Great advice from Harold as usual :-)

Hi Harold,

Local preference point is perfect. Infact I have to work on the Same scenario 2 ISPs, 2 customer rtrs. Iam planning to go with HSRP on LAN end of the rtrs. So, still the best choice to choose pefect priamry & backup path is to use communities to effect backup ISP (preferably) local preference rather than AS-path prepend.

Is that correct..?

please suggest.

Thank you in advance.

MS

Mehboob,

The method of signalling the local preference to your ISP is usually used in conjunction with the as-path prepend.

So on the backup ISP you would prepend your own AS a couple of times (as needed) and you would also send a community to the ISP to indicate that you want it to prefer any routes received either from a peer or transit.

Once again, the conditional advertisement is the only technique that will absolutely make sure that the backup ISP is only used in case of a failure of the primary.

Regards,

Hi Harold,

Thank you for your suggestion and time. So based on the below configs... (considering 1.1.1.0/24 is our own RIPE assigned public space...)

RTR-A: 10MB Fast Ether to ISP-A

router bgp 42460

no synchronization

bgp log-neighbor-changes

network 1.1.1.0 mask 255.255.255.0

network 10.10.10.4 mask 255.255.255.224

neighbor 213.10.96.48 remote-as 21530

neighbor 213.10.96.48 ebgp-multihop 255

neighbor 213.10.96.48 remove-private-as

neighbor 213.10.96.48 soft-reconfiguration inbound

neighbor 213.10.96.48 distribute-list 15 out

neighbor 213.10.96.49 remote-as 21530

neighbor 213.10.96.49 ebgp-multihop 255

neighbor 213.10.96.49 remove-private-as

neighbor 213.10.96.49 soft-reconfiguration inbound

neighbor 213.10.96.49 distribute-list 15 out

no auto-summary

!

Fast Ether 0/1

descruption : LAN

ip address 1.1.1.2 255.255.255.0

standby 10 1.1.1.1

standby 10 preempt delay minimum 60

standby 10 priority 155

standby 10 track fast 0/0

!

distribute-list 15 : has ACL permits 1.1.1.0/24 and other /28 range to ISP-A

-----------------------------------

ISP-B : 2MB via Serila0/0

router bgp 42460

no synchronizartion

bgp log-neighbor-changes

network 1.1.1.0 mask 255.255.255.0

neighbor 229.23.50.157 remote-as 6466

neighbor 229.23.50.157 next-hop-self

neighbor 229.23.50.157 soft-reconfiguration inbound

neighbor 229.23.50.157 route-map set-as-path out

!

ip prefix-list ISP-B seq 10 permit 1.1.1.0/24

ip prefix-list ISP-B seq 20 deny 0.0.0.0/0 le 32

!

route-map set-as-path permit 10

match ip address prefix-list ISP-B

set as-path prepend 42460 42460 42460 42460 42460

!

inter fast 0/1

description: LAN

Fast Ether 0/1

descruption : LAN

ip address 1.1.1.3 255.255.255.0

standby 10 1.1.1.1

standby 10 preempt

standby 10 priority 150

______________________________________

To make ISB-B strict backup, I also have to use community (send out) to ISP-B to prefer routes from my peer only rather from other peer/transit. ( i noted you prefer conditional advertisement, but could not find exaple with dual Local rtrs/dual ISPs)

Also, as rtrs residing outside of firewall and not communicatiing with any internal IGP (in LAN), do I still need IBGP between these routers..? or the configs I mentioned are sufficient..?

Please suggest.

Thank you in advance

MS

Hi Mehboob,

Yes, you would indeed need to send a special community ISP-B and add the command "neighbor send-community". You first need to talk to ISP-B to see whether they offer the community to local-preference mapping service and what community you need to use if they do.

As for conditional advertisement, it is possible to configure it with two routers. It requires iBGP between the two routers so that the backup can be informed that a given route to the Internet ia not available anymore via the primary provider and then start advertising the local prefix(es) to the Internet.

Regards,

Mehboob,

I forgot to answer your second question. In a primary/backup scenario, you do not necessarily need to run iBGP between the two routers.

Regards,

Hi Harold,

Thank you for your quick reply and valuable suggestions. I will definitely get in touch with ISP-B for community information to adjust local preference (in this case I belive ISP-B need to lower Local pref for routes from my rtr).

Also, infact, I did a test last week with the same scenario (AS Paht but no community & no IBGP) with one exception..

ISP-A rtr: 'no synchronization'

ISP-B rtr: synchronization

So even if I connect a laptop directly to the switch where these 2 rtrs LAN i/f connects, when HSRP rollover happens , it took 4-5Mins to go to internet via ISP-B. (no carrier issues at that time). So is 'synchronization' (enabled on one and disabled on another)..causing the issue..?

Please suggest...

Thank you

Mehboob

Hi Harold / any BGP Gurus,

Any suggestions on the above..?

Thank you

MS

Mehboob,

The synchroniztion has nothing to do with it. Was the 4-5 minute related to link failure detection? What kind of link failure was it? How is you HSRP configure to failover? Just link down?

Regards,

The 4-5min delay is to route the traffic via the secondary ISP (ISP-B). Link failure and HSRP takeover happing with no issues.HSRP configured to failover on Pririty basis and Trackign the publi interface on the ISP-A conencted rtr.

The very similar confige I posted here (above) and the both routers LAN ports and the Laptop port configured int eh same Vlan on the external switch.

Thank you

MS

Mehboob,

You should check if the advertised routes from your router connected to ISP-B are seen on the Internet. You can do that using an Internet looking glass.

The other possibility is that your ISP is using BGP route dampening, which would potentially penalize your route(s).

Regards,