cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3703
Views
0
Helpful
4
Replies

Using PBR for BGP Redundancy

Bethuelle
Level 1
Level 1

Hi All,

I am working on a multihomed network. There's a BGP session with ISP1 and I'm on the point of setting up a BGP session with another ISP2. I'll like ISP2 to be a Backup link and must only be used when ISP 1 is down.

In fact , i'll like to use ISP 2 when the ping on some internet address goes down. Cos at times the prob is not with ISP 1 but further upstream.

I intend to use PBR and IP SLA. Below is my configuration

interface FastEthernet0/0

description Connected to ISP 2

ip address 192.168.3.1 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet1/0

description Connected to ISP 1

ip address 192.168.2.1 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet2/0

ip address 192.168.20.1 255.255.255.0

ip policy route-map BACKUP

duplex auto

speed auto

router bgp 37034

no synchronization

bgp log-neighbor-changes

network 192.168.20.0

network 192.168.30.0

neighbor 192.168.2.2 remote-as 15964

neighbor 192.168.2.2 description ISP 1

neighbor 192.168.2.2 ebgp-multihop 255

neighbor 192.168.2.2 weight 100

neighbor 192.168.2.2 route-map Permit_default_route in

neighbor 192.168.3.2 remote-as 8513

neighbor 192.168.3.2 description ISP 2

neighbor 192.168.3.2 ebgp-multihop 255

neighbor 192.168.3.2 route-map Permit_default_route in

no auto-summary

route-map BACKUP permit 10

match ip address 101

set ip next-hop verify-availability 192.168.2.2 1 track 30

ip sla monitor 3

type echo protocol ipIcmpEcho 192.168.4.1

ip sla monitor schedule 3 life forever start-time now

track 30 rtr 3 reachability

access-list 101 permit ip any any

route-map Permit_default_route permit 10

match ip address 12

My real problem now is causing the router to remove the default route through ISP 1 from the routing table when the ping on 192.168.4.1 goes down so as to use the route throught ISP 2.

Thanks for your help in advance.

4 Replies 4

Calin C.
Level 5
Level 5

Hello

You said:

i'll like to use ISP 2 when the ping on some internet address goes down

and then I see that you monitor 192.168.4.1

This is not an Internet address as it's a private IP address and if you don't have 192.168.4.1 in the routing table (meaning unreachable) the your solution is working correct.

Do you have some kind of VPN remote site from where you should get 192.168.4.1?

Or the IP addresses are not the real used ones? Can we see an output of the routing table?

Cheers,

Calin

These are ip addresses are not real.

Hye ,

This is what the Routing Table looks like:

IBR-YDE#show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is 192.168.2.2 to network 0.0.0.0

C    192.168.20.0/24 is directly connected, FastEthernet2/0

C    192.168.2.0/24 is directly connected, FastEthernet1/0

C    192.168.3.0/24 is directly connected, FastEthernet0/0

B*   0.0.0.0/0 [20/0] via 192.168.2.2, 00:00:35

OK, now that we clarify this, I may have a solution for you:

http://www.firstdigest.com/2010/05/cisco-policy-routing-with-ip-sla/

I did this a while ago and I believe it's exactly what you need in term of IP SLA. The idea is that you have to use an IP SLA and only when the result of the IP SLA is down (meaning a deny there ! NOT, from the programming language).

Let me know if my solutions helps you!

Cheers,

Calin

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco