You Are Here: Home » Router » -Router Juniper » More than two BGP neighbours on Juniper, and routing based on “Filter-Based Forwarding”, to control next-hop selection

More than two BGP neighbours on Juniper, and routing based on “Filter-Based Forwarding”, to control next-hop selection

More than two BGP neighbours on Juniper, and routing based on “Filter-Based Forwarding”, to control next-hop selection

Let’s take a look at the following situation shown on Fig. 1. We have two BGP links with diffrent ISP – ISP1 ( primary and backup link) and ISP2, so we have actually three BGP links with full Internet routing table. If the three BGP links are active at the same time, the path selection of BGP will depend on the speed of the link, latency of link, IP address of the neighbour ( the higher or lower is IP ).
First we’ll change the Local Preference of the received routes.

Fig. 1
[edit policy-options]
show configuration policy-options policy-statement bgp-in

term local_pref_sp1 {
   from neighbor 192.168.1.1;
   then {
          local-preference 160;
  }
}
term local_pref_sp1_backup {
   from neighbor 192.168.2.1;
   then {
          local-preference 150;
  }

term local_pref_sp2 {
   from neighbor 192.168.3.1;
   then {
          local-preference 140;
  }
}

BGP selects the path of route, based on the number of the Local Preference – the highest number of this parameter wins. In this case traffic will go trough neigbour 192.168.1.1, with the highest number, and traffic will be not forward trough SP2. There is a solution: to make a load balancing between ISP1 and ISP2, or to force some netwroks through ISP2, using Filter-Based Forwarding to control next-hop selection.

To use Filter-Based Forwarding we need routing-instance. A routing instance is a routing entity for a router. According Juniper’s official documentation you use routnig instances to:

» Create administrative separation in a large network to segregate customer traffic and associated settings. The customers see only the routes belonging to them.
» Create overlay networks in which separate services are routed only towards routers participating in that service, such as voice. The overlay network isolates routes belonging to one service from another service by exporting routes, applying tags, and filtering based on tags.

Configuration of routing instance:

show configuration routing-instances

isp2-route {
  instance-type forwarding;
  routing-options {
      static {
          route 0.0.0.0/0 next-hop 192.168.3.1;
      }
  }
}

Showing new routing table “isp2-route”

[email protected]# run show route table isp2-route
isp2-route.inet.0: 250 destinations, 250 routes (249 active, 0 holddown, 1 hidden) + = Active Route, - = Last Active, * = Both

0.0.0.0/0 *[Static/5] 08:55:12
               > to 192.168.3.1 via ge-1/3/0.4
10.0.3.0/24 *[Direct/0] 08:55:12
               > via ge-0/1/0.18
10.0.8.0/24 *[Direct/0] 08:55:12
               > via ge-0/1/0.19

Now we need to import interface routes into our new routing table. To define the routing tables into which interface routes are imported, we need to create a routing table group and associate it with the router’s interfaces.

[edit routing-options]
[email protected]# show
interface-routes {
   rib-group inet filter-based-forwarding-group;
}
rib-groups {
   filter-based-forwarding-group {
      import-rib [ inet.0 isp2-route.inet.0 ];
   }
}

The option “rib-group”, basically allows two routing tables to share information. The “rib-group” we created, named “filter-based-forwarding-group”, exchanges information between routing table inet.0 and new created table isp2-route from the routing instance isp2-route.
Fnally we’ll create the fliter list.

[email protected]> show configuration firewall family inet filter sp2-customers
term sp2_customers_networks {
   from {
      source-address {
          10.0.8.0/24;
   }
}
   then {
      routing-instance isp2-route;
   }
}
term default {
      then accept;
}

It’s not necessary to specify the networks going through isp1, and create routing table for isp1, just apply the filter on interface where client from network 10.0.8.0/24 are connected.

[email protected]> show configuration interfaces ge-0/1/0.19
description clients_to_sp2;
vlan-id 19;
    family inet {
        filter {
                input sp2-customers;
        }
        address 10.0.8.1/24;
}

Configuration of BGP, based on the Filter-Based Forwarding, to control next-hop selection:

[email protected]> show configuration protocols bgp
path-selection external-router-id;
import bgp-in;
group ISP_neighbours {
   type external;
   neighbor 192.168.1.1 {
      description ISP1_primary;
      export announce_to_isp1;
      peer-as 65000;
   }
   neighbor 192.168.2.1 {
      description ISP1_backup;
      export announce_to_isp1;
      peer-as 65000;
   }
   neighbor 192.168.3.1 {
      description ISP2;
      export announce_to_isp2;
      peer-as 65000;
   }
}

[email protected]> show configuration policy-options policy-statement bgp-in
term local_pref_sp1 {
   from neighbor 192.168.1.1;
   then {
      local-preference 160;
   }
}
local_pref_sp1_backup {
   from neighbor 192.168.2.1;
   then {
      local-preference 150;
   }
term local_pref_sp2 {
   from neighbor 192.168.3.1;
   then {
          local-preference 140;
  }
}

[email protected]> show configuration policy-options policy-statement announce_to_isp1
term 1 {
   from {
       prefix-list to_isp1;
   }
   then accept;
}
term deny {
   then reject;
}

[email protected]> show configuration policy-options policy-statement announce_to_isp2
term 1 {
   from {
       prefix-list to_isp2;
   }
   then accept;
}
term deny {
   then reject;
}

[email protected]> show configuration policy-options prefix-list to_isp1
10.0.3.0/24

[email protected] > show configuration policy-options prefix-list to_isp2
10.0.8.0/24

[email protected]> show configuration routing-instances
isp2-route {
  instance-type forwarding;
  routing-options {
      static {
          route 0.0.0.0/0 next-hop 192.168.3.1;
      }
  }
}

[edit routing-options]

[email protected]# show
interface-routes {
   rib-group inet filter-based-forwarding-group;
}

rib-groups {
   filter-based-forwarding-group {
      import-rib [ inet.0 isp2-route.inet.0 ];
   }
}

[email protected]> show configuration firewall family inet filter sp2-customers
term sp2_customers_networks {
   from {
      source-address {
          10.0.8.0/24;
   }
}
   then {
      routing-instance isp2-route;
   }
}
term default {
      then accept;
}

[email protected]> show configuration interfaces ge-0/1/0.19
description clients_to_sp2;
vlan-id 19;
    family inet {
        filter {
                input sp2-customers;
        }
        address 10.0.8.1/24;
}

About The Author

harrychanputra.web.id

Number of Entries : 295

Leave a Comment

© 2011 Powered By Wordpress, Goodnews Theme By Geeks Docuementation

Scroll to top