Influencing Entrance Selection and Controlling Exit Selection

You've probably seen the prayer asking for the wisdom to know the difference between the things in life you can change and the things you can't. Entrance and exit selection are like life in some ways. Some things you can control and others you can't.

Fortunately, even when you can't control them, there's a mechanism (more effective than prayer) for influencing them. This section explains the limits of your control.

Controlling Exit Selection

It's easiest to control how the exit is selected because the decisions are all made within your AS (where you control the policy). See Figure 7-3. You simply configure your IGP and BGP to make the exit choices you want. Your IGP sometimes plays the dominant role. If you're connected to a single ISP from multiple sites, then your exit policy will choose the best exit site. If you're connected to multiple ISPs, then your exit policy will choose the ISP best able to deliver the traffic to its destination.

Figure 7-3. Central Question in Exit Selection

Influencing Entrance Selection with One ISP

It's fairly easy to influence how the entrance to your AS is selected if you have only one ISP connected to your AS at two or more points. See Figure 7-4. All the entrance decisions are made within your (one and only) ISP's AS. BGP gives you the tool you need (multiple exit [1] discriminator or "MEDs") to influence your ISP's exit policy so the traffic will be delivered where you want it.

Figure 7-4. Central Question in Entrance Selection with One ISP

Note that in this example, MEDs are used to bias traffic from the Internet toward the entrance to your AS that's closest to the destination LAN.

Also note that both LANs are advertised as reachable via both entrances. This insures that traffic for a LAN will enter the AS even when the entrance closest to it is down. Presumably, the private network will then carry the traffic to the destination LAN.

Influencing Entrance Selection with More Than One ISP

It's much harder to influence entrance selection if you have connections to more than one ISP. See Figure 7-5. In this case, you're trying to influence decisions made in ASes beyond either of your two providers. (Traffic originating within either providers' networks would very likely to enter via your connection to that provider.) MEDs won't pass from your ISPs' ASes to other transit ASes. Only tools like influencing the AS path length (see the section called Using AS Path Length to Influence Entrance Selection) or setting BGP communities (see the section called Using BGP Communities to Influence Entrance Selection) are available to influence entrance choice in this case.

Figure 7-5. Central Question in Entrance Selection with More than One ISP

Note that this doesn't mean that you're necessarily better off with two connections to one ISP than two connections to different ISPs. It just means that you'll have a harder time influencing which entrance is used if you have two different ISPs.

Now that we've covered what you can and can't expect to control, let's discuss the scenarios and techniques used first to control exit selection, and then to influence entrance selection.



Don't be confused because it's named a multiple exit discriminator. It influences the exit taken by your ISP.

One man's exit is another man's entrance--it all depends on your point of view. The BGP standards were drafted by the people who needed it most (the ISPs) hence the terminlogy tends to be chosen from their point of view.

Copyright © 1999-2000 by Robert A. Van Valzah