[afnog] hrobert@iservices.tg

Thu Jul 27 15:19:29 EAT 2006

On Wed, Jul 26, 2006 at 09:51:36AM +0200, Charles KOUAME wrote:
>    J'ai trois sorties internet avec une dizaine de clients.
>    J'aimerais que le trafic du client 1,2,3,4 passe par le 1er lien
>    Le trafic du client 5,6,7,8 passe par le second lien.
>    Le trafic du client 9,10 passe pr le troisieme lien.
>    Je suposse que mon numero d'AS est 100 et celui de mon voici est 200
>    et que les préfixes que je veux annonncer sont 192.168.79.0/24;
>    192.168.81.0/24

I am guessing you are multi-homed to the same ISP. From subsequent
discussions what I think you have is:

clients    +-------------------+
  1 -------|                   |
  2 -------|                   |
  3 -------|                   |   line1     +------------------+
  4 -------|                   |-------------|                  |
  5 -------|   Your network    |   line2     |   Your provider  |
  6 -------|     AS29571       |-------------|      AS5511      |
  7 -------|                   |   line3     |                  |
  8 -------|                   |-------------|                  |
  9 -------|                   |             +------------------+
 10 -------|                   |
 11 -------|                   |
 12 -------|                   |
           +-------------------+

Is this correct?

Furthermore, your clients all have "real" IP addresses, not the 192.168
addresses you mention above. Is that true too?

Then I would proceed as follows.

(1) Firstly, are you solving the right problem?

That is, you state that you want certain clients' traffic to go down certain
lines. But what is the reason for that? Maybe the problem is simply that you
find line 1 to be full and lines 2 and 3 to be empty. In that case, there
may be simpler ways of spreading the traffic across all three lines.

(2) If you definitely want to direct your clients' traffic like this, then
it's possible, but not trivial.

For influencing the *inbound* traffic:

Firstly, you will have to announce your different clients' netblocks
separately. It appears you are doing this already :-) However you should
announce your whole netblock as well as the smaller /24's. Then, France
Telecom can pass on the large netblock to the rest of the Internet, whilst
suppressing the smaller routes and only using them internally to its own
network. This would reduce the impact on routing tables around the world.

Then, ask a BGP guru about the mechanisms you can use for influencing FT's
choice of route when sending traffic to you (e.g. Multi-Exit Discriminator?
Path stuffing?)

For influencing the *outbound* traffic: you can use policy routing to say
that all traffic from X.X.X.X/Y should go via line 1. However, you'll need a
guru again to tell you how to do this in such a way that you maintain
resilience (i.e. if line 1 goes down then their outbound traffic goes via
line 2 or line 3)

If you're really concerned about resilience, of course, then you should not
terminate all three lines on a single router at your side.

Regards,

Brian.