Building a Resilient Dual-ISP Network Using BGP
Eliminating single points of failure with intelligent routing design
Introduction
High availability is no longer a luxury in modern enterprise networks. Internet-facing services, cloud applications, remote users, and partner integrations all depend on uninterrupted connectivity. One of the most common causes of outages is dependency on a single upstream Internet Service Provider. When that provider experiences failure, the entire organization becomes isolated.
A proven solution is to connect to multiple providers using Border Gateway Protocol (BGP). When implemented correctly, BGP allows traffic to dynamically reroute around failures while preserving policy control and routing stability. This article explores a practical dual-router, dual-ISP design that eliminates both link-level and router-level single points of failure.
Concept Overview
The architecture discussed here uses two edge routers within a single autonomous system. Each router establishes an external BGP session with a different provider, and the routers form an internal BGP relationship with each other. This ensures that either router can advertise the organization’s prefixes to the Internet and forward outbound traffic even if the other router or provider fails.
Understanding BGP in This Design
BGP is a path-vector protocol designed to exchange routing information between autonomous systems. Unlike interior routing protocols, BGP focuses on policy, scalability, and loop prevention through AS path attributes.
If you need a conceptual refresher, an excellent neutral reference is available on Wikipedia.
Router Roles and Responsibilities
Each router in this design has three key responsibilities:
- Maintain an external BGP session with its connected provider
- Maintain an internal BGP session with the peer router
- Advertise internal prefixes while preventing transit traffic
Configuration Walkthrough
interface Serial0
description Connection to ISP 1
ip address 192.168.1.6 255.255.255.252
interface Ethernet0
description Internal LAN
ip address 172.18.5.2 255.255.255.0
ip as-path access-list 15 permit ^$
router bgp 65500
network 172.18.5.0 mask 255.255.255.0
neighbor 192.168.1.5 remote-as 65510
neighbor 192.168.1.5 filter-list 15 out
neighbor 172.18.5.3 remote-as 65500
neighbor 172.18.5.3 next-hop-self
no synchronization
interface Serial1
description Connection to ISP 2
ip address 192.168.2.6 255.255.255.252
interface Ethernet0
description Internal LAN
ip address 172.18.5.3 255.255.255.0
ip as-path access-list 15 permit ^$
router bgp 65500
network 172.18.5.0 mask 255.255.255.0
neighbor 192.168.2.5 remote-as 65520
neighbor 192.168.2.5 filter-list 15 out
neighbor 172.18.5.2 remote-as 65500
neighbor 172.18.5.2 next-hop-self
no synchronization
Why next-hop-self Matters
In internal BGP, routes learned from an external neighbor retain their original next-hop attribute by default. This behavior can break forwarding if the internal routers do not have a route to that next hop. The next-hop-self directive forces the advertising router to rewrite the next-hop to itself, ensuring reachability.
Preventing Unintended Transit Routing
Without safeguards, one provider could use your autonomous system as a transit path to reach the other provider. This is both contractually and operationally undesirable. The AS path filter permitting only locally originated routes ensures that your network advertises only its own prefixes.
Operational Differences Across Software Generations
Over time, routing software has evolved significantly. Earlier generations required more manual intervention, explicit commands, and careful ordering. Modern releases emphasize safer defaults, improved scalability, and enhanced diagnostics.
In older platforms, synchronization behavior, memory handling, and BGP convergence required close attention. Newer platforms provide better route dampening, improved logging, and more predictable convergence during failures.
These differences do not change the core design principles, but they influence how operators monitor, troubleshoot, and scale the solution.
Scaling Beyond Two Routers
While this design uses two routers, the same principles apply to larger environments. One important consideration is that internal BGP requires a full mesh of peerings unless route reflectors or confederations are introduced.
Conclusion
A dual-router, dual-ISP BGP design provides a strong foundation for Internet resilience. By separating external connectivity, enforcing routing policy, and maintaining internal route consistency, organizations can withstand both provider and hardware failures.
The configurations shown here are intentionally straightforward, focusing on clarity and correctness. From this baseline, operators can add traffic engineering, security controls, and advanced policy as business requirements evolve.
No comments:
Post a Comment