BGP failover between two sites?

Answered Question
Jun 11th, 2009

All,

I'm peering with my isp, and they're advertising my block. I have two sites that they'll be peering with. If my main site goes down (for a LONG time like 4 - 6hrs.), I want the block to roll over to the other site. The problem is I don't know of a way to make bgp wait that long. Is this type of scenario one that will require me to call the provider and then have them manually peer the other site when it's a true disaster? I don't want bgp to failover after a minute of disconnection with my main site.

Any ideas?

Thanks!

John

I have this problem too.
1 vote
Correct Answer by Edison Ortiz about 7 years 6 months ago

Talk to your provider and see if you can come up with some appropriate neighbor timers on your peering to the main site.

Timers can be configured at the neighbor level so the provider won't affect other peering within their BGP process, sames goes for your config.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Harold Ritter Thu, 06/11/2009 - 12:23

John,

You could run eBGP with the provider and use a private AS. This way you could control which prefix gets inject where and when from your side without calling the provider.

About waiting for 4 - 6hrs, BGP won't fulfill this requirement but there might be some ways to do this using EEM scripting available in IOS.

Regards

John Blakley Thu, 06/11/2009 - 12:27

Harold,

I've never heard of EEM scripting. Is this like tcl or an expect script? I figure it takes bgp about a minute for failover.

Thanks!

John

Edison Ortiz Thu, 06/11/2009 - 13:04

If I understand you correctly, you want your internet block to be unreachable for 4-6 hours in case the main site goes down and not rely on the secondary site as a backup?

That's a strange request there John :)

John Blakley Thu, 06/11/2009 - 13:07

LOL! Yes, I know. :)

The "backup site" is our DR site, but it's only supposed to be used in case of emergencies. We'd have the same public ip block advertised at that site via bgp, but I don't necessarily want it to be used if our site notices a hiccup with our circuit at the main site. I think the best way to handle this is by static routes and calling the provider to have them reroute us if we actually did have a disaster.

John

Correct Answer
Edison Ortiz Thu, 06/11/2009 - 13:15

Talk to your provider and see if you can come up with some appropriate neighbor timers on your peering to the main site.

Timers can be configured at the neighbor level so the provider won't affect other peering within their BGP process, sames goes for your config.

John Blakley Thu, 06/11/2009 - 13:35

Edison,

Great suggestion! It looks like what I need. I've got two peers set up on my desk, and I'm playing with these counters. Would I need to configure the timers on both routers to match? Currently I have:

neighbor 192.168.2.1 timers 60 300 300

I figure that if I wanted the router to report it's down after five minutes, then 300 seconds should have done it, but it seems like it's failing over a lot shorter than that.

Thanks!

John

c.captari Thu, 06/11/2009 - 14:31

What about a static default route to your primary provider with a higher AD than BGP . Whenever bgp peering dies, the static route will kick in sending the traffic into a black hole.

Redistribute the static route into IGP with a lower cost than the bgp one.

Whenever BGP comes back, it will take precedence over the static route. If you want to switch to the backup BGP link, just remove the static route.

That involves some manual work but it's an idea in case SP doesn't want to modify timers.

Actions

This Discussion