If you're preparing for an exam right now, you probably need to know the full version of this - located here..
However in the real world there are ( in cisco land anyway ) 4 parameters that you typically use. There are two separate 'sets' - attributes which govern how traffic leaves your AS (i.e. routes which are members of other AS's - or outbound traffic); and attributes which govern how traffic enters your AS (i.e. they belong to your AS - inbound traffic).
Lets look at outbound traffic first. The two parameters we can change to alter this are weight and local preference. Weight is Cisco proprietary, and is local to the router (it is not exchanged with other devices). Local preference on the other hand is exchanged by routers within an AS (subject to normal iBGP rules on split horizon). The path with the lowest weight (best) will be selected over the path with the highest (best) local preference.
For inbound traffic you also have two options, MED (AKA metric), and path. MED has a few limitations - firstly - and most importantly - this attribute can be passed to (and within) a directly neighboring AS, but will be passed no further.
Let's take and example - you are connecting to the internet via two separate ISPs, and you want to control which ISP your inbound traffic is to come down, using the MED attribute. You set a MED of 100 on ISP A, and 200 on ISP B (lowest wins), so all the traffic will come down ISP A right? Wrong. ISP A will have a path with a MED of 100, and ISP B will have a path of 200, but they won't pass the MED to each other to compare. When the paths get advertised out to the rest of the internet, the MED will be stripped off, and the rest of the world will pay no attention to it.
What will actually determine* how this traffic enters your network is the AS path. Go back to our example above - both ISP A and B will have two paths to get to your network. One will your peering with them. It will have a path length (i.e. the number of AS's in the path) of 1 (your AS). Let's pretend ISP A and ISP B peer with each other directly and exchange all paths - so they will have a second path to get to you via the other ISP. This will have a path length of 2. Path length works on shortest path wins, so they will always send traffic down the direct peering. Their peers (and backbones) will see both paths, and depending on how they connect, will favour one over the other. Typically, lets say ISP A is a well peered tier 1 ISP, it will probably have a shorter path to most destinations than ISP B, who lets say is a small local ISP, which is often going to have longer paths to get to most destinations. This by itself will bring most (but not all) traffic down ISP A.
If you want to force a particular path, you can perform what's called 'AS Path pre-pending' (or sometimes path 'stuffing'). Simply put, we repeatedly prepend our own AS to the path that we want to make 'worst' - lets say that's ISP B. If our AS is 1234, then we send a path of <1234,1234,1234,1234,1234,1234> to ISP B, and a path of <1234> to ISP A. This will generally make A preferential to all but the most crazily connected peers. Even traffic generated from within ISP B will now travel over the peering to A and down that link (path length of 2 rather than 6).
MED does have a use though - let's say you have two connections to the same ISP, and want to choose one link (and we'll assume the ISP does nothing clever at their end) over the other. MED will work well, as it propagate the metric to the ISP's backbone, and within that backbone, control which path is seen as best.
For enterprise networks, this is a common use, although it's often can be a waste of time, as the ISP will often assume that everything you tell them is wrong, strip all attributes from your advertisements, and control this themselves. Having done the job, and knowing how many customers screw this up, it's not as crazy as it may seem. If you want to do this, make sure you have the conversation with the ISP about it first, and make sure they're not going to strip your attributes. In such a scenario - I'd generally still use path - it's harder to overwrite, and given the choice, best path will take preference over best MED.
Comments and corrections welcome!
* it can be a lot more complicated than this - ISP backbone teams spent half their time making sure traffic enters/leaves their network the way they want it to - i.e. the cheapest way. It's a form of warfare. Let's pretend for the sake of this example that it's simple.
0 comments:
Post a Comment