maybe someone will find this one handy. it’s description + config file for bgp setup i’ve recently put on production using debian lenny + quagga.
scenario:
two service providers – GTS/AS8246 and CDP/AS12968 providing full feed of internet routes.
i have interconnecting networks with both, my ip is 217.2.1.2/30 and 85.128.0.2/30 respectivly, isp’s routers have: 85.128.0.1 and 217.1.1.1.
own AS number AS44444, own PI address range 91.0.0.0/23 [ to protect innocent changed from original ]
slightly unequal link speed to both ISPs – with proportions 2:1 with GTS having bigger pipe.
GTS’s BGP speaker 217.1.1.1 – is not directly reachable – it’s couple of hops away so i need static routing to it. i configure that in zebra.conf:
hostname bulba
password bromba
enable password bromba
log file /var/log/quagga/zebra.log
log syslog informational
! eth0.3 goes to gts
interface eth0.3
! eth0.4 goes to cdp
interface eth0.4
! eth1 goes to end-users
interface eth1
interface lo
! static route to gts BGP speaker. to protect innocent addres was slightly altered
ip route 217.1.1.0/24 217.2.1.1
</code>
in bgpd.conf all the magic is happening:
<code>
hostname bulba
password bromba
log file /var/log/quagga/bgpd.log
log syslog warnings
!
! definition of my peers
router bgp 44444
bgp router-id 91.0.0.1
network 91.0.0.0/23
! configuration of neighbour CDP router - reachable directly on eth0.4
! 85.128.0.1 is address of CDP bgp speaker
neighbor 85.128.0.1 remote-as 12968
! 85.128.0.2 is addres used by me on subnet where i have connection with CDP
neighbor 85.128.0.1 update-source 85.128.0.2
neighbor 85.128.0.1 soft-reconfiguration inbound
neighbor 85.128.0.1 prefix-list my_announced out
neighbor 85.128.0.1 route-map cdp_localpref in
neighbor 85.128.0.1 route-map setcommunityCDP out
!
! configuration of GTS neighbour. BGP speaker is at 217.1.1.1 but i cannot reach it directly - hence static routing in zebra.conf
neighbor 217.1.1.1 remote-as 8246
neighbor 217.1.1.1 ebgp-multihop 10
! 217.2.1.2 is my address on small interconnecting network with GTS router
neighbor 217.1.1.1 update-source 217.2.1.2
neighbor 217.1.1.1 soft-reconfiguration inbound
neighbor 217.1.1.1 prefix-list my_announced out
neighbor 217.1.1.1 route-map gts_localpref in
neighbor 217.1.1.1 route-map setcommunityGTS out
!
! some as-paths used to manipulate outgoing traffic
! matches anything that goes over cogent's network. we'll use it to make sure upload to cogent-connected hosts goes via GTS
ip as-path access-list as_path_to_go_via_gts permit ^.*174.*$
! similarly but for TELIA-Sonera and all connected via it
ip as-path access-list as_path_to_go_via_gts permit ^.*1299.*$
! all end-users of upc/chello
ip as-path access-list as_path_to_go_via_gts permit ^.*9141$
!
! mci / verizone
ip as-path access-list as_path_to_go_via_cdp permit ^.*701.*$
! qwest
ip as-path access-list as_path_to_go_via_cdp permit ^.*209.*$
! all end-users of netia
ip as-path access-list as_path_to_go_via_cdp permit ^.*12741$
!
! in fact i have much more of those...
!
!
! and just for fun access lists for manipulating local prefs on subnet level
ip prefix-list cdp_localpref seq 5 permit 193.110.228.0/24
!
ip prefix-list gts_localpref seq 9 permit 89.64.0.0/13
!
ip prefix-list any seq 5 permit any
!
ip prefix-list my_announced seq 1 permit 91.0.0.0/23
!
!
! apply higher local pref for selected routes / matching as-paths
route-map cdp_localpref permit 10
match ip address prefix-list cdp_localpref
set local-preference 120
route-map cdp_localpref permit 20
match as-path as_path_to_go_via_cdp
set local-preference 140
!
! default - 100 - localpref for anythign else
route-map cdp_localpref permit 100
match ip address prefix-list any
set local-preference 100
!
! do the same for GTS
route-map gts_localpref permit 10
match ip address prefix-list gts_localpref
set local-preference 120
route-map gts_localpref permit 20
match as-path as_path_to_go_via_gts
set local-preference 130
route-map gts_localpref permit 100
match ip address prefix-list any
set local-preference 100
!
!
! add communities to advertised routes - used to somehow control incomming traffic
route-map setcommunityGTS permit 10
match ip address prefix-list my_announced
!
route-map setcommunityGTS permit 20
match ip address any
!
! main objective - to shift some incoming traffic away from CDP to GTS. so - prepending + community from CDP that does even more prepending.
route-map setcommunityCDP permit 10
match ip address 2
set as-path prepend 47884
set community 12968:1011
!
route-map setcommunityCDP permit 20
match ip address 2
list of GTS communities can be found in whois from their AS8246.
CDP is not so happy to announce their’s but i’ve found this and after a while got from their sales-rep that:
remarks: =================================================== remarks: remarks: BGP community support: ipnoc(at)crowley.pl remarks: remarks: --------------------------------------------------- remarks: <<< Communities used in AS12968 >>> remarks: --------------------------------------------------- remarks: communities for specific link are 12968:a(b)01x remarks: x=6 for "do not advertise" remarks: x=1,2 for "prepend 1,2 times" remarks: remarks: 12968:101x ATMAN remarks: 12968:201x GIX remarks: 12968:301x WIX remarks: 12968:401x TPSA remarks: 12968:501x DE-CIX remarks: remarks: remarks: 12968:801x Globeinternet remarks: 12968:901x Level3 remarks: 12968:1001x PL-IX remarks: 12968:1101x AC-X remarks: 12968:1201x Netia remarks: remarks: ---------------------------------------------------- remarks: <<< Communities applied at ingress >>> remarks: ---------------------------------------------------- remarks: 12968:10 ATMAN remarks: 12968:20 GIX remarks: 12968:30 WIX remarks: 12968:40 TPSA remarks: 12968:50 DE-CIX remarks: remarks: remarks: 12968:80 Globeinternet remarks: 12968:90 Level3 remarks: 12968:100 PL-IX remarks: 12968:110 AC-X remarks: 12968:120 Netia remarks: remarks: 12968:180 Technical University of Silesia remarks: 12968:181 TASK remarks: 12968:182 TK Telekom remarks: 12968:183 Dialog Telecom remarks: 12968:184 TKP SA remarks: 12968:185 SITEL remarks: remarks: 12968:200 Polish routes remarks: 12968:210 Foreign routes remarks: 12968:220 Public peerings remarks: 12968:300 Crowley Customer's routes remarks