Hy everyone, I am a small ISP with 2 IP transits and some peering connections. I'm trying to set up route filters in BGP sessions to prefer routes received from peers over those from transits, and also to prefer routes with fewer AS hops.
have set the filters in this way:
/routing filter
add action=accept address-family=ip bgp-as-path-length=0-1 chain="PEERING_IN" set-bgp-local-pref=300
add action=accept address-family=ip bgp-as-path-length=2 chain="PEERING_IN" set-bgp-local-pref=220
add action=discard address-family=ip chain="PEERING_IN"
add action=accept address-family=ip chain="TRANSIT_IPv4_IN" prefix=0.0.0.0 prefix-length=0-128
add action=accept address-family=ip bgp-as-path-length=0-1 chain="TRANSIT_IPv4_IN" set-bgp-local-pref=250
add action=accept address-family=ip bgp-as-path-length=2 chain="TRANSIT_IPv4_IN" set-bgp-local-pref=210
add action=accept address-family=ip bgp-as-path-length=3 chain="TRANSIT_IPv4_IN" disabled=yes set-bgp-local-pref=100
add action=discard address-family=ip chain="TRANSIT_IPv4_IN"
Now all is working as i expected, the filter is setting local preference as i decide, the problem is that the router use and decide to leave active a route with lower local pref or with more as hop.
here 2 example
17 ADb dst-address=1.2.0.0/23 gateway=172.16.2.2 gateway-status=172.16.2.2 reachable via Vlan 3 - TO TRANSIT 2 distance=20 scope=40 target-scope=30 bgp-as-path=65534,65533,65531 bgp-origin=inc
omplete received-from=TRANSIT 2
18 Db dst-address=1.2.0.0/23 gateway=172.16.1.6 gateway-status=172.16.1.6 reachable via Vlan 2 - TO TRANSIT 1 distance=20 scope=40 target-scope=30 bgp-as-path=65531 bgp-origin=incomplete rece
ived-from=TRANSIT-1
27 ADb dst-address=1.2.10.0/23 gateway=172.16.2.2 gateway-status=172.16.2.2 reachable via Vlan 3 - TO TRANSIT 2 distance=20 scope=40 target-scope=30 bgp-as-path=65534,65533,65531 bgp-origin=in
complete received-from=TRANSIT 2
28 Db dst-address=1.2.10.0/23 gateway=172.16.1.6 gateway-status=172.16.1.6 reachable via Vlan 2 - TO TRANSIT 1 distance=20 scope=40 target-scope=30 bgp-as-path=65531 bgp-origin=incomplete rec
eived-from=TRANSIT-1
i have reply my configuration in lab and are experience the same issue.
I have also try on latest version of v7 but here i see that all 2 route are active in ecmp also if they have different local pref.
here v7
DAb+ comment="TRANSIT-1" dst-address=1.2.0.0/23 routing-table=main gateway=172.16.3.1 immediate-gw=172.16.3.1%VLan 4 - TRANSIT 1 distance=20 scope=40 target-scope=10 suppress-hw-offload=no
DAb+ comment="TRANSIT-2 +2 AS" dst-address=1.2.0.0/23 routing-table=main gateway=172.16.3.5 immediate-gw=172.16.3.5%Vlan 5 - TRANSIT 2 distance=20 scope=40 target-scope=10 suppress-hw-offload=no
D b dst-address=1.2.0.0/23 routing-table=main gateway=172.16.1.17 immediate-gw=172.16.1.17%ether1 distance=200 scope=40 target-scope=30 suppress-hw-offload=no
D b dst-address=1.2.0.0/23 routing-table=main gateway=172.16.1.17 immediate-gw=172.16.1.17%ether1 distance=200 scope=40 target-scope=30 suppress-hw-offload=no
Someone can help or explain to me why this happen?
Thanks for all
have set the filters in this way:
/routing filter
add action=accept address-family=ip bgp-as-path-length=0-1 chain="PEERING_IN" set-bgp-local-pref=300
add action=accept address-family=ip bgp-as-path-length=2 chain="PEERING_IN" set-bgp-local-pref=220
add action=discard address-family=ip chain="PEERING_IN"
add action=accept address-family=ip chain="TRANSIT_IPv4_IN" prefix=0.0.0.0 prefix-length=0-128
add action=accept address-family=ip bgp-as-path-length=0-1 chain="TRANSIT_IPv4_IN" set-bgp-local-pref=250
add action=accept address-family=ip bgp-as-path-length=2 chain="TRANSIT_IPv4_IN" set-bgp-local-pref=210
add action=accept address-family=ip bgp-as-path-length=3 chain="TRANSIT_IPv4_IN" disabled=yes set-bgp-local-pref=100
add action=discard address-family=ip chain="TRANSIT_IPv4_IN"
Now all is working as i expected, the filter is setting local preference as i decide, the problem is that the router use and decide to leave active a route with lower local pref or with more as hop.
here 2 example
17 ADb dst-address=1.2.0.0/23 gateway=172.16.2.2 gateway-status=172.16.2.2 reachable via Vlan 3 - TO TRANSIT 2 distance=20 scope=40 target-scope=30 bgp-as-path=65534,65533,65531 bgp-origin=inc
omplete received-from=TRANSIT 2
18 Db dst-address=1.2.0.0/23 gateway=172.16.1.6 gateway-status=172.16.1.6 reachable via Vlan 2 - TO TRANSIT 1 distance=20 scope=40 target-scope=30 bgp-as-path=65531 bgp-origin=incomplete rece
ived-from=TRANSIT-1
27 ADb dst-address=1.2.10.0/23 gateway=172.16.2.2 gateway-status=172.16.2.2 reachable via Vlan 3 - TO TRANSIT 2 distance=20 scope=40 target-scope=30 bgp-as-path=65534,65533,65531 bgp-origin=in
complete received-from=TRANSIT 2
28 Db dst-address=1.2.10.0/23 gateway=172.16.1.6 gateway-status=172.16.1.6 reachable via Vlan 2 - TO TRANSIT 1 distance=20 scope=40 target-scope=30 bgp-as-path=65531 bgp-origin=incomplete rec
eived-from=TRANSIT-1
i have reply my configuration in lab and are experience the same issue.
I have also try on latest version of v7 but here i see that all 2 route are active in ecmp also if they have different local pref.
here v7
DAb+ comment="TRANSIT-1" dst-address=1.2.0.0/23 routing-table=main gateway=172.16.3.1 immediate-gw=172.16.3.1%VLan 4 - TRANSIT 1 distance=20 scope=40 target-scope=10 suppress-hw-offload=no
DAb+ comment="TRANSIT-2 +2 AS" dst-address=1.2.0.0/23 routing-table=main gateway=172.16.3.5 immediate-gw=172.16.3.5%Vlan 5 - TRANSIT 2 distance=20 scope=40 target-scope=10 suppress-hw-offload=no
D b dst-address=1.2.0.0/23 routing-table=main gateway=172.16.1.17 immediate-gw=172.16.1.17%ether1 distance=200 scope=40 target-scope=30 suppress-hw-offload=no
D b dst-address=1.2.0.0/23 routing-table=main gateway=172.16.1.17 immediate-gw=172.16.1.17%ether1 distance=200 scope=40 target-scope=30 suppress-hw-offload=no
Someone can help or explain to me why this happen?
Thanks for all
Statistics: Posted by bufindo — Fri Mar 01, 2024 2:10 pm