Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
529
Views
0
Helpful
6
Replies

Using advertise maps for link redundancy

bgibson
Level 1
Level 1

‎07-01-2007 07:50 AM - edited ‎03-03-2019 05:41 PM

Hi all.

I am currently trying to figure out the best way properly balance traffic to my branches. Each branch has 2 destination subnets and the networks are being advertise to the enterprise via BGP.

What I am looking to do is have each subnet primarily advertised to one of the 2 circuits each branch has. That way I can split the destination traffic between the 2 circuits.

That works fine. What I also want to do use an advertise-map so that both circuits could advertise both subnets in the case of a circuit or network failure.

My network design looks like this.

Core1 --BGP--> MPLS Core(Vendor) --BGP--> Router1 -> EIGRP

Core2 --BGP--> MPLS Core2(Vendor) --BGP---> Router2 --> EIGRP

So what I am thinking I can do is create a loopback address at each Core router that advertises into the MPLS cores and then is sent to the branches. That network is the tracking network for the advertise maps. If one of the circuits goes down the loopback address is lost.

Here is the config...

On the core router

int loopback 1

ip addr 10.255.255.3 255.255.255.255

on the branch router

route-map tracknet permit 10

match ip address 25

!

route-map secondaryinject permit 10

match ip address 26

!

access-list 25 permit 10.255.255.3 255.255.255.255

access-list 26 permit 192.168.207.0 0.0.0.255

router bgp 65207

bgp log-neighbor-changes

neighbor 172.20.132.33 remote-as 1803

!

address-family ipv4

neighbor 172.20.1.33 activate

neighbor 172.20.1.33 advertise-map secondaryinject non-exist-map tracknet

no auto-summary

no synchronization

network mask 10.255.255.3 255.255.255.255

network 192.168.107.0

network 192.168.207.0

exit-address-family

Does this make sense? Are there better ways to do this?

Labels:
0 Helpful
6 Replies 6

sundar.palaniappan
Level 10
Level 10

‎07-01-2007 08:10 AM

Brian,

I am not entirely clear about your setup. You stated there are 2 circuits at the remote but how many routers are there at the remote site, one or two?

Your understanding of advertise/non-exist map is correct. Advertise map will be trigerred when the route tracked by non-exist map disappears. Your proposed solution may work depending on how the routing table looks on the remote router(s).

My suggestion is to track, using non-exist map, the WAN interface of the remote router then should that become unavailable then advertise the remote LAN out to the core via the backup link. That's exactly the following document/example illustrates. Have a look at it and let us know if this helps.

http://cisco.com/en/US/tech/tk365/technologies_configuration_example09186a0080094309.shtml#veri

HTH

Sundar

0 Helpful

bgibson
Level 1
Level 1
In response to sundar.palaniappan

‎07-01-2007 08:17 AM

Thanks for the reply.

Most sites have 2 routers but some sites have 1. I don't think it should make any difference in the design, other than the single router sites don't have an IGP running.

The problem I have with using the WAN interface is two-fold.

1. If there is a routing problem in the Vendor core the branch router won't know to start advertising the other subnet.

2. If the circuit goes into an unstable state in which it thinks it is in an up state but traffic can't pass through the router will continue to advertise the interface locally thus the other router will never trigger the advertise map.

0 Helpful

sundar.palaniappan
Level 10
Level 10
In response to bgibson

‎07-01-2007 10:27 AM

I see. In that case make sure the loopback address that's being tracked by non-exist map somehow doesn't get advertised from the core through the backup link to the remote. It appears it should work. Let us know how you did!!

HTH

Sundar

0 Helpful

bgibson
Level 1
Level 1
In response to sundar.palaniappan

‎07-02-2007 05:43 AM

Got it set up and it appears to be working like a champ. Tested both sides and the network propagated after 40 seconds. Brought the circuit back up and the network went back to where it normally is supposed to be.

The loopback addressing was key. I really didn't want to advertise any of the Vendor transit networks on the other vendor since that could cause confusion. This way I have reasonable end to end reliability while also utilizing both networks simultaneously.

0 Helpful

sundar.palaniappan
Level 10
Level 10
In response to bgibson

‎07-02-2007 05:54 AM

Glad to hear it's working!!

0 Helpful

bgibson
Level 1
Level 1

‎07-02-2007 05:57 AM

One thing I forgot on this config was the network statement for the loopback on the branch router.

router bgp 65207

network 10.255.255.3 mask 255.255.255.255

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card