BGP route Load Balancer failure case

• Introduction to Network Architecture

  
  

1. Topology diagram:

In view of the company's network privacy and more clearly describe the phenomenon of failure, the actual network structure has been simplified.

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M00/76/FC/wKiom1ZgBcvDBGZ5AACkUli-rbc121.png "title=" 1.png " alt= "Wkiom1zgbcvdbgz5aackuli-rbc121.png"/>

2, network planning and Data configuration introduction:

asr9k establishes IBGP neighbor relationship with two sets of n7k with connected address respectively;

asr9k under the Cisco 752 Architecture, 752 for the CDN server;

The server gateway is in n7k, the two 7K between the HSRP V2, the same priority;

Plan CDN Server Traffic Load Balancing (BOND0) to 752,n7k and then send the traffic to asr9k through BGP, and the last traffic from the ASR9 out of the public network.

Data configuration:

Asr9k:router bgp 65555 nsr bgp router-id 1.1.1.1 bgp graceful-restart  bgp log neighbor changes detail address-family ipv4 unicast   redistribute connected route-policy AAAAA  redistribute static  route-policy bbbbb  redistribute ospf ccccc !  neighbor  30.207.7.42   remote-as 65555   update-source tengige0/1/0/7.3    address-family ipv4 unicast    route-policy Defaultroutes  out    soft-reconfiguration inbound always   !  !   neighbor 30.207.7.46   remote-as 65555   update-source  Tengige0/2/0/7.3   address-family ipv4 unicast    route-policy  defaultroutes out    soft-reconfiguration inbound always   !   n7k-1:   router bgp 65555  router-id 2.2.2.2  address-family ipv4  unicast    redistribute direct route-map aa     redistribute static route-map bb  neighbor 30.207.7.41 remote-as 65555     update-source ethernet1/28.3    address-family ipv4  unicast      route-map ServersIP out       next-hop-self      soft-reconfiguration inbound       n7k-2:   router bgp 65555  router-id 3.3.3.3   address-family ipv4 unicast    redistribute direct  Route-map yewudirect   &nBsp;redistribute static route-map yewustatic    maximum-paths ibgp  10  neighbor 30.207.7.45 remote-as 65555    update-source  Ethernet1/28.3    address-family ipv4 unicast       next-hop-self      soft-reconfiguration inbound

• Failure phenomena:

• 
  

Two n7k to asr9k spit flow equilibrium, but asr9k to two n7k flow imbalance, the return of these traffic all ran in the figure Line 1, resulting in line 1 traffic load to 90%. On the Cacti Monitor flow chart:

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/77/05/wKioL1ZhLQ_DosLdAACvu8XR6Ok304.png "title=" 3.png " Style= "FLOAT:LEFT;WIDTH:700PX;HEIGHT:186PX;" width= "height=" 186 "border=" 0 "hspace=" 0 "vspace=" 0 "alt=" Wkiol1zhlq_dosldaacvu8xr6ok304.png "/>

Line 10,000 gigabit link into the flow ran more than 9G, triggered the flow threshold alarm. Line 2 has no incoming traffic.

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M02/77/05/wKioL1ZhLQ7xl_X2AACmY0ayQ3g284.png "style=" float: left;width:700px;height:191px; "title=" 2.png "width=" "height=" 191 "border=" 0 "hspace=" 0 "vspace=" 0 "alt=" Wkiol1zhlq7xl_x2aacmy0ayq3g284.png "/>

• Fault handling:

1, n7k flow balance normal but into the traffic only one side, indicating that asr9k only received the return route from N7k-1, or N7k-1 received a return route than n7k-2 from the higher. On the asr9k show server route, sure enough, there is only one n7k-1 next hop. Inconsistent with the expected double-hop load balancer.

2, view n7k-2 and asr9k BGP neighbor status is normal, can also receive from N7k-2 server address segment routing, and the same number of routes and n7k-1.

3, find data to turn out the BGP routing principle, where Nineth shows balance traffic, if not configured MAXIMUM-PATH,BGP will select only one optimal route, the final asr9k select N7k-1 Spit flow is based on the routing principle of the last "select a neighbor address smaller routes" , the n7k-1 neighbor address is 30.207.7.41,n7k-2 is 30.207.7.45, so N7k-1 is selected.

4, add a Maximum-path IBGP 5 in BGP configuration, allow up to 5 equivalent route load, fault resolution.

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/77/06/wKiom1ZhMryBaVMiAACx-M7v5jI768.png "style=" width : 700px;height:185px; "title=" 4.png "width=" "height=" 185 "border=" 0 "hspace=" 0 "vspace=" 0 "alt=" Wkiom1zhmrybavmiaacx-m7v5ji768.png "/>

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M02/77/06/wKiom1ZhMr2SnYSxAACXKlIkjmc822.png "style=" width : 700px;height:189px; "title=" 5.png "width=" "height=" 189 "border=" 0 "hspace=" 0 "vspace=" 0 "alt=" Wkiom1zhmr2snysxaacxklikjmc822.png "/>

N7k-1 falling traffic does not match the n7k-2 rising flow rate due to other adjustments.

• Knowledge Summary:

BGP By default selects only one optimal route into the routing table, which can be used over the Maximum-path IBGP/EBGP [2-32] command to achieve BGP route load balancing.

This article from "Tiandaochouqin" blog, reproduced please contact the author!

BGP route Load Balancer failure case