WAN Failover using BGP

Unanswered Question
Aug 30th, 2010

I have attached scenario where i want to achieve a WAN active/standby failover with sp1 as primary link. SP1 has redundant mpls link at the HQ but at the branches they are not redundant. SP2 has point-to-multipoint leased line.I have tried to use IP SLA but it doesnot work well in this scenario & believe BGP is the best.

How would you approach or do this this guys if it were you?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Giuseppe Larosa Tue, 08/31/2010 - 12:01

Hello Anthony,

from your diagram seeing IP addresses belonging to same IP subnet on SP2 network, it looks like SP1 is providing you an MPLS L3 VPN service and SP2 a sort of VPLS service.

In this case HQ router(s) and Branch routers will have an eBGP session with SP1 PE nodes and an iBGP or eBGP session on SP2 point to multipoint.

if you use the same AS number on all of your routers eBGP routes are preferred over iBGP routes (coming on SP2) and you should be fine.

to be sure of this you can use

neighbor   SP1-pe-address weight 40000

on eBGP session with SP1 PE node if SP1 is providing you an MPLS L3 VPN service

to handle the double link between HQ and SP1 you can peer on loopback address using

int loop1

desc for eBGP over parallel links

ip address A.B.C.D

no shut

ip route SP1-pe-address pe-next-hop-link1-address

ip route SP1-pe-address pe-next-hop-link2-address

router bgp YourASN

neigh SP1-pe-address remote-as SP1-ASN

neighbor   SP1-pe-address ebgp-multihop 2

neighbor SP1-pe-address update-source loop1

neighbor   SP1-pe-address weight 40000

neighbor BR1-ip-address remote-as YourASN


! network commands to announce HQ subnets

network mask

SP1 needs similar configuration with static routes to A.B.C.D and the other commands

without ebgp-multihop 2 the session does not become established, an active state is not a good sign in BGP.

A similar setup on branch side with network command used to advertise remote site subnets only.

For added security you could think of using route filters to ensure to do not advertise unwanted prefixes.

Hope to help


Anthony Mile Wed, 09/01/2010 - 00:31

Hello giuslar

This makes alot of sense. I was thinking if there is a way i can use bgp without involving the SP1 PE or without involving the SP1, that is i peer HQ router directly to the Branch routers. Do you there is a way?

Best rgds,



This Discussion