I'm trying to create a backup solution that uses a vpn tunnel as a backup to our WAN connection. We're running BGP, and basically I need to inject an alternative path into the WAN cloud to my networks via another site that will have a VPN tunnel to my networks. The idea is to use MED, but I'm not convinced this will work. I've attached a diagram to help illustrate. For this to work, MED would have to be communicated to all the iBGP members of the remote AS that my BGP router neighbors with. MED is optional non transitive. Does that mean it will propagate to all iBGP peers in the provider's AS, but not to my remote BGP peers? Referencing the diagram, will the Exton router have a alternative path in its BGP table? If not, and the metric I've modified is propagated to all the provider's BGP peers, does it even matter? Once the primary route goes down, won't the provider's network begin advertising the alternate path it learned using the adjusted metric and alternate path?
your provider is giving you an MPLS L3 VPN service.
See the following link:
In this service model, every CE router will peer only with one (or two) ISP PE router.
The MPLS VPN signaling plane, an extension to BGP is spoken between the PE routers in order to propagate all the customer routes.
However, usually for scalability reasons PE router have actuallu direct iBGP sessions only with Route Reflector Servers.
Shortly, depending on ISP routers' configuration the backup route can be visible on all PE routers or not.
If the Route Reflector can compare the primary path and the backup path, only the primary will be propagated to all the PE routers.
If the two paths are not comparable (they have a different route distinguisher RD) both paths are propagated to all the PE routers (WAN1, , WAN3).
When the WAN has to prepare the updates to the exton router it will send only the primary path to you because it is the best path.
If the primary path fails the backup path should be advertised to all your CE routers.
Convergence is faster is the backup path is already in the PE router BGP tables otherwise the propagation time through the provider network is added.
So the answer to your last question is yes.
Hope to help