                     members internet;
                     }
             }
      }
}
xe-0/0/1 {
     description "ISP - Internet backup";
         unit 0 {
             family ethernet-switching {
                 vlan {
                                 members internet;
                             }
                 }
         }
}

If i disable xe-0/0/0, then xe-0/0/1 should provide connection. But it does not. Routes are showing the correct routes but no connection. BGP holdtime and keepalive are default  90 / 30.  What am i missing? Thank you.

//Carsten
Original Message:
Sent: 03-28-2021 13:51
From: Brian Johnson
Subject: BGP for dual ISP uplink

I'm on-board with Steve, but here's some additional thoughts. BGP is a routing protocol. it advertises routes (sends them to neighbors) and it receives routes (processes advertised routes received from neighbors).

Per item 1: If you advertise the same routes to both neighbors, typically you can control preference of path used for inbound traffic by advertising a metric and/or by prepending your advertisements. For outbound preference, if you want an active/passive situation, then set the local preference to a higher value on the prefered neighbor.

Per item 2: If only 1 link is working, I'm sure you want to use that link for both ingress and egress traffic. I'm sure you mean how do you control which link is used durring an outage. If either link goes down, the other link becomes the only path and the routes become active (if they weren't already active.

Hope this helps. Please  let me know if you still have questions.

------------------------------
Brian Johnson

Original Message:
Sent: 03-28-2021 06:22
From: Unknown User
Subject: BGP for dual ISP uplink

Hi Steve,

 

Thanks for sharing your thoughts and your time.

 

I have two uplinks to our ISP. BGPe is established to both peers. I'm trying to setup:

 

1. Redundance. So if one uplink goes down, the other one takes over and the connection is still usable.

 

2. When 1 is working I would like to be able to choose which uplink used as primary – if it possible to preference this.

 

/Carsten

 

 

Original Message:
Sent: 3/28/2021 6:11:00 AM
From: spuluka
Subject: RE: BGP for dual ISP uplink

I'm not following what you are trying to do with the next hop here.

for an eBGP session the next hop sent to the peer will be the BGP peer itself.
Are you trying to get the active next hop on your configured default route sent?

local preference is about your return route usage for the routes you receive from the peer.
What are you trying to affect here?

Policy you configure will override any global group settings, so what is the content of the import and export policy you have selected?

------------------------------
Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home

Original Message:
Sent: 03-26-2021 10:19
From: Unknown User
Subject: BGP for dual ISP uplink

Hi,

I the subnet for each isp BGP uplinks in the same ASN.

I would like to, 2 things:

1. have BGP to set new routes if next-hop comes unavailable.
2. the option to preference which route i would like to use as primary (next-hop) and secondary (qaulified-next-hop)

I have this config which do not failover when pulling the plug for next-hop. 

routing-instance-ISP {
     instance-type virtual-router;
     interface irb.10;
     routing-options {
         static {
             route 0.0.0.0/0 {
                 next-hop 1.2.3.4;
                 qualified-next-hop 2.3.4.5 {
                     preference 275;
                 }
                 preference 270;
             }
         }
         autonomous-system 64000;
     }
     protocols {
         bgp {
             traceoptions {
                 file ISP.log size 1m files 2 world-readable;
                 flag normal;
                 flag update detail disable;
             }
             log-updown;
             import policy-statement-import-alipes-ISP;
             export policy-statement-export-alipes-ISP;
             group ISP-multipath {
                 type external;
                 preference 170;
                 peer-as 1000;
                 neighbor 1.2.3.4;
             }         
             group ISP-multipath-backup {
                 type external;
                 preference 175;
                 peer-as 1000;
                 neighbor 2.3.4.5;
                 }
            }
     }
}

Can you kick-in if this the wrong approach? Thank you. 

/Carsten

Original Message:
Sent: 3/29/2021 8:54:00 AM
From: Brian Johnson
Subject: RE: BGP for dual ISP uplink

BTW. I am guessing on what IP goes on which interface... 😉

------------------------------
Brian Johnson
------------------------------

Original Message:
Sent: 03-29-2021 08:51
From: Brian Johnson
Subject: BGP for dual ISP uplink

This is not what I would consider to be a very standard design. Start with using the interface for the IP termination. This will cause the neighbor to go down when the interface drops.

interfaces {
    xe-0/0/0 {
        description "ISP - Internet";
        unit 0 {
            family inet {
                address 86.119.11.9/31;
            }
        }
    }
    xe-0/0/1 {
        description "ISP - Internet backup";
        unit 0 {
            family inet {
                address 86.119.44.63/31;
            }
        }
    }
}

Since i do not see your import or export policy, I'm not sure if that is causing you issues or not. Be sure to reference the physical interfaces in your routing instance if you make this change.

------------------------------
Brian Johnson

Original Message:
Sent: 03-29-2021 08:36
From: Unknown User
Subject: BGP for dual ISP uplink

Hi,

Thank you for your time too Brian. Well i dont understand that the connection is functioning:

So I made a config like this:

routing-instance-ISP {
     instance-type virtual-router;
     interface irb.10;
     routing-options {
         autonomous-system 64000;
     }
     protocols {
         bgp {
             traceoptions {
                 file ISP.log size 1m files 2 world-readable;
                 flag normal;
                 flag update detail disable;
             }
             log-updown;
             import policy-statement-import-alipes-ISP;
             export policy-statement-export-alipes-ISP;
             group ISP-multipath {
                 type external;
                 multipath;
                 peer-as 1000;
                 neighbor 86.119.11.8/31;
                 neighbor 86.119.44.62/31;
                 }
            }
     }
}



irb {
     unit 10 {
         family inet {
             filter {
                             input trusted-servers;
                         }
                             address xxx.xxx.xxx.xxx/27;
                             address 86.119.11.9/31;
                             address 86.119.44.63/31;
                         }
             }




interfaces {
     xe-0/0/0 {
         description "ISP - Internet";
         unit 0 {
                     family ethernet-switching {
         vlan {
                     members internet;
                     }
             }
      }
}
xe-0/0/1 {
     description "ISP - Internet backup";
         unit 0 {
             family ethernet-switching {
                 vlan {
                                 members internet;
                             }
                 }
         }
}

If i disable xe-0/0/0, then xe-0/0/1 should provide connection. But it does not. Routes are showing the correct routes but no connection. BGP holdtime and keepalive are default  90 / 30.  What am i missing? Thank you.

//Carsten
Original Message:
Sent: 03-28-2021 13:51
From: Brian Johnson
Subject: BGP for dual ISP uplink

I'm on-board with Steve, but here's some additional thoughts. BGP is a routing protocol. it advertises routes (sends them to neighbors) and it receives routes (processes advertised routes received from neighbors).

Per item 1: If you advertise the same routes to both neighbors, typically you can control preference of path used for inbound traffic by advertising a metric and/or by prepending your advertisements. For outbound preference, if you want an active/passive situation, then set the local preference to a higher value on the prefered neighbor.

Per item 2: If only 1 link is working, I'm sure you want to use that link for both ingress and egress traffic. I'm sure you mean how do you control which link is used durring an outage. If either link goes down, the other link becomes the only path and the routes become active (if they weren't already active.

Hope this helps. Please  let me know if you still have questions.

------------------------------
Brian Johnson

Original Message:
Sent: 03-28-2021 06:22
From: Unknown User
Subject: BGP for dual ISP uplink




Original Message:
Sent: 3/28/2021 6:11:00 AM
From: spuluka
Subject: RE: BGP for dual ISP uplink

I'm not following what you are trying to do with the next hop here.

for an eBGP session the next hop sent to the peer will be the BGP peer itself.
Are you trying to get the active next hop on your configured default route sent?

local preference is about your return route usage for the routes you receive from the peer.
What are you trying to affect here?

Policy you configure will override any global group settings, so what is the content of the import and export policy you have selected?

------------------------------
Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home

Original Message:
Sent: 03-26-2021 10:19
From: Unknown User
Subject: BGP for dual ISP uplink

Hi,

I the subnet for each isp BGP uplinks in the same ASN.

I would like to, 2 things:

1. have BGP to set new routes if next-hop comes unavailable.
2. the option to preference which route i would like to use as primary (next-hop) and secondary (qaulified-next-hop)

I have this config which do not failover when pulling the plug for next-hop. 

routing-instance-ISP {
     instance-type virtual-router;
     interface irb.10;
     routing-options {
         static {
             route 0.0.0.0/0 {
                 next-hop 1.2.3.4;
                 qualified-next-hop 2.3.4.5 {
                     preference 275;
                 }
                 preference 270;
             }
         }
         autonomous-system 64000;
     }
     protocols {
         bgp {
             traceoptions {
                 file ISP.log size 1m files 2 world-readable;
                 flag normal;
                 flag update detail disable;
             }
             log-updown;
             import policy-statement-import-alipes-ISP;
             export policy-statement-export-alipes-ISP;
             group ISP-multipath {
                 type external;
                 preference 170;
                 peer-as 1000;
                 neighbor 1.2.3.4;
             }         
             group ISP-multipath-backup {
                 type external;
                 preference 175;
                 peer-as 1000;
                 neighbor 2.3.4.5;
                 }
            }
     }
}

Can you kick-in if this the wrong approach? Thank you. 

/Carsten

Hi,

I edited the config, ip inet  directly on interfaces, as you desribed as follows:

routing-instance-ISP {
          instance-type virtual-router;
          interface xe-0/0/0;
          interface xe-0/0/1;
           routing-options {
                    static {
                            route 0.0.0.0/0 {
                                    next-hop 1.2.3.4;
                                      qualified-next-hop 2.3.4.5 {
                                               preference 275;
                                      }
                                      preference 270;
                             }
                    }
                   autonomous-system 64000;
          }
          protocols {
                   bgp {
                            traceoptions {
                                     file ISP.log size 1m files 2 world-readable;
                                     flag normal;
                                     flag update detail disable;
                            }
                            log-updown;
                            import policy-statement-import-alipes-ISP;
                            export policy-statement-export-alipes-ISP;
                            group ISP-multipath {
                                     type external;
                                     preference 170;
                                     peer-as 1000;
                                     neighbor 1.2.3.4;
                            }
                            group ISP-multipath-backup {
                                     type external;
                                     preference 175;
                                     peer-as 1000;
                                     neighbor 2.3.4.5;
                                     }
                            }
                   }
          }

When disabling xe-0/0/0 internet connection fails,
When disabling xe-0/0/1 internet connection is up.

How would you write this? with or without preferences, static routes etc, just like you would prefer it?

Thank you.

I appriciate your time.

//Carsten
Original Message:
Sent: 03-28-2021 13:51
From: Brian Johnson
Subject: BGP for dual ISP uplink

I'm on-board with Steve, but here's some additional thoughts. BGP is a routing protocol. it advertises routes (sends them to neighbors) and it receives routes (processes advertised routes received from neighbors).

Per item 1: If you advertise the same routes to both neighbors, typically you can control preference of path used for inbound traffic by advertising a metric and/or by prepending your advertisements. For outbound preference, if you want an active/passive situation, then set the local preference to a higher value on the prefered neighbor.

Per item 2: If only 1 link is working, I'm sure you want to use that link for both ingress and egress traffic. I'm sure you mean how do you control which link is used durring an outage. If either link goes down, the other link becomes the only path and the routes become active (if they weren't already active.

Hope this helps. Please  let me know if you still have questions.

------------------------------
Brian Johnson

Original Message:
Sent: 03-28-2021 06:22
From: Unknown User
Subject: BGP for dual ISP uplink

Hi Steve,

 

Thanks for sharing your thoughts and your time.

 

I have two uplinks to our ISP. BGPe is established to both peers. I'm trying to setup:

 

1. Redundance. So if one uplink goes down, the other one takes over and the connection is still usable.

 

2. When 1 is working I would like to be able to choose which uplink used as primary – if it possible to preference this.

 

/Carsten

 

 

Original Message:
Sent: 3/28/2021 6:11:00 AM
From: spuluka
Subject: RE: BGP for dual ISP uplink

I'm not following what you are trying to do with the next hop here.

for an eBGP session the next hop sent to the peer will be the BGP peer itself.
Are you trying to get the active next hop on your configured default route sent?

local preference is about your return route usage for the routes you receive from the peer.
What are you trying to affect here?

Policy you configure will override any global group settings, so what is the content of the import and export policy you have selected?

------------------------------
Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home

Original Message:
Sent: 03-26-2021 10:19
From: Unknown User
Subject: BGP for dual ISP uplink

Hi,

I the subnet for each isp BGP uplinks in the same ASN.

I would like to, 2 things:

1. have BGP to set new routes if next-hop comes unavailable.
2. the option to preference which route i would like to use as primary (next-hop) and secondary (qaulified-next-hop)

I have this config which do not failover when pulling the plug for next-hop. 

routing-instance-ISP {
     instance-type virtual-router;
     interface irb.10;
     routing-options {
         static {
             route 0.0.0.0/0 {
                 next-hop 1.2.3.4;
                 qualified-next-hop 2.3.4.5 {
                     preference 275;
                 }
                 preference 270;
             }
         }
         autonomous-system 64000;
     }
     protocols {
         bgp {
             traceoptions {
                 file ISP.log size 1m files 2 world-readable;
                 flag normal;
                 flag update detail disable;
             }
             log-updown;
             import policy-statement-import-alipes-ISP;
             export policy-statement-export-alipes-ISP;
             group ISP-multipath {
                 type external;
                 preference 170;
                 peer-as 1000;
                 neighbor 1.2.3.4;
             }         
             group ISP-multipath-backup {
                 type external;
                 preference 175;
                 peer-as 1000;
                 neighbor 2.3.4.5;
                 }
            }
     }
}

Can you kick-in if this the wrong approach? Thank you. 

/Carsten