DD2491 p2 2009/2010

Load balancing and traffic control in BGP

Olof Hagsand KTH /CSC

Issues in load balancing

Load balancing: spread traffic on several paths instead of a single. Why? Use resources better
Can postpone upgrade of infra-structure

Geography
Example: Dont use trans-oceanic links twice

Cost reasons
Balance traffic for optimal price

Redundancy
Redundancy and load balancing are not always aligned Example: if you use load balancing over several links, and one link goes down: can you still forward all traffic on the single link? For redundancy it is may sometimes be better to send/announce all traffic on a single link and then have redundant links for backup At the edge, it may be easier to get symmetrical routing which is better for filtering

Sub-link-layer load-balancing
10Gb/s 20 Gb/s LAG 10Gb/s

Two physical links is aggregated into a single LinkAggregate Group. Single (20Mb/s) link Load balancing normally on flows

Link-layer load-balancing
In (metro) Ethernet, load balancing can not be made: Spanning tree computes a single link Example: only one link between 222 and 333 can be used for forwarding.

444
1 2

Ethernet switch

333

3 4

2 1

222

IGP load balancing in IBGP

IS-IS / OSPF equal-cost multipath provides load balancing in IBGP
Since next-hop self uses peering between loop-backs, and the IBGP neighbor may be reachable via more than one nexthop

12.0.0.1

Route 130.2.3.0/24 10.0.0.1/32 10.0.0.1/32

Nexthop Metric 10.0.0.1 12.0.0.1 10 13.0.0.1 10

Protocol IBGP IGP Equal-cost IGP multipath

13.0.0.1

10.0.0.1

130.2.3.0/24

Loopback peering in EBGP

Loopback peering can also be used in EBGP, but routing of loopback is then set-up using static routes
Uncommon to use IGP between AS

AS1
RTA

EBGP RTB

AS2

BGP Multipath
By default, the best selection algorithm in BGP selects one route
no load balancing from a single router to a single prefix possible unless outside BGP using loopback peering for example

BGP multipath enables load balancing between equal paths (to the level of comparing routerids) Limited JunOS functionality
set protocol bgp group extern multipath [multiple-as]

By default equal cost multipath

Book also describes unequal cost multipath in CISCO

Practical BGP: pages 261-269

8

IBGP Multipath example

A B D C

Internal (eg from A) vs external (from D) load balancing Equal cost vs unequal cost multipath (links between B-D and C-D have different bandwidth).
9

Balance prefix announcements

For incoming traffic, you can partition your prefixes and anounce different prefix sets on different peerings. If you have many transit operators, you can balance the traffic to get optimal price. If you want higher granularity of the balancing, it is common to de-aggregate (or refrain from aggregating)
Bad for global BGP table sizes

Prefix set A

Prefix set B

10

Load balancing + robustness

For robustness, you may wisth to announce all prefixes on all peerings, but use better metric (shorter AS-PATH / longer prefixes) where you prefer traffic Example: prefixes
192.16.0.0/24 192.16.0.0/23

192.16.0.0/24 192.16.1.0/24

192.16.0.0/24 192.16.1.0/24 192.16.0.0/23

AS9
192.16.0.0/23 192.16.1.0/24 Practical BGP: pages 54-55
11

Load balancing + robustness

Example: AS-PATH

192.16.0.0/24 ASPATH: 9 192.16.0.0/24 ASPATH: 9,9,9 192.16.0.0/24 192.16.1.0/24

AS8

AS6 192.16.0.0/24 ASPATH: 6,8,9

192.16.1.0/24 ASPATH: 6,7,9

AS9
192.16.0.0/24 ASPATH: 9,9,9 192.16.1.0/24 ASPATH: 9

AS7

12

Longer prefix announcements

Using longer prefixes introduces issues with address allocation and PI/PA addresses In the sitiation below where PA addresses are used (AS2:s block), all inbound traffic will flow via AS3 AS2 must either
announce the more specific prefix = 'punching a hole' in 10.1.0.0/16 by 'leaking' 10.1.1.0/24 AS1 must get PI addresses
10.1.1.0/24 AS2 10.1.0.0/16

AS1 10.1.1.0/24 AS3 10.1.1.0/24

Practical BGP: pages 56-59

13

Conditional advertisement
Advertize a prefix when some (network) condition is met
Specific route must be present in routing table

Example SUNET
If IGP reachability fails to campus, do not announce network.

Nordunet Stockholm

University Campus
Practical BGP: pages 63-65
14

Intelligent routing
A generalization of Conditional advertisement is 'Intelligent routing'
External event triggers announcements

Example 1: Announce an anycast route to a DNS server if you can access an A-record from it Example 2: Only announce routes to a site if performance measurement ensures a minimal bandwidth of 10Mb/s

Practical BGP: pages 81-83

15

Controlling outbound traffic

Outbound control is in general simpler than inbound control since, using IP, you need only control the next-hop. No BGP: Announce (default) routes using IGP metrics, load balance using equal-cost multipath Control outgoing traffic by filtering input routes
accepting partial routes

Internal multi-path BGP Tag with communities for internal use or even LOCALPREF (seldom used)

Practical BGP: pages 65-76

16

Forcing symmetric entry/exit points

Asymmetric routing is normal behavior for multi-homed networks But enterprise may want to enforce symmetric routing.
(Providers usually do not have this problem)

Why?

RA

RB

FWA

FWB

Practical BGP: pages 77-81

17

Exercise: Symmetry
AS-C C.1/24 AS-A A.1/24 B.1/24 AS-B D/24 and E/24 are yout networks that you anounce to AS-A and AS-B Try to device a symmetric solution for D.1 and E.1 communicating with A.1, B.1 and C.1 respectively You should have some level of load-balancing.

RA

RB

D.1/24

E.1/24
18

Forcing symmetric entry/exit points

Using the topology shown you do not actually require symmetric routing, it is enough to be traffic be symmetric w.r.t the firewalls: the routing could be asymmetric over RA and RB. This is usually done by splitting the address space internally and letting the IGP handle symmetric FW access

RA

RB

FWA

FWB

19

Load-balancing lab
EBGP loopback peering EBGP over multiple links Balance prefixes on multiple EBGP peerings Redundancy

2/0/0

RTX1

RTX4

2/0/0

2/0/0 ASX-1 2/0/1 ASX

RTX2

2/0/0 2/0/1 ASX+1

20