Using BGP to Prefer One Path Over Another
You need redundancy. You wanted two dedicated satellite shots, but your submission came back one dedicated (FDMA), one shared (TDMA). To make things slightly worse, they are to two different STEPs (service providers). If you find yourself in this scenario, there are a couple of things you need to consider:
- How do I want to route outbound traffic?
- How do I want to route inbound traffic?
- Does any of my traffic have special requirements (latency, jitter, etc.)?
You will end up needing to make your own decision on how you do this, but I ended up using FDMA as the primary path, and TDMA as a secondary (or standby) path. With an IGP like EIGRP or OSPF, this would be really easy, set the bandwidths appropriately and you are good. You still want to set your bandwidth accordingly because that will affect your QoS configurations, but BGP does not consider bandwidth in it’s path decision making process. If you are new to BGP, you will find out there are almost always multiple ways to accomplish a given task. I’ll show you one way to accomplish this task, but keep in mind there are several ways to do this.
Before we talk about how to accomplish this, here’s a quick look at the small lab I put together for this:
In the topology above, R1 is the router at our site. R2 is the STEP1 router (which uses TDMA) and R3 is the STEP2 router (which uses FDMA). I advertised a loopback from R1 (1.1.1.1/32) and from R2 (2.2.2.2/32). Each STEP router is also advertising a default route. When you configure everything and just leave all of the defaults, the routing table (for R1) will look like this:
In case you do not have a lot of experience with BGP, the “*” is a path that is valid (meaning the next-hop ip is reachable). The “>” represents the path among the valid paths that is deemed the “best path”, and therefore installed in the routing table. The output above shows two different ways to reach the default route (0.0.0.0/0), one through STEP2 (which is valid, but not best) and one through STEP1 (which is valid AND best). This means without any modification, ALL of your outbound traffic will use the TDMA path, and none will use the FDMA path, unless the TDMA path goes down. TDMA is a shared medium that operates at half duplex, and this would not be the preferred way to route your traffic. The preferred configuration would be to prefer STEP2, and use STEP1 as a backup. You could accomplish this in a myriad of ways, but I will show you a more granular way to accomplish this, so that in the future if you need to split your traffic, you can do that at a later time.
In the graphic above, I’ve created two different route-maps. Depending on how you apply the route-maps, you will have different results. Route-maps use a “match” and “set” system. If you do not specify a “match” statement, it assumes you want to match everything. Using this logic, applying the route-map for STEP1 will set the local-preference of routes learned from STEP1 to 100 and the routes learned from STEP2 to 200. Think of your router’s selection process for local-preference as if you are picking offensive lineman (the bigger the better).
To apply the route-maps we wrote, you simply enter your BGP process and assign the route-maps to a given neighbor as seen above. The portion of the command you cannot see is “neighbor <ip address of your neighbor>”. In this case, we want to set the local-preference as the routes come in from our two STEPs. ***Be careful with “clear ip bgp *” as this will drop all of your neighbor relationships (and you will lose all your BGP learned routes), there are better commands to use in production environments***
After waiting a couple of minutes to re-learn the routes with the newly applied route-map, you can see that my best path to the default-route is now through STEP2. STEP1 is still a valid path, so in the event STEP2 (FDMA) goes down, we can transition over to STEP1 (TDMA).
Our outbound routing is taken care of, but what about our inbound routing? BGP does not communicate to our different STEPs to let them know we are now using STEP2 over STEP1. Each router will make it’s own determination of how it wants to route traffic, which could very well lead to all of our traffic leaving our AS through FDMA and returning through TDMA. Given the majority of our bandwidth utilization will be inbound traffic, this would have a large impact on our network performance. Additionally, local-preference cannot be passed to another AS. This is because it is a well-known discretionary attribute of BGP (the abbreviated explanation of this is local-preference is not allowed to be passed over eBGP messages, like the ones from us to our STEPs).
The most popular way we influence inbound traffic is to use a tool called AS-path prepending. This artificially lengthens the path of autonomous systems for one of your paths. You can see from the graphic above that we will again use a route-map to accomplish this task. If you remember from the previous section, our AS is 65000. The route-map above prepends, or inserts, our AS in three additional times, making the AS path longer, and therefore less desirable.
This time instead of applying this to routes we learned from our respective STEPs (applying “in”) we want to apply this to the networks we advertise to the world, so it needs to be applied “out”.
You can see from the above outputs that our routes advertised to STEP1 have all been prepended with three additional outputs of our AS, and the paths advertised to STEP2 are un-affected. We want it to appear more difficult to reach our routes by going through STEP1, so people will try to reach us through STEP2 (which is our faster connection).
BGP is very complicated and takes a good bit of practice to get right. There are a good number of BGP best practices that are not incorporated into this post because it would just end up being so long no one would read it all. Please make sure if you are not absolutely sure about your BGP configs to run them through someone with a good amount of BGP experience.