Posts Tagged ‘JUNIPER’

BGP Multihome and my fluic condition :|

October 5, 2008

So finally i made up my mind to finish up an old research i was working on – this to multihome with two ISP between two different locations.

I ended up waking around 4 AM in the morning due to my flu and then thought to use my time for this task.

As many people end up with questions and problem and dream to achieve it without any issues, i’m gonna post out the details .

Task Details:

Subnet : 2x.1x.2x.0/23 needs to be advertised via two ISP for redundancy between datacenters.

 

Upstream providers:

Global Crossings, Level 3

I’m assuming following steps has been followed already before configurations:

Step – 1 : would be to own and register a public ASN

Step – 2: would be to talk with both upstream providers and get appropriate filters updated so that you can advertise your IP block as you want on both providers. Some ISP’s dont allow to go under /24 – ideally in filters i would break a /23 like below:

  • 2x.1x.2x.0/23
  • 2x.1x.2×1.0/24
  • 2x.1x.2×2.0/24

This way you have two options,

  1. Redundancy by prepaending AS PATH
  2. Load-balancing by subneting and advertising more specifics

– Scenario:

 

Both routers needs to run IGP between, my personal prefference is EIGRP which is NOT COMPLEX and is MORE FLEXIBLE than running OSPF 🙂 (i beg to differ)

As both routers are not connected directly, but have IP routing internall, i have made up a GRE IP to IP Tunnel between both routers:

Philadelphia Router:

interface Tunnel9999
 description %TUNNEL TO LEVEL3 DIA ROUTER%
 ip address 192.168.192.1 255.255.255.252
 ip tcp adjust-mss 1436
 ip summary-address eigrp 1 0.0.0.0 0.0.0.0 250
 keepalive 10 3
 tunnel source 10.x.x.x
 tunnel destination 10.x.x.x
end

Pittsburgh Router:

interface Tunnel9999
 description %TUNNEL TO GBLX DIA ROUTER%
 ip address 192.168.192.2 255.255.255.252
 ip tcp adjust-mss 1436
 ip summary-address eigrp 1 0.0.0.0 0.0.0.0 250
 keepalive 10 3
 tunnel source 10.x.x.x
 tunnel destination 10.x.x.x
end

 

EIGRP Configs:

Philadelphia Router:

router eigrp 1
 passive-interface default
 no passive-interface Tunnel9999
 network 192.168.192.0 0.0.0.3
 no auto-summary
 eigrp router-id 10.x.x.x
 eigrp stub connected
!

Pittsburgh Router:

router eigrp 1
 passive-interface default
 no passive-interface Tunnel9999
 network 192.168.192.0 0.0.0.3
 no auto-summary
 eigrp router-id 10.x.x.x
 eigrp stub connected
!

I’ll post out the BGP configs in another post as can’t any more. Current challenge i have to cover is the ICMP/TRACEROUTE requests which are being tagged by 192.168.192.x address when primary ISP is down and traffic is routed from Level3 over to Philadelphia by GRE Tunnel. Its a bit complex and requires a debugging. Good practice is to always make a very specific ACL and use it for debugging instead of open debugging as your router will immediately sieze it self in processing DEBUG messages and you would end up loosing connection.

Following is my output:

*Oct  5 01:39:43.526: IP: s=2x.2x.1x.1x (Tunnel9999), d=2x.1x.2x.1, len 28, rcvd 0
*Oct  5 01:39:43.526:     UDP src=49862, dst=33482
*Oct  5 01:39:43.526: IP: tableid=0, s=192.168.192.1 (local), d=2x.2x.1x.1x (Tunnel9999), routed via FIB
*Oct  5 01:39:43.526: IP: s=192.168.192.1 (local), d=2x.2x.1x.1x (Tunnel9999), len 56, sending
*Oct  5 01:39:43.526:     ICMP type=3, code=3
*Oct  5 01:39:46.522: IP: s=2x.2x.1x.1x (Tunnel9999), d=2x.1x.2x.1, len 28, rcvd 0
*Oct  5 01:39:46.522:     UDP src=49863, dst=33483
*Oct  5 01:39:46.522: IP: tableid=0, s=192.168.192.1 (local), d=2x.2x.1x.1x (Tunnel9999), routed via FIB
*Oct  5 01:39:46.522: IP: s=192.168.192.1 (local), d=2x.2x.1x.1x (Tunnel9999), len 56, sending
*Oct  5 01:39:46.522:     ICMP type=3, code=3
*Oct  5 01:39:49.522: IP: s=2x.2x.1x.1x (Tunnel9999), d=2x.1x.2x.1, len 28, rcvd 0
*Oct  5 01:39:49.522:     UDP src=49864, dst=33484
*Oct  5 01:39:49.522: IP: tableid=0, s=192.168.192.1 (local), d=2x.2x.1x.1x (Tunnel9999), routed via FIB
*Oct  5 01:39:49.522: IP: s=192.168.192.1 (local), d=2x.2x.1x.1x (Tunnel9999), len 56, sending
*Oct  5 01:39:49.522:     ICMP type=3, code=3

Advertisements