1

I am trying to load balance a router to send traffic over two uplinks (with equal capacity). I generated static routes for every /8 on the internet (for ipv4) and plugged it in. Unfortunately it does not appear to be having the desired effect. I noticed that checking the forwarding table for a specific ip there were three routes, my two static /8s and a single more specific route (a /24 instead of /8) which was learned through bgp. Can anyone confirm that Junos will route traffic to a more specific route even if it was discovered from a less preferred source such as BGP over a manually entered static route.

This source suggests that the way the route was learned is always chosen first (item 2 after checking link is up)

Choose the path with the lowest preference value (routing protocol process preference).

Programster
  • 495
  • 1
  • 13
  • 22

1 Answers1

1

1.0.0.0/8 and 1.0.0.0/24 (for example) aren't the same route, so there is no competition between the two /8's and the one /24's to get into the FIB. The two /8's go in, and when it learns the /24 it goes in too because it is more specific (so a different route). You can't have a /8's rejected because of the presence of a /24 could you (You'd be missing a major portion of the /8)?

Also, why are you generating /8's for every block on the IPv4 address space when you could just generate two 0/0 routes? (Assuming one upstream provider!). Having said that, I can't help you with getting your load balancing working, as I don't know enough about JunOS.

jwbensley
  • 4,202
  • 11
  • 58
  • 90
  • We did initially try 0.0.0.0/0 and nothing happened so then went onto generating all the /8s. I just dont know why the /24s are making it into the forwarding table (I can understand them being in the routing table which is used to derive the forwarding table), as I had thought the /8 being learnt from a static route rather than bgp would override the /24 even though /24 is more specific. I don't understand your first statement because 1.0.0.0/24 is only a subset of 1.0.0.0/8 so they sort of are the same route for 256 of the ips. – Programster Apr 10 '13 at 23:18
  • NO they are NOT the same route, 10/24 is only a subnet of 10/8 in the world of classful routing, CIDR is not classfull, 10/8 and 10/24 are two different prefix. Routes are chosen based on most specific first, then two exact same routes so two /8's or two /24's that are them same are then compared by source (static route, OSPF, BGP etc). – jwbensley Apr 11 '13 at 12:52
  • Lets use some public IPs as examples; 55.0.0.0/8. Lets say you have a connection from an internet provider and you add a static route to every /8 to point to the interface on your router connected to that Internet provider. Now at a later date your network gets a direct connection on a separate router interface to another network, who uses the public range 55.100.200.0/24 (so a range somewhere in the middle of that /8 block). You now enter a static route to the /24 pointing via this 2nd new interface. You want the direct traffic to use that direct connection don't you? So /24 is more specific. – jwbensley Apr 11 '13 at 12:57
  • and that is why it goes into the FIB, most specific route first, the route source. – jwbensley Apr 11 '13 at 12:58
  • Thank you for your input javanavo that answers my question. My only 'diagreement' would be that in your second comment you refer to adding statically a /8 and then /24 and thus would want to use the /24, I am fine with that, but I am only statically adding the /8 and not the /24 which is learnt through BGP so I would still want to use the less specific /8 as I had to manually insert it. I guess to do that I should set up a filter to ignore incoming BGP requests for prefixes that form a subset of already defined /8s. – Programster Apr 11 '13 at 13:14
  • @Stu2000 You're welcome. I guess in your case, you can use an inbound filter like you say, if you are receiving a full BGP table from you upstream, you can filter eveything except 0/0, which you won't receive, then add you many static /8's and they will be the only routes so you will get ECMP routing over dual links. Seems a bit weird though? Is you provider splitting packets down both links towards your juniper? – jwbensley Apr 11 '13 at 13:17
  • We have two different providers and one of them has an AS path that is generally (guessing around 70-80%) at least 1 or more longer, so most traffic tries to go over just one link. It would be nice to somehow artificially decrease the path length of that provider, or artificially increase the other and keep using bgp routes. – Programster Apr 11 '13 at 15:19
  • Perhaps look into AS prepend on JunOS – jwbensley Apr 11 '13 at 16:08
  • Does that not just affect your incoming bandwidth and make routes to you look longer. I didn't think you could prepend to routes advertised to you with bgp. – Programster Apr 11 '13 at 16:34
  • Using AS pre-pending affects the routes advertised to you, so this affects your outbound traffic, not incoming. So if for of your provides, all their routes are 1 AS longer than the other, then you can use 1x AS prepend on shorter provider to to even them out. Although, I don't think any of this is a great solution to be honest. You should take two links from one provide if you want an even load sharing of links. – jwbensley Apr 11 '13 at 16:37
  • I haven't found one article that mentions being able to manipulate outbound flow with AS prepend. Only prepending your broadcasts to affect inbound traffic. For example here is another guy with the same issue but using cisco: http://serverfault.com/questions/54706/influencing-outbound-routes-on-multi-homed-bgp-setup – Programster Apr 11 '13 at 16:46
  • AS path length is how the BGP route selection process works, look at this example page, item #4 http://www.techrepublic.com/blog/networking/understand-how-the-bgp-best-path-selection-algorithm-works-on-your-router/784 It will affect your outbound traffic because it will affect which route your router chooses based on AS length – jwbensley Apr 11 '13 at 16:51
  • That guy who provided the answer in the questions also agree's, this isn't a great idea `Its not 100% good because you may have received trafic on ProviderA IPs from the ProviderB link even with AS prepending and you will send back the trafic to ProviderA instead of ProviderB` I don't know enough about JunOS to help you further on how to set up the same config. – jwbensley Apr 11 '13 at 16:52
  • I realize how the AS path length plays into how the path is chosen, but I do not believe you can use AS prepend to routes advertised to you in order to manipulate outbound traffic. I have only found examples of as-prepend to manipulate routes you advertise in order to manipulate inbound traffic. – Programster Apr 11 '13 at 17:36
  • You just said it :) `I realize how the AS path length plays into how the path is chosen` Using AS prepends you can influence which routes go into the FIB and only the routes in the FIB will be used to send your outbound traffic. – jwbensley Apr 12 '13 at 08:18
  • You should start a new questions really to discuss this any further ;) – jwbensley Apr 12 '13 at 08:18