BGP Multipath Load Balancing

Scenario

You’ve got a single multi-homed BGP connection to two ISPs. You want to load balance traffic to a specific destination but you have no control over what the ISPs are doing with that route as it traverses the network! You helped the ISP build their network … but then they fired you and left you scratching your head trying to enable load balancing.

Goal:

  • Nothing has been preconfigured for you!
  • Make the required physical connections as depicted in the diagram.
  • Configure the IP addresses as depicted in the diagram (begin with 192.168).
  • Configure eBGP as follows using the connected physical interfaces as update sources:
    * R1 to R3
    * R1 to R2
    * R3 to R4
    * R4 to R5
    * R2 to R5
  • Add a loopback on R1 and R5 with addresses 1.1.1.1/32 and 5.5.5.5/32 respectively.
  • Pull these loopbacks into BGP using the network command, and no other networks afterwards.
  • Configure an outbound route-map on R5 to set the origin to “?” for all routes it sends to R2.
  • Configure an outbound route-map on R5 to set the origin to “e” for all routes it sends to R4.
  • Configure an outbound route-map on R2 to set the MED to 2 for all routes it sends to R1.
  • Configure an outbound route-map on R3 to set the MED to 3 for all routes it sends to R1.
  • Ensure R1′s BGP table reflects these updates, and ensure you have connectivity from 1.1.1.1 to 5.5.5.5.
  • *** From this point forward, you cannot configure any other router except R1. You used to work at the ISP and configured their network for them, but they just fired you. ***
  • Enable load balancing for the 5.5.5.5 network within BGP. You will know when you are successful when R1′s routing table has two entries for 5.5.5.5/32 (one next hop is R2, the other is R3).

IOS:

c3725-adventerprisek9-mz.124-7.image

Topology:

bgp load balance

Opt In Image
Do you want your CCNA or CCNP Certificate?

The How to Master series helps you to understand complex topics like spanning-tree, VLANs, trunks, OSPF, EIGRP, BGP and more.

Written by René Molenaar - CCIE #41726

Comments

  1. Avatar of Nick42518 says

    rajkumar,

    Nothing has been preconfigured in this lab; there is no topology to download. You must build the lab from scratch. This is my preferred way of hammering home basic skills that cause us angst in our day to day troubleshooting.

    Report user
  2. Avatar of Juan Golbez says

    I can’t figure out how to get 5.5.5.5 to be able to ping 1.1.1.1 even when I apply your final configs to the routers. It’s the damndest thing, every router has a route to the loopbacks and routers which are directly connected to R1/R5 can ping those loopbacks, but not the other side’s. For example, R3 can ping 1.1.1.1 but not 5.5.5.5 even though it has a route all the way through.

    I am using c3725-advipservicesk9-mz.124-23.bin on the 3725 in GNS3.

    Report user
    • Avatar of Lukasz says

      Hi. You actually may be doing everything right. I had a similar issue until I realized that router 5.5.5.5 and 1.1.1.1 may not know how to go back to interfaces they are being pinged from.

      Let’s say, if you are trying to ping from R1 to 5.5.5.5 you are actually pinging from 192.168.12.1 or 192.168.13.1. R5 does not have a route to 192.168.12.0/24 and 192.168.13.0/24 networks so the ping must fail. It’s the same situation if you ping R5 from R3 or R1 from R4.

      However, if you use this command on R1 you will get a successful ping.

      Ping 5.5.5.5 source 1.1.1.1

      Cheers

      Report user
        • Avatar of Nick42518 says

          You’d have to pull the intermediate networks (the 192s) into BGP with network or redistribute commands. I didn’t see a reason to do that. Pinging using the source keyword makes more sense and better simulates real LAN to LAN communications. No one really cares about connectivity to the internetwork links … other than the routers.

          Report user
    • Avatar of Manpreet Singh says

      This is because from R3 1.1.1.1′s next hop is reachable(D.C) and when pinging 5.5.5.5 from R3, R5 does not know how to get back.

      Same will happen if you will ping 5.5.5.5 from R4, you will be able to do that as the next hop is directly connected or reachable. but you will not able to ping 1.1.1.1 from R4 due to the same reason.

      Report user
  3. Avatar of Gabriel Albeanu says

    Hello Nick,

    I was not able to figure out load balancing for that last point. From what I know you will be able to do only load sharing in this case since our router is connecting to 2 different ISPs. You can do only load balance to the same network if you have 1 rtr that is connecting to 2 routers of 1 ISP (in the same AS). Please correct me if I am wrong! I will be trying a lab with that to check if it’s working.

    PS for the rest of the guys you need to advertise into BGP directly connected networks to fix it – network statement . (for example R1 doesnt know .25.0/24 network and R5 doesnt know .12.0/24 and that’s why ping if not working)

    Report user
  4. Avatar of Rumman Fayaz says

    Dear Sir,

    I don’t understand these two config

    Configure an outbound route-map on R5 to set the origin to "?" for all routes it sends to R2.
    Configure an outbound route-map on R5 to set the origin to "e" for all routes it sends to R4

    Please solve this.

    Report user
    • Avatar of Nick42518 says

      You need to build a route-map and apply it outbound towards the specific neighbor to change the BGP attribute.

      route-map BGP_R2_OUT permit 10
      set origin incomplete

      router bgp X
      neighbor x.x.x.x route-map BGP_R2_OUT out

      … as an example.

      Report user
  5. Sandor says

    Hi guys,

    doesnt work for me as well. This is my R1 config:

    R1#sh run | s bgp
    router bgp 1
    no synchronization
    bgp log-neighbor-changes
    bgp bestpath as-path multipath-relax
    network 1.1.1.1 mask 255.255.255.255
    neighbor 192.168.12.2 remote-as 2
    neighbor 192.168.13.3 remote-as 3
    maximum-paths 2
    no auto-summary

    I tried it out with IOS versions
    – c3725-adventerprisek9-mz.124-25d and
    – c7200-spservicesk9-mz.152-4.S3

    S

  6. Anonymous says

    hi sandor. i did the same but i had to prepend the as-path on the routes coming from R3 to equal out the AS-PATH lenght. Max path is an attribute that comes after AS-path so you need to match the as-path length and enable multipath. once this is done you will find 2 routes in the routing table

    multipath condition

    as-path multipath-relax—allows the switch/router to treat paths received from different AS’s for multipath, if their AS-path lengths are the same and other multipath conditions are met.

  7. Avatar of Costin says

    Finally I made it work! (good thing you wrote here about bgp bestpath as-path multipath-relax)

    R1#sh ip ro | b 5.5
    B 5.5.5.5 [20/0] via 192.168.13.3, 00:03:41
    [20/0] via 192.168.12.2, 00:03:41

    Here’s my config: (note: some things are extra)
    router bgp 1
    no synchronization
    bgp log-neighbor-changes
    bgp bestpath as-path multipath-relax
    network 1.1.1.1 mask 255.255.255.255
    neighbor 192.168.12.2 remote-as 2
    neighbor 192.168.12.2 route-map BGP2 in
    neighbor 192.168.13.3 remote-as 3
    neighbor 192.168.13.3 route-map BGP in
    maximum-paths 5
    no auto-summary

    route-map BGP permit 10
    set metric 0
    set local-preference 90
    set origin incomplete
    route-map BGP2 permit 10
    set metric 0
    set local-preference 90
    set origin incomplete
    set as-path prepend 3

    in order for the load balacing to work, there are some conditions that should be matched first: http://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/13753-25.html#bgpmpath

    Report user
  8. Avatar of Nam Tran says

    Thing need to be done on R1 for the load balancing to work:
    - Set bgp maximum-paths to 2 (or higher)
    - Create an inbound route-map for route from R3, set metric to 2
    - Create an inbound route-map for route from R2, prepend 2 to the route-map so the as-path from R2 and R3 routes are of same length.
    - Enable the “bgp bestpath as-path multipath-relax” so the 2 as-paths do not need to be equal.
    -> Load balancing will be activated.

    Report user
  9. Avatar of jts says

    interesting lab.

    i have read several blog posts regarding the “bgp bestpath as-path multipath-relaxed” hidden command.

    the ones i’ve read seem to suggest that this command will permit load balancing over eBGP paths with varying attributes so long as the AS-PATH attribute is equal in length over the different paths.

    in this particular lab, i did not find that to be accurate.

    i had to also make the origin attributes match for the different paths in order to achieve load balancing – did not need to adjust the metric (MED).

    * NOTE: the “egp” origin attribute does not appear to be supported as a “route-map set” option in my code version; therefore, i could not set that as required by the lab:

    R1(config)#route-map ONE permit 20
    R1(config-route-map)#set origin ?
    igp local IGP
    incomplete unknown heritage

    ORIGINAL R1 PATH ATTRIBUTES:
    =====
    R1(config-router)#do sh ip bgp | b Net
    Network Next Hop Metric LocPrf Weight Path
    *> 1.1.1.0/24 0.0.0.0 0 32768 i
    * 5.5.5.0/24 192.168.13.3 3 0 3 4 5 i
    *> 192.168.12.2 2 0 2 5 ?

    PRE-PENDED AS-PATH FOR R2 (192.168.12.2) PATH:
    =====
    R1(config-router)#do sh ip bgp | b Net
    Network Next Hop Metric LocPrf Weight Path
    *> 1.1.1.0/24 0.0.0.0 0 32768 i
    *> 5.5.5.0/24 192.168.13.3 3 0 3 4 5 i
    * 192.168.12.2 2 0 2 2 5 ?

    CHANGE ORIGIN ATTRIBUTE:
    =====
    1) CHANGE INCOMPLETE TO IGP
    R1(config-router)#do sh ip bgp | b Net
    Network Next Hop Metric LocPrf Weight Path
    *> 1.1.1.0/24 0.0.0.0 0 32768 i
    *> 5.5.5.0/24 192.168.13.3 3 0 3 4 5 i
    *m 192.168.12.2 2 0 2 2 5 i

    2) CHANGE IGP TO INCOMPLETE
    R1(config-router)#do sh ip bgp | b Net
    Network Next Hop Metric LocPrf Weight Path
    *> 1.1.1.0/24 0.0.0.0 0 32768 i
    *> 5.5.5.0/24 192.168.13.3 3 0 3 4 5 ?
    *m 192.168.12.2 2 0 2 2 5 ?

    RELEVANT INFO:
    GSN3: 0.8.7 64-bit standalone
    Cisco 7200 chassis
    IOS code version: c7200-adventerprisek9-mz.152-4.S5

    R1#sh run | se router bgp
    router bgp 1
    bgp router-id 1.1.1.1
    bgp log-neighbor-changes
    bgp bestpath as-path multipath-relax
    network 1.1.1.0 mask 255.255.255.0
    neighbor 192.168.12.2 remote-as 2
    neighbor 192.168.13.3 remote-as 3
    maximum-paths 2

    Report user
  10. Brandon says

    Hey guys,

    I’ve setup the lab base so far with just the interfaces and save it if anyone wants to grab it.

    See the topology layout for the interfaces I used, or change it as you need it.

    Here is the link: (google drive)
    http://goo.gl/m3D6Zb

Leave a reply:

Your email address will not be published. Required fields are marked *

If you have any technical questions, please use the Forum instead of posting a comment.