load balancing bgp johan nicklasson kthnoc/nada · dd2491, p1 2008 load balancing bgp johan...
TRANSCRIPT
![Page 1: Load balancing BGP Johan Nicklasson KTHNOC/NADA · DD2491, p1 2008 Load balancing BGP Johan Nicklasson KTHNOC/NADA – DD2491 p1 2008](https://reader030.vdocuments.site/reader030/viewer/2022021511/5ac0d98d7f8b9ae45b8ca892/html5/thumbnails/1.jpg)
DD2491, p1 2008
Load balancing BGP
Johan Nicklasson KTHNOC/NADA
–
DD2491 p1 2008
![Page 2: Load balancing BGP Johan Nicklasson KTHNOC/NADA · DD2491, p1 2008 Load balancing BGP Johan Nicklasson KTHNOC/NADA – DD2491 p1 2008](https://reader030.vdocuments.site/reader030/viewer/2022021511/5ac0d98d7f8b9ae45b8ca892/html5/thumbnails/2.jpg)
DD2491, p1 2008
Dual home
• When do you need to be dual homed?
• How should you be dual homed?
– Same provider.
– Different providers.
• What do you need to have in place to do dual homing?
– AS number
– PI vs. PA
– BGP?
![Page 3: Load balancing BGP Johan Nicklasson KTHNOC/NADA · DD2491, p1 2008 Load balancing BGP Johan Nicklasson KTHNOC/NADA – DD2491 p1 2008](https://reader030.vdocuments.site/reader030/viewer/2022021511/5ac0d98d7f8b9ae45b8ca892/html5/thumbnails/3.jpg)
DD2491, p1 2008
Single provider
• You can do dual homing to
the same provider.
– What kind of redundancy do
we have in this setup?
– BGP does not load balance
across multiple links.
![Page 4: Load balancing BGP Johan Nicklasson KTHNOC/NADA · DD2491, p1 2008 Load balancing BGP Johan Nicklasson KTHNOC/NADA – DD2491 p1 2008](https://reader030.vdocuments.site/reader030/viewer/2022021511/5ac0d98d7f8b9ae45b8ca892/html5/thumbnails/4.jpg)
DD2491, p1 2008
Single provider
• What level of redundancy do we need?
– Do we need redundant routers?
– Do we need to connect to different POPs?
– What about the local loop?
• Can we load balance over redundant links?
– Maybe. In the previous example we could make use of an IGP to load
balance packets over the two links.
– It is not likely that the provider wants to do that. A provider wants his
edge to be as static as possible.
– What about different routers?
![Page 5: Load balancing BGP Johan Nicklasson KTHNOC/NADA · DD2491, p1 2008 Load balancing BGP Johan Nicklasson KTHNOC/NADA – DD2491 p1 2008](https://reader030.vdocuments.site/reader030/viewer/2022021511/5ac0d98d7f8b9ae45b8ca892/html5/thumbnails/5.jpg)
DD2491, p1 2008
Single provider
• Redundant routers.
– We can loose 1 router and still
be connected to the internet.
– If the ISP router dies our
connections goes with it.
– The local loop may or may not
be redundant.
![Page 6: Load balancing BGP Johan Nicklasson KTHNOC/NADA · DD2491, p1 2008 Load balancing BGP Johan Nicklasson KTHNOC/NADA – DD2491 p1 2008](https://reader030.vdocuments.site/reader030/viewer/2022021511/5ac0d98d7f8b9ae45b8ca892/html5/thumbnails/6.jpg)
DD2491, p1 2008
Single provider
• Redundant routers and
redundant POPs
– We can loose one of our
routers and still have
connectivity.
– We can loose one provider
router/POP and still have
connectivity.
– The local loop may or may not
be redundant.
![Page 7: Load balancing BGP Johan Nicklasson KTHNOC/NADA · DD2491, p1 2008 Load balancing BGP Johan Nicklasson KTHNOC/NADA – DD2491 p1 2008](https://reader030.vdocuments.site/reader030/viewer/2022021511/5ac0d98d7f8b9ae45b8ca892/html5/thumbnails/7.jpg)
DD2491, p1 2008
Single provider
• Dual homed to the same provider.
– We can have different levels of redundancy. Depending on our
needs.
• Do we need BGP to dual home to the same provider?
– Even in the setup with 2 routers and 2 POPs we can use a static
default route to get to the internet.
– We inject the default route into our IGP and the node will send it's
traffic to the nearest exit point.
– Can the ISP load balance traffic to us?
![Page 8: Load balancing BGP Johan Nicklasson KTHNOC/NADA · DD2491, p1 2008 Load balancing BGP Johan Nicklasson KTHNOC/NADA – DD2491 p1 2008](https://reader030.vdocuments.site/reader030/viewer/2022021511/5ac0d98d7f8b9ae45b8ca892/html5/thumbnails/8.jpg)
DD2491, p1 2008
Single provider
• If we use BGP on our connections to our ISP
– We must have an iBGP connection between our edge routers.
– We can still use a static default route to the internet.
– The provider can send us a default route via BGP.
– We can use MED, AS prepend or communities to try to get the ISP to
send us traffic to different prefixes over different links.
![Page 9: Load balancing BGP Johan Nicklasson KTHNOC/NADA · DD2491, p1 2008 Load balancing BGP Johan Nicklasson KTHNOC/NADA – DD2491 p1 2008](https://reader030.vdocuments.site/reader030/viewer/2022021511/5ac0d98d7f8b9ae45b8ca892/html5/thumbnails/9.jpg)
DD2491, p1 2008
Single provider
• If we get a full table from our ISP
– We need our hardware to handle ~230 000 prefixes.
– We can use policies to have the traffic leave on different links
depending on the destination.
– If we don't make our IGP aware of those routes we could end up with
suboptimal routing, depending on the network topology.
![Page 10: Load balancing BGP Johan Nicklasson KTHNOC/NADA · DD2491, p1 2008 Load balancing BGP Johan Nicklasson KTHNOC/NADA – DD2491 p1 2008](https://reader030.vdocuments.site/reader030/viewer/2022021511/5ac0d98d7f8b9ae45b8ca892/html5/thumbnails/10.jpg)
DD2491, p1 2008
Single provider
• Addressing and AS numbers
– The provider will assign IP address space to us.
– We don't have to have our own AS number. We can use a private AS,
that have to be assigned to us by our provider.
– Private AS numbers are 64512 to 65535.
– The provider have to remove private AS's from prefixes on their
eBGP peerings.
![Page 11: Load balancing BGP Johan Nicklasson KTHNOC/NADA · DD2491, p1 2008 Load balancing BGP Johan Nicklasson KTHNOC/NADA – DD2491 p1 2008](https://reader030.vdocuments.site/reader030/viewer/2022021511/5ac0d98d7f8b9ae45b8ca892/html5/thumbnails/11.jpg)
DD2491, p1 2008
Dual providers
• Our address space becomes an issue.
– We need PI (Provider independent) space
• We need a public AS number.
– How to get an AS number will be covered later.
• BGP is a must.
![Page 12: Load balancing BGP Johan Nicklasson KTHNOC/NADA · DD2491, p1 2008 Load balancing BGP Johan Nicklasson KTHNOC/NADA – DD2491 p1 2008](https://reader030.vdocuments.site/reader030/viewer/2022021511/5ac0d98d7f8b9ae45b8ca892/html5/thumbnails/12.jpg)
DD2491, p1 2008
Dual providers
![Page 13: Load balancing BGP Johan Nicklasson KTHNOC/NADA · DD2491, p1 2008 Load balancing BGP Johan Nicklasson KTHNOC/NADA – DD2491 p1 2008](https://reader030.vdocuments.site/reader030/viewer/2022021511/5ac0d98d7f8b9ae45b8ca892/html5/thumbnails/13.jpg)
DD2491, p1 2008
Dual providers
• If we should use IP space provided by ISP A, 10.1.1.0/24
• That /24 is just a portion of the space provided to the ISP by
the RIR. 10.1.0.0 /19
• We get ISP B to announce “our” /24 (most ISPs will never
announce part of another ISP aggregate).
![Page 14: Load balancing BGP Johan Nicklasson KTHNOC/NADA · DD2491, p1 2008 Load balancing BGP Johan Nicklasson KTHNOC/NADA – DD2491 p1 2008](https://reader030.vdocuments.site/reader030/viewer/2022021511/5ac0d98d7f8b9ae45b8ca892/html5/thumbnails/14.jpg)
DD2491, p1 2008
Dual providers
![Page 15: Load balancing BGP Johan Nicklasson KTHNOC/NADA · DD2491, p1 2008 Load balancing BGP Johan Nicklasson KTHNOC/NADA – DD2491 p1 2008](https://reader030.vdocuments.site/reader030/viewer/2022021511/5ac0d98d7f8b9ae45b8ca892/html5/thumbnails/15.jpg)
DD2491, p1 2008
Dual providers
• Which ISP will attract all our traffic?
– Longest prefix match
• One solution to this problem would be to have ISP A
announce 10.1.1.0/24 and 10.1.0.0/19.
![Page 16: Load balancing BGP Johan Nicklasson KTHNOC/NADA · DD2491, p1 2008 Load balancing BGP Johan Nicklasson KTHNOC/NADA – DD2491 p1 2008](https://reader030.vdocuments.site/reader030/viewer/2022021511/5ac0d98d7f8b9ae45b8ca892/html5/thumbnails/16.jpg)
DD2491, p1 2008
Dual providers
![Page 17: Load balancing BGP Johan Nicklasson KTHNOC/NADA · DD2491, p1 2008 Load balancing BGP Johan Nicklasson KTHNOC/NADA – DD2491 p1 2008](https://reader030.vdocuments.site/reader030/viewer/2022021511/5ac0d98d7f8b9ae45b8ca892/html5/thumbnails/17.jpg)
DD2491, p1 2008
Dual providers
• Another solution to this problem is to get Provider
Independent (PI) IP space from a RIR (Regional Internet
Registry).
– To use PI space will also make it much easier to switch ISP.
– With PA space the ISP “owns” the IP addresses you use. If you move
to another ISP the first one will make you return the borrowed space.
![Page 18: Load balancing BGP Johan Nicklasson KTHNOC/NADA · DD2491, p1 2008 Load balancing BGP Johan Nicklasson KTHNOC/NADA – DD2491 p1 2008](https://reader030.vdocuments.site/reader030/viewer/2022021511/5ac0d98d7f8b9ae45b8ca892/html5/thumbnails/18.jpg)
DD2491, p1 2008
Dual providers
• Load balancing the egress
– Using BGP attributes and IGP cost you can prefer one prefix set over
one ISP and another set over the other ISP.
– This will not balance the load equally over the two upstreams.
– If you monitor your traffic patterns you could try to balance the load
more.
![Page 19: Load balancing BGP Johan Nicklasson KTHNOC/NADA · DD2491, p1 2008 Load balancing BGP Johan Nicklasson KTHNOC/NADA – DD2491 p1 2008](https://reader030.vdocuments.site/reader030/viewer/2022021511/5ac0d98d7f8b9ae45b8ca892/html5/thumbnails/19.jpg)
DD2491, p1 2008
Dual providers
• Load balancing the ingress
– Is it possible to use MED when dual homing with two IPSs?
– Is it possible to use AS prepend?
– How about announcing more specific routes to attract traffic?
• You have to have a good dialog with your ISPs when you are
doing any kind of traffic engineering.
![Page 20: Load balancing BGP Johan Nicklasson KTHNOC/NADA · DD2491, p1 2008 Load balancing BGP Johan Nicklasson KTHNOC/NADA – DD2491 p1 2008](https://reader030.vdocuments.site/reader030/viewer/2022021511/5ac0d98d7f8b9ae45b8ca892/html5/thumbnails/20.jpg)
DD2491, p1 2008
Symmetry/asymmetry and the internet
• When you have more the one way to reach a destination
symmetry can not be guaranteed.
• Some hardware dealing with state and flow needs symmetry
to work properly.
![Page 21: Load balancing BGP Johan Nicklasson KTHNOC/NADA · DD2491, p1 2008 Load balancing BGP Johan Nicklasson KTHNOC/NADA – DD2491 p1 2008](https://reader030.vdocuments.site/reader030/viewer/2022021511/5ac0d98d7f8b9ae45b8ca892/html5/thumbnails/21.jpg)
DD2491, p1 2008
Symmetry/asymmetry
![Page 22: Load balancing BGP Johan Nicklasson KTHNOC/NADA · DD2491, p1 2008 Load balancing BGP Johan Nicklasson KTHNOC/NADA – DD2491 p1 2008](https://reader030.vdocuments.site/reader030/viewer/2022021511/5ac0d98d7f8b9ae45b8ca892/html5/thumbnails/22.jpg)
DD2491, p1 2008
Symmetry/asymmetry
• We have to have traffic leaving a firewall return over the
same one.
– We could use AS prepend.
– We could advertise more specific routes
– What if the firewalls exchanged their current flow and state tables?
![Page 23: Load balancing BGP Johan Nicklasson KTHNOC/NADA · DD2491, p1 2008 Load balancing BGP Johan Nicklasson KTHNOC/NADA – DD2491 p1 2008](https://reader030.vdocuments.site/reader030/viewer/2022021511/5ac0d98d7f8b9ae45b8ca892/html5/thumbnails/23.jpg)
DD2491, p1 2008
Questions?