Community Groups Rewards Enterprise

Multihomed NE40E readvertises internet BGP updates to ISPs, BGP peers (ISPs) on

aamallik
aamallik  Diamond  (1)
7 years 6 months ago  View: 1775  Reply: 4
1F

Problem Description

Network Overview: 

NE40E-x3 -------------------GigabitEthernet3/0/0-------------------------- ISP1 
-------------------GigabitEthernet3/0/2-------------------------- ISP 2 

Phenomenon Description: 

Its found that the NE40E cannot establish stable peer realtionships with ISP 1 and ISP 2, however BGP is configured properly on NE40E, physical links to both ISPs are up and stable, the IPs of ISP 1 and 2 are pingable from NE40E. 

log messages showing the BGP states flapping between idle and established state for both ISP 1 and ISP 2 


Handling Process


Its found that the NE40E is multihomed to two different ISPs and cannot be a transit router between the two ISPs, in other words, ISP1 shouldnt reach the internet routes through the NE40E, then ISP 2, and the same applicable for ISP2. 

Each ISP router terminates the BGP session to NE40 when receiveing the same internet routing updates from NE40(the updates coming from the other ISP connected to the same NE40). 

The soultion was to configure a BGP filter policy to allow specific networks (local public network) which belongs to NE40E to be sent to ISPs and to deny any other BGP updates. 



Solution


1. Checking the interfaces status of NE40E to both ISPs, and found that they are always up: 

display interface GigabitEthernet3/0/0 
GigabitEthernet3/0/0 current state : UP 
Line protocol current state : UP 

display interface GigabitEthernet3/0/2 
GigabitEthernet3/0/0 current state : UP 
Line protocol current state : UP 

2. Pinging the IPs of both ISPs from NE40E and the result was successful. 

3. A filter policy is configured on NE40E BGP configuration to allow only the local public networks to be sent to ISPs, and prevent any other updates: 

A. Configuring the acl list which includes the local public networks to be allowed to be sent in the BGP updates: 
acl number 2020 
rule 10 permit source 201.140.105.245 0 
rule 20 permit source 201.140.105.246 0 
rule 30 permit source 201.140.105.247 0 
rule 40 permit source 201.140.105.248 0 
rule 50 permit source 201.140.105.249 0 
rule 60 permit source 201.140.105.250 0 

B. Configuring the BGP filter policy with acl 2020: 
bgp AS-number 
filter-policy 2020 export 


Suggestions and Summary


When configuring a multihomed CE (in the case is NE40E), its recommended to configure a route filter using filter policy for the BGP updates sent not to make the CE a transit router. 

Comment| Reply
Favorite Favorite (0) | Like |Report
Pema Wangdi
Pema Wangdi  Diamond 
7 years 6 months ago
2F
thanks for sharing ...............
Comment| Reply
|Report
mhkabir1952
mhkabir1952  Diamond 
7 years 6 months ago
3F
Network Overview: 

NE40E-x3 -------------------GigabitEthernet3/0/0-------------------------- ISP1 

-------------------GigabitEthernet3/0/2-------------------------- ISP 2 


very nice network overview

Comment| Reply
|Report
mhkabir1952
mhkabir1952  Diamond 
7 years 6 months ago
4F
i liked the post
Comment| Reply
|Report
mhkabir1952
mhkabir1952  Diamond 
7 years 6 months ago
5F
add more case study pls...
Comment| Reply
|Report
Reply
Return New post Share

Hot Group

Fixed Network Info Community
Members:9595   Posts:9360
Wireless Network Info Community
Members:2501   Posts:11275
Support HedEx User Group
Members:14004   Posts:4898
Core Network Info Community
Members:1125   Posts:14720
Network OSS Club
Members:4641   Posts:1596
Information For
Consumers
Enterprises
Carriers
Journalist
Suppliers
Job Seekers
About HUAWEI
Corporate Information
Corporate Governance
Executives
Bond Investor Relations
Sustainability
Cyber Security
Publications
Annual Report
News & Events
Latest News
Media Kit
Media Contact
Security Bulletins
Events
Huawei| Huawei Connect| Support| Privacy| Terms of Use
Contact Us:hworld@huawei.com
Follow Huawei Connect :
Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.