07-01-2007 07:50 AM - edited 03-03-2019 05:41 PM
Hi all.
I am currently trying to figure out the best way properly balance traffic to my branches. Each branch has 2 destination subnets and the networks are being advertise to the enterprise via BGP.
What I am looking to do is have each subnet primarily advertised to one of the 2 circuits each branch has. That way I can split the destination traffic between the 2 circuits.
That works fine. What I also want to do use an advertise-map so that both circuits could advertise both subnets in the case of a circuit or network failure.
My network design looks like this.
Core1 --BGP--> MPLS Core(Vendor) --BGP--> Router1 -> EIGRP
Core2 --BGP--> MPLS Core2(Vendor) --BGP---> Router2 --> EIGRP
So what I am thinking I can do is create a loopback address at each Core router that advertises into the MPLS cores and then is sent to the branches. That network is the tracking network for the advertise maps. If one of the circuits goes down the loopback address is lost.
Here is the config...
On the core router
int loopback 1
ip addr 10.255.255.3 255.255.255.255
on the branch router
route-map tracknet permit 10
match ip address 25
!
route-map secondaryinject permit 10
match ip address 26
!
access-list 25 permit 10.255.255.3 255.255.255.255
access-list 26 permit 192.168.207.0 0.0.0.255
router bgp 65207
bgp log-neighbor-changes
neighbor 172.20.132.33 remote-as 1803
!
address-family ipv4
neighbor 172.20.1.33 activate
neighbor 172.20.1.33 advertise-map secondaryinject non-exist-map tracknet
no auto-summary
no synchronization
network mask 10.255.255.3 255.255.255.255
network 192.168.107.0
network 192.168.207.0
exit-address-family
Does this make sense? Are there better ways to do this?
07-01-2007 08:10 AM
Brian,
I am not entirely clear about your setup. You stated there are 2 circuits at the remote but how many routers are there at the remote site, one or two?
Your understanding of advertise/non-exist map is correct. Advertise map will be trigerred when the route tracked by non-exist map disappears. Your proposed solution may work depending on how the routing table looks on the remote router(s).
My suggestion is to track, using non-exist map, the WAN interface of the remote router then should that become unavailable then advertise the remote LAN out to the core via the backup link. That's exactly the following document/example illustrates. Have a look at it and let us know if this helps.
http://cisco.com/en/US/tech/tk365/technologies_configuration_example09186a0080094309.shtml#veri
HTH
Sundar
07-01-2007 08:17 AM
Thanks for the reply.
Most sites have 2 routers but some sites have 1. I don't think it should make any difference in the design, other than the single router sites don't have an IGP running.
The problem I have with using the WAN interface is two-fold.
1. If there is a routing problem in the Vendor core the branch router won't know to start advertising the other subnet.
2. If the circuit goes into an unstable state in which it thinks it is in an up state but traffic can't pass through the router will continue to advertise the interface locally thus the other router will never trigger the advertise map.
07-01-2007 10:27 AM
I see. In that case make sure the loopback address that's being tracked by non-exist map somehow doesn't get advertised from the core through the backup link to the remote. It appears it should work. Let us know how you did!!
HTH
Sundar
07-02-2007 05:43 AM
Got it set up and it appears to be working like a champ. Tested both sides and the network propagated after 40 seconds. Brought the circuit back up and the network went back to where it normally is supposed to be.
The loopback addressing was key. I really didn't want to advertise any of the Vendor transit networks on the other vendor since that could cause confusion. This way I have reasonable end to end reliability while also utilizing both networks simultaneously.
07-02-2007 05:54 AM
Glad to hear it's working!!
07-02-2007 05:57 AM
One thing I forgot on this config was the network statement for the loopback on the branch router.
router bgp 65207
network 10.255.255.3 mask 255.255.255.255
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide