BGP Attributes - MED (Multi-Exit Discriminator)
October 28th, 2008 in
BGP | tags:
BGP,
MED,
metric In this article I will show how MED (Multi-Exit Discriminator) works. For this article I used the topology from the previous MPLS posts.
On router R2 I created two loopback interfaces :
R2 :
|
|
|
interface Loopback1
ip address 10.10.2.2 255.255.255.0
!
interface Loopback2
ip address 10.10.22.22 255.255.255.0
|
On router R13 and router R6 I pointed a route towards the two loopback addresses of router R2 and advertised them via BGP :
R13 :
|
|
|
ip route 10.10.2.0 255.255.255.0 150.1.61.2
ip route 10.10.22.0 255.255.255.0 150.1.61.2
!
router bgp 65010
no synchronization
bgp log-neighbor-changes
network 10.10.2.0 mask 255.255.255.0
network 10.10.13.0 mask 255.255.255.0
network 10.10.22.0 mask 255.255.255.0
neighbor 150.1.31.3 remote-as 1
neighbor 150.1.61.6 remote-as 65010
no auto-summary
|
R6 :
|
|
|
ip route 10.10.2.0 255.255.255.0 150.1.61.2
ip route 10.10.22.0 255.255.255.0 150.1.61.2
!
router bgp 65010
no synchronization
bgp log-neighbor-changes
network 10.10.2.0 mask 255.255.255.0
network 10.10.6.0 mask 255.255.255.0
network 10.10.22.0 mask 255.255.255.0
neighbor 150.1.46.4 remote-as 1
neighbor 150.1.61.13 remote-as 65010
no auto-summary
|
Now let’s take a look at router R5’s route table to see if the routes to the loopback ip-addresses of router R2 are learned via BGP :
R5 :
|
|
|
R5#sh ip bgp
BGP table version is 11, local router ID is 10.10.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.10.2.0/24 150.1.45.4 0 1 65010 i
*> 10.10.5.0/24 0.0.0.0 0 32768 i
*> 10.10.6.0/24 150.1.45.4 0 1 65010 i
*> 10.10.13.0/24 150.1.45.4 0 1 65010 i
*> 10.10.22.0/24 150.1.45.4 0 1 65010 i
*> 150.1.31.0/24 150.1.45.4 0 1 ?
r> 150.1.45.0/24 150.1.45.4 0 0 1 ?
*> 150.1.46.0/24 150.1.45.4 0 0 1 ?
|
Now let’s do a traceroute on router R5 to the 10.10.2.2 address :
|
|
|
R5#traceroute 10.10.2.2
Type escape sequence to abort.
Tracing the route to 10.10.2.2
1 150.1.45.4 256 msec 176 msec 112 msec
2 150.1.46.6 [AS 1] 28 msec 472 msec 220 msec
3 150.1.61.2 756 msec 640 msec *
|
As you can see above the traffic flows via router R4 and router R6. Next we are going to let the traffic for one of the ip-addresses (10.10.2.2) flow via R4 -> R1 -> R3 -> R13 to router R2. For the other loopback ip-address (10.10.22.22) we let the traffic flow via R4 -> R6. We will do this using MED. MED is often used to manipulate the way traffic enters your network.
The way we will do this is :
- create a prefix-list which matches the ip-addresses
- create a route-map which includes the prefix-lists
- set a metric (used in MED)
- use the route-map under the BGP process
When using MED to manipulate traffic coming into your network keep in mind that the default metric = 0 and that a lower metric is preferred.
Let’s start off with creating the prefix-lists and putting them into a route-map on router R13 and router R6 :
R13 :
|
|
|
ip prefix-list R2 seq 5 permit 10.10.2.0/24
!
ip prefix-list R22 seq 5 permit 10.10.22.0/24
!
route-map SETMETRIC permit 10
match ip address prefix-list R2
set metric 50
!
route-map SETMETRIC permit 20
match ip address prefix-list R22
set metric 100
!
route-map SETMETRIC permit 30
|
As you can see on router R13 we created two prefix-lists, put them into a route-map and in the route-map we specified a metric of 50 for the loopback ip-address 10.10.2.2 on router R2. In the route-map you can see that we gave a metric of 100 to the second loopback ip-address of router R2. On router R6 we are going to do this the other way around :
R6 :
|
|
|
ip prefix-list R2 seq 5 permit 10.10.2.0/24
!
ip prefix-list R22 seq 5 permit 10.10.22.0/24
!
route-map SETMETRIC permit 10
match ip address prefix-list R2
set metric 100
!
route-map SETMETRIC permit 20
match ip address prefix-list R22
set metric 50
!
route-map SETMETRIC permit 30
|
Next let’s use the route-map under the BGP process. Since the route-map is being used for MED (traffic entering your network) we have to specify it out!
R13 :
|
|
|
router bgp 65010
no synchronization
bgp log-neighbor-changes
network 10.10.2.0 mask 255.255.255.0
network 10.10.13.0 mask 255.255.255.0
network 10.10.22.0 mask 255.255.255.0
neighbor 150.1.31.3 remote-as 1
neighbor 150.1.31.3 route-map SETMETRIC out
neighbor 150.1.61.6 remote-as 65010
no auto-summary
|
R6 :
|
|
|
router bgp 65010
no synchronization
bgp log-neighbor-changes
network 10.10.2.0 mask 255.255.255.0
network 10.10.6.0 mask 255.255.255.0
network 10.10.22.0 mask 255.255.255.0
neighbor 150.1.46.4 remote-as 1
neighbor 150.1.46.4 route-map SETMETRIC out
neighbor 150.1.61.13 remote-as 65010
no auto-summary
|
After this we can issue the clear ip bgp * on router R13 and router R6 to restart the BGP process.
Now let’s do a traceroute on router R5 to the first loopback ip-address of router R2
R5 :
|
|
|
R5#traceroute 10.10.2.2
Type escape sequence to abort.
Tracing the route to 10.10.2.2
1 150.1.45.4 740 msec 220 msec 76 msec
2 150.1.14.1 376 msec 124 msec 432 msec
3 150.1.31.3 [AS 1] 340 msec 344 msec 272 msec
4 150.1.31.13 [AS 1] 648 msec 1000 msec 688 msec
5 150.1.61.2 1004 msec 1384 msec 780 msec
|
And to the second loopback address of router R2 :
R5 :
|
|
|
R5#traceroute 10.10.22.22
Type escape sequence to abort.
Tracing the route to 10.10.22.22
1 150.1.45.4 112 msec 84 msec 60 msec
2 150.1.46.6 [AS 1] 172 msec 116 msec 168 msec
3 150.1.61.2 180 msec * 172 msec
|