Is my BGP configuration on switch alright to detect failure on Routers?

Answered Question
May 25th, 2007

Hi, imagine that on my RemoteSite, I have RouterB->Internet

and RouterC->Internet. A CAT_3750 switch is connected to

both routers on that site. In case traffic stops flowing from RouterB,

I want to make the CAT_3750 pick the path via RouterC instead.

Below is the the configuration I came up with on the CAT_3750 switch. My question is, is this sufficient to establish the CAT_3750 as a peer to RouterB and RouterC and accomplish the failover? I am kind of unsure on whether I have

somehow to declare the neighbor command to include 'remote-as 101', 'remote-as 126' (those are AS known to the RouterB doing eBGP) so that the CAT_3750 can learn those routes as well. Is that necessary? Sorry if this is a stupid question.

Thanks for your kind insight.

CAT_3750#show run

(...)

router bgp 116

neighbor 10.8.202.14 remote-as 116

neighbor 10.8.202.16 remote-as 116

neighbor 10.8.202.14 route-map SELECT_WAN

route-map SELECT_WAN

set local-preference 200

(...)

Here is my lab relevant BGP configuration for both Routers, RouterB and RouterC, the ones connected to the Internet and currently doing eBGP:

RouterB#show run

(...)

router bgp 116

no synchronization

bgp router-id 10.8.202.14

bgp log-neighbor-changes

network 60.69.44.136 mask 255.255.255.240

network 10.8.202.14 mask 255.255.255.255

network 10.8.77.0 mask 255.255.255.248

network 10.8.77.56 mask 255.255.255.248

neighbor 60.69.44.137 remote-as 116

neighbor 60.69.44.137 description SITEVPN

neighbor 10.8.77.1 remote-as 101

neighbor 10.8.77.1 description Router1

neighbor 10.8.77.1 update-source Tunnel0

neighbor 10.8.77.1 route-map FROM_MYVPN in

neighbor 10.8.77.58 remote-as 126

neighbor 10.8.77.58 description SITE2VPN

neighbor 10.8.77.58 update-source Tunnel1

neighbor 10.8.77.58 route-map FROM_MYVPN in

no auto-summary

(...)

RouterC#show run

(...)

!

router bgp 116

no synchronization

bgp router-id 10.8.202.16

bgp log-neighbor-changes

network 60.69.40.0 mask 255.255.248.0

network 60.69.34.28 mask 255.255.255.248

network 60.69.34.136 mask 255.255.255.240

network 10.8.202.16 mask 255.255.255.255

network 10.8.77.28 mask 255.255.255.248

neighbor 60.69.34.29 remote-as 101

neighbor 60.69.34.29 route-map MYWAN in

neighbor 60.69.34.139 remote-as 116

neighbor 10.8.77.29 remote-as 101

neighbor 10.8.77.29 ebgp-multihop 2

neighbor 10.8.77.29 update-source Tunnel3

no auto-summary

!

(...)

I have this problem too.
0 votes
Correct Answer by mohammedmahmoud about 9 years 6 months ago

Hi Marlon,

You got it right on the 3750, but shouldn't you do the same on B and C (update-source loopback0 in front of the 3750, since you are peering with their loopbacks), practically speaking the session will come up if only one side is configured with update source correct, but as a best practice you should do it when ever you are peering using the loopbacks.

NOTE: Using the update source loopback on a router allow the local internal BGP sessions to use the loopback interface for the BGP TCP connections.

HTH, please do rate all helpful replies,

Mohammed Mahmoud.

Correct Answer by mohammedmahmoud about 9 years 6 months ago

Hi,

A question is a question, there is nothing called stupid question :)

If all that you require is that 3750 uses router B as the main and router C as the backup, then setting the local preference in the way you did shall take care of that.

Since the 3750 has an iBGP with B and C it will learn the eBGP routes from them via iBGP, and thus no need to have eBGP on it.

As for the iBGP sessions, just make sure that you have the update-source configured right if you are not peering with the direct connected interfaces.

HTH, please do rate all helpful replies,

Mohammed Mahmoud.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
mohammedmahmoud Sat, 05/26/2007 - 00:35

Hi,

A question is a question, there is nothing called stupid question :)

If all that you require is that 3750 uses router B as the main and router C as the backup, then setting the local preference in the way you did shall take care of that.

Since the 3750 has an iBGP with B and C it will learn the eBGP routes from them via iBGP, and thus no need to have eBGP on it.

As for the iBGP sessions, just make sure that you have the update-source configured right if you are not peering with the direct connected interfaces.

HTH, please do rate all helpful replies,

Mohammed Mahmoud.

news2010a Sat, 05/26/2007 - 17:52

You rule! Since the bgp neighbor ip 10.8.202.14 and 10.8.202.16 are the respective loopback0 interfaces of RoutersB and RouterC, I understand I should include the update-source command in the CAT_3750 then.

CAT_3750#show run

(...)

router bgp 116

neighbor 10.8.202.14 remote-as 116

neighbor 10.8.202.14 update-source looback0 (this is the loopback0 of the RouterB)

neighbor 10.8.202.16 remote-as 116

neighbor 10.8.202.16 update-source looback0 (this is the loopback0 of the RouterC)

neighbor 10.8.202.14 route-map SELECT_WAN

route-map SELECT_WAN

set local-preference 200

(...)

Here is my lab relevant BGP configuration for both Routers, RouterB and RouterC, the ones connected to the Internet and currently doing eBGP:

RouterB#show run

(...)

router bgp 116

no synchronization

bgp router-id 10.8.202.14

bgp log-neighbor-changes

network 60.69.44.136 mask 255.255.255.240

network 10.8.202.14 mask 255.255.255.255

network 10.8.77.0 mask 255.255.255.248

network 10.8.77.56 mask 255.255.255.248

neighbor 60.69.44.137 remote-as 116

neighbor 60.69.44.137 description SITEVPN

neighbor 10.8.77.1 remote-as 101

neighbor 10.8.77.1 description Router1

neighbor 10.8.77.1 update-source Tunnel0

neighbor 10.8.77.1 route-map FROM_MYVPN in

neighbor 10.8.77.58 remote-as 126

neighbor 10.8.77.58 description SITE2VPN

neighbor 10.8.77.58 update-source Tunnel1

neighbor 10.8.77.58 route-map FROM_MYVPN in

no auto-summary

(...)

RouterC#show run

(...)

!

router bgp 116

no synchronization

bgp router-id 10.8.202.16

bgp log-neighbor-changes

network 60.69.40.0 mask 255.255.248.0

network 60.69.34.28 mask 255.255.255.248

network 60.69.34.136 mask 255.255.255.240

network 10.8.202.16 mask 255.255.255.255

network 10.8.77.28 mask 255.255.255.248

neighbor 60.69.34.29 remote-as 101

neighbor 60.69.34.29 route-map MYWAN in

neighbor 60.69.34.139 remote-as 116

neighbor 10.8.77.29 remote-as 101

neighbor 10.8.77.29 ebgp-multihop 2

neighbor 10.8.77.29 update-source Tunnel3

no auto-summary

!

(...)

Correct Answer
mohammedmahmoud Sat, 05/26/2007 - 23:38

Hi Marlon,

You got it right on the 3750, but shouldn't you do the same on B and C (update-source loopback0 in front of the 3750, since you are peering with their loopbacks), practically speaking the session will come up if only one side is configured with update source correct, but as a best practice you should do it when ever you are peering using the loopbacks.

NOTE: Using the update source loopback on a router allow the local internal BGP sessions to use the loopback interface for the BGP TCP connections.

HTH, please do rate all helpful replies,

Mohammed Mahmoud.

Actions

This Discussion