08-17-2009 05:22 AM - edited 03-04-2019 05:45 AM
I am about to take over a network that is running a BGP with two ISPs. There is a single router that is connected to two service providers. Last month the primary ISP had some issues but the Internet did not fail over to the backup service provider. Could someone explain to me why? I am not an expert in BGP...
router bgp 65429
no synchronization
bgp log-neighbor-changes
network 208.x.x.0
timers bgp 15 30
neighbor ISP1 peer-group
neighbor ISP1 remote-as xxxx
neighbor ISP1 soft-reconfiguration inbound
neighbor ISP1 route-map ISP1-Default in
neighbor ISP1 route-map Route-Out-ISP1 out
neighbor ISP1 filter-list 50 in
neighbor ISP2 peer-group
neighbor ISP2 remote-as yyyy
neighbor ISP2 soft-reconfiguration inbound
neighbor ISP2 route-map ISP2-Default in
neighbor ISP2 route-map Route-Out-ISP2 out
neighbor ISP2 filter-list 51 in
neighbor 206.X.Y.113 peer-group ISP2
neighbor 208.V.W.81 peer-group ISP1
neighbor 208.V.W.82 peer-group ISP1
maximum-paths 2
no auto-summary
ip as-path access-list 50 permit xxxx
ip as-path access-list 51 permit yyyy
ip access-list extended ISP2_in
remark Stealth BGP
permit tcp host 206.X.Y.113 host 206.X.X.114 eq bgp
permit ip 206.X.X.X 0.0.0.15 host 206.X.X.114
permit gre any 208.X.X.0 0.0.0.255
permit ip any 208.X.X.0 0.0.0.255
deny ip any any log
ip access-list extended ISP2_out
remark out going traffic to Stealth Internet
permit ip 208.X.X.0 0.0.0.255 any
permit tcp host 206.X.X.114 host 206.X.Y.113 eq bgp
permit ip host 206.X.X.114 206.X.X.X 0.0.0.15 log
deny ip any any log
ip access-list extended ISP1_in
remark Yipes BGP
permit tcp host 208.V.W.81 host 208.X.X.83 eq bgp
permit tcp host 208.V.W.82 host 208.X.X.83 eq bgp
permit ip 208.X.X.X.0 0.0.0.15 host 208.X.X.83
permit gre any 208.X.X.0 0.0.0.255
permit ip any 208.X.X.0 0.0.0.255
deny ip any any log
ip access-list extended ISP1_out
remark out going traffic to Yipes Internet
permit ip 208.X.X.0 0.0.0.255 any
permit tcp host 208.X.X.83 host 208.V.W.81 eq bgp
permit tcp host 208.X.X.83 host 208.V.W.82 eq bgp
permit ip host 208.X.X.83 208.X.X.X. 0.0.0.15 log
deny ip any any log
08-17-2009 07:09 AM
Hello Etienne,
I think you haven't provided enough information.
I see that you are getting only default routes from both ISPs and that you use maximum paths 2.
Said this, be aware that BGP well known port can be on each side so I think each ACL should have lines with eq bgp both on the destination and on the source side.
What is the output of:
sh ip route 0.0.0.0
sh ip bgp 0.0.0.0
how many default routes do you see in BGP and in the routing table?
Hope to help
Giuseppe
08-17-2009 10:08 AM
Hi Giuseppe,
I am inheriting this setup and trying to gather more information as I go along. I am planning to test the failover scenario next week. I have been on teh side line watching till I get control over it. Please see below:
Routing entry for 0.0.0.0/0, supernet
Known via "bgp 65429", distance 20, metric 0, candidate default path
Tag 6517, type external
Last update from 208.x.x.81 2w1d ago
Routing Descriptor Blocks:
* 208.x.x.82, from 208.x.x.82, 2w1d ago
Route metric is 0, traffic share count is 1
AS Hops 2
208.x.x.81, from 208.x.x.81, 2w1d ago
Route metric is 0, traffic share count is 1
AS Hops 2
======================================================================================================
BGP routing table entry for 0.0.0.0/0, version 4278
Paths: (6 available, best #1, table Default-IP-Routing-Table)
Advertised to peer-groups:
Stealth
6517 3356
208.x.x.81 from 208.x.x.81 (172.31.40.1)
Origin IGP, metric 0, localpref 200, valid, external, multipath, best
Community: 427098112
6517 3356, (received-only)
208.x.x.81 from 208.x.x.81 (172.31.40.1)
Origin IGP, metric 0, localpref 100, valid, external
Community: 427098112
6517 3549
208.x.x.82 from 208.x.x.82 (172.31.40.5)
Origin IGP, metric 0, localpref 200, valid, external, multipath
Community: 427098112
6517 3549, (received-only)
208.x.x.82 from 208.x.x.82 (172.31.40.5)
Origin IGP, metric 0, localpref 100, valid, external
Community: 427098112
8002
206.x.x.113 from 206.x.x.113 (207.x.x.12)
Origin IGP, localpref 110, valid, external
8002, (received-only)
206.x.x.113 from 206.x.x.113 (207.x.x.12)
Origin IGP, localpref 100, valid, external
=============================================================================================================
ISP2
BGP table version is 4278, local router ID is 208.x.x.254
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* 0.0.0.0 206.x.x.113 110 0 8002 i
*> 206.x.y.0/19 206.x.x.113 110 0 8002 ?
*> 207.x.y.0/18 206.x.x.113 110 0 8002 ?
*> 207.x.y.0 206.x.x.113 110 0 8002 i
*> 208.x.y.0/23 206.x.x.113 110 0 8002 40399 i
Total number of prefixes 5
=====================================================================================================
ISP1
BGP table version is 4278, local router ID is 208.x.x.254
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 208.x.x.81 0 200 0 6517 3356 i
Total number of prefixes 1
08-17-2009 07:42 PM
Hello Etienne,
I see both default routes are installed in IP routing table.
I just would add
conf t
bgp community new-format
to have readable community values instead of 32 bits integers
Hope to help
Giuseppe
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: