cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
22967
Views
5
Helpful
16
Replies

Using HSRP VIP address as BGP peer ?

rboldy123
Level 1
Level 1

Is it possible to setup a BGP peer using the HSRP virtual address as neighbour and source IP ?

16 Replies 16

mohammedmahmoud
Level 11
Level 11

Hi,

Please check this document as a best practice of running HSRP with BGP to provide redundancy:

http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a0080093f2c.shtml

HTH,

Mohammed Mahmoud.

No. First of all IOS doesn't let you specify the IP address as an option in the update-source command and you would have to specify an interface with the update-source command. Moreover it's not practical to use HSRP address for BGP peering as address doesn't always belong to the same device.

HTH

Sundar

Thanks for the response - My reason for thinking about it is that I wish the BGP peer to only be established with the device that is actively holding the HRSP VIP !

While using HSRP address for peering isn't an option BGP offers a wide range of options for redundancy and load sharing. If you can provide more details about your topology and what's that you are trying to achieve we can probably assist you with the configuration.

HTH

Sundar

Thanks - I think I can sort it out though.

Edison Ortiz
Hall of Fame
Hall of Fame

You are only allowed to source from an interface, not from a virtual address.

While you are allowed to configure the neighbor pointing to the HSRP address, the remote connection will be refused since it will be sending the packet from an invalid IP address.

This is where I got to - so was hoping for a work-around !

Thanks anyway, after looking into this for a while I didn't think it was possible but just wanted a second opinion.

two options come to mind;

create the same anycast loopback address on both possible bgp peers of the third peer, put both in to the IGP, and let the igp determine the best path to each...

or just fully mesh to the loopback address of the peers.

Joe

bkenned6
Level 1
Level 1

As Jbrunner007 has mentioned, the only way to peer with HSRP would be with an anycast loopback. Let's say you have 3 routers: R1, R2, and R3. Let's assume all of these are on the same subnet for this example. R1 and R2 will be the HSRP peers and R3 will be the router trying to peer with the HSRP address. (Just putting in the signicant portions for the sake of brevity)

R1

int lo0

ip add 1.1.1.1 255.255.255.255

int gi0/0

ip add 2.2.2.2 255.255.255.0

standby 0 ip 2.2.2.1

router bgp 1

neigh 2.2.2.4 update-source l0

R2

int lo0

ip add 1.1.1.1 255.255.255.255

int gi0/0

ip add 2.2.2.3 255.255.255.0

standby 0 ip 2.2.2.1

router bgp 1

neigh 2.2.2.4 update-source l0

R3

int gi0/0

ip add 2.2.2.4 255.255.255.0

router bgp 2

neigh 1.1.1.1 remote-as 1

ip route 1.1.1.1 255.255.255.255 2.2.2.1

In this case we used a static route to get to the anycast loopback, if they aren't on the same subnet you'd need to rely on an IGP and tune the metrics so that R2 had a worse metric from R3.

This works perfeckly, already implemented this one on my LAB

I'm afraid each time HSRP flaps the BGP session will go Down/Up also.

And you are never sure which router you are peering to.

So it really makes a better sense to configure BGP peering to both routers.

 

BR,

Milan

 

You're right @Milan the problem is how stable is your FHRP but peering with physical router instead of virtual one is better choice.

You would know which router BGP was peering to since it is the active router on interface 2.2.2.1 correct?

Only 1 router will be active at a time.  Or am I missing something? I am trying to setup this scenario also. I do not have the luxury of a second ISP.

ADP_89
Level 1
Level 1

Hello,

 

If your goal is to forward traffic only to the active hsrp router you could create 2 BGP sessions, one on each router, and then set the next-hop as the HSRP vip using a route-map on the bgp neighbors.

 

HTH,

ADP

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco