View
220
Download
1
Category
Preview:
Citation preview
DD2491, p1 2008
Load balancing BGP
Johan Nicklasson KTHNOC/NADA
–
DD2491 p1 2008
DD2491, p1 2008
Dual home
• When do you need to be dual homed?
• How should you be dual homed?
– Same provider.
– Different providers.
• What do you need to have in place to do dual homing?
– AS number
– PI vs. PA
– BGP?
DD2491, p1 2008
Single provider
• You can do dual homing to
the same provider.
– What kind of redundancy do
we have in this setup?
– BGP does not load balance
across multiple links.
DD2491, p1 2008
Single provider
• What level of redundancy do we need?
– Do we need redundant routers?
– Do we need to connect to different POPs?
– What about the local loop?
• Can we load balance over redundant links?
– Maybe. In the previous example we could make use of an IGP to load
balance packets over the two links.
– It is not likely that the provider wants to do that. A provider wants his
edge to be as static as possible.
– What about different routers?
DD2491, p1 2008
Single provider
• Redundant routers.
– We can loose 1 router and still
be connected to the internet.
– If the ISP router dies our
connections goes with it.
– The local loop may or may not
be redundant.
DD2491, p1 2008
Single provider
• Redundant routers and
redundant POPs
– We can loose one of our
routers and still have
connectivity.
– We can loose one provider
router/POP and still have
connectivity.
– The local loop may or may not
be redundant.
DD2491, p1 2008
Single provider
• Dual homed to the same provider.
– We can have different levels of redundancy. Depending on our
needs.
• Do we need BGP to dual home to the same provider?
– Even in the setup with 2 routers and 2 POPs we can use a static
default route to get to the internet.
– We inject the default route into our IGP and the node will send it's
traffic to the nearest exit point.
– Can the ISP load balance traffic to us?
DD2491, p1 2008
Single provider
• If we use BGP on our connections to our ISP
– We must have an iBGP connection between our edge routers.
– We can still use a static default route to the internet.
– The provider can send us a default route via BGP.
– We can use MED, AS prepend or communities to try to get the ISP to
send us traffic to different prefixes over different links.
DD2491, p1 2008
Single provider
• If we get a full table from our ISP
– We need our hardware to handle ~230 000 prefixes.
– We can use policies to have the traffic leave on different links
depending on the destination.
– If we don't make our IGP aware of those routes we could end up with
suboptimal routing, depending on the network topology.
DD2491, p1 2008
Single provider
• Addressing and AS numbers
– The provider will assign IP address space to us.
– We don't have to have our own AS number. We can use a private AS,
that have to be assigned to us by our provider.
– Private AS numbers are 64512 to 65535.
– The provider have to remove private AS's from prefixes on their
eBGP peerings.
DD2491, p1 2008
Dual providers
• Our address space becomes an issue.
– We need PI (Provider independent) space
• We need a public AS number.
– How to get an AS number will be covered later.
• BGP is a must.
DD2491, p1 2008
Dual providers
DD2491, p1 2008
Dual providers
• If we should use IP space provided by ISP A, 10.1.1.0/24
• That /24 is just a portion of the space provided to the ISP by
the RIR. 10.1.0.0 /19
• We get ISP B to announce “our” /24 (most ISPs will never
announce part of another ISP aggregate).
DD2491, p1 2008
Dual providers
DD2491, p1 2008
Dual providers
• Which ISP will attract all our traffic?
– Longest prefix match
• One solution to this problem would be to have ISP A
announce 10.1.1.0/24 and 10.1.0.0/19.
DD2491, p1 2008
Dual providers
DD2491, p1 2008
Dual providers
• Another solution to this problem is to get Provider
Independent (PI) IP space from a RIR (Regional Internet
Registry).
– To use PI space will also make it much easier to switch ISP.
– With PA space the ISP “owns” the IP addresses you use. If you move
to another ISP the first one will make you return the borrowed space.
DD2491, p1 2008
Dual providers
• Load balancing the egress
– Using BGP attributes and IGP cost you can prefer one prefix set over
one ISP and another set over the other ISP.
– This will not balance the load equally over the two upstreams.
– If you monitor your traffic patterns you could try to balance the load
more.
DD2491, p1 2008
Dual providers
• Load balancing the ingress
– Is it possible to use MED when dual homing with two IPSs?
– Is it possible to use AS prepend?
– How about announcing more specific routes to attract traffic?
• You have to have a good dialog with your ISPs when you are
doing any kind of traffic engineering.
DD2491, p1 2008
Symmetry/asymmetry and the internet
• When you have more the one way to reach a destination
symmetry can not be guaranteed.
• Some hardware dealing with state and flow needs symmetry
to work properly.
DD2491, p1 2008
Symmetry/asymmetry
DD2491, p1 2008
Symmetry/asymmetry
• We have to have traffic leaving a firewall return over the
same one.
– We could use AS prepend.
– We could advertise more specific routes
– What if the firewalls exchanged their current flow and state tables?
DD2491, p1 2008
Questions?
Recommended