How to accomplish failover with BGP & OSPF

Answered Question
Sep 19th, 2013
User Badges:

Hi


I have attached the view of my topology.



HO has two paths to reach internet, one from HO-ISP(primary path for HO) & other from Sales(backup path for HO)

Sales branch also has two paths, one from Sales-ISP(Primary path for sales)& other from HO(backup path for sales)


I want my network to auto failover between the links.Will somebody give me an idea either I have to use IP SLA Tracking or some policy map to get this job done.Thanks

topology.jpg


Best Regards,

Shahzad Ayub

Correct Answer by milan.kulik about 3 years 10 months ago

Hi,


IMHO, the easiest scenario would be:

Ask each of your ISPs to advertise the default route via iBGP to your (HO and  Sales) routers as long as his Internet connection is Up.

Change the iBGP AD (200 by default)  on your routers to beat the OSPF AD (110 by default).

Redistribute the default route from BGP to OSPF on your routers.

Advertise the default route to the OSPF cloud from both your routers.

(If any othe roruter is participating in your OSPF, you might need to tune the OSPF metric to be sure it would be using you preferred (HO?) router as the gateway to the Internet.)


This way:

As long as your router (either HO or Sales) would be receiving the default route  from his ISP, he would use it.

At the moment the Internet connection is Down, the ISP will stop advertising the default route via iBGP.

Your router will start using the other default route received from OSPF.

At the moment the Internet connection is Up again, your router will get the default route from his ISP again and will start using it (better AD).


Best regards,

Milan

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
milan.kulik Sun, 09/22/2013 - 12:09
User Badges:
  • Red, 2250 points or more

Hi,


IMHO, the easiest scenario would be:

Ask each of your ISPs to advertise the default route via iBGP to your (HO and  Sales) routers as long as his Internet connection is Up.

Change the iBGP AD (200 by default)  on your routers to beat the OSPF AD (110 by default).

Redistribute the default route from BGP to OSPF on your routers.

Advertise the default route to the OSPF cloud from both your routers.

(If any othe roruter is participating in your OSPF, you might need to tune the OSPF metric to be sure it would be using you preferred (HO?) router as the gateway to the Internet.)


This way:

As long as your router (either HO or Sales) would be receiving the default route  from his ISP, he would use it.

At the moment the Internet connection is Down, the ISP will stop advertising the default route via iBGP.

Your router will start using the other default route received from OSPF.

At the moment the Internet connection is Up again, your router will get the default route from his ISP again and will start using it (better AD).


Best regards,

Milan

Shahzad Ayub Sun, 09/22/2013 - 13:22
User Badges:

Thanks for reply milan.


I did not get your point clearly.

One thing I would like to clear there is only one ISP and Same BGP AS no. 64356 is running on both HO-ISP & Sales-ISP.


Should I ask ISP to inject default route into bgp??


I already change the AD of bgp to prefer its route and am already redistributing bgp into ospf.


please guide me further if you quote some configuration example here I shall be grateful to you.


HO to HO-ISP(172.30.20.0 255.255.255.0)

Sales to Sales-ISP(172.30.19.0 255.255.255.0)

HO to Sales(192.168.1.0 255.255.255.0)


regards...

milan.kulik Mon, 09/23/2013 - 00:09
User Badges:
  • Red, 2250 points or more

Hi,


I'd like to clarify first:

What do you exaclty mean by "I want my network to auto failover between the links."?


Are there any other router involved on your side?

Which prefixes are you receiving from your ISP? Full Internet BGP table on each site? Or just some partial routing info?


Are you redistributing the whole BGP table to OSPF on both your routers?

If yes, which part of failover is not working?


Best regards,

Milan

Shahzad Ayub Mon, 09/23/2013 - 05:23
User Badges:

As you can see in topology, we have two paths from each branch HO & Sales to reach internet so I want my network switch over automatically in case of failure of one path.

In the current scenerio If I manually shutdown one side interface I am getting routes from otherside but the problem is that its not reverting back if primar link gets up.


we have some server applications here in HO & Sales which need to be accessed by remote branch.


Actually we have two remote sites connecting via ISP and we only receive that routes in BGP from ISP side.


Yes I am redistributing whole BGP table into OSPF.


Thanks & Regards,

Shahzad Ayub

milan.kulik Mon, 09/23/2013 - 05:59
User Badges:
  • Red, 2250 points or more

Hi,


it's not clear to me why you need the whole Internet BGP table redistributed to OSPF.

I guess working with the default route only would be more effective.


But back to your problem:

Aren't you running mutual redistribution between BGP and OSPF?

I.e, aren't you also redistributing OSPF prefixes to your BGP?

That would explain why your failover connection would not revert back when the primary line gets Up again.


Best regards,

Milan

Shahzad Ayub Mon, 09/23/2013 - 06:15
User Badges:

I am also redributing OSPF into BGP so that remote branches can get access to some applications in HO & Sales.

My topology is fully converged but the only problem is automatic failover.


I have the idea of IP SLA track but I down know which interface should I put track on???


Thanks & Regards,

Shahzad Ayub

milan.kulik Mon, 09/23/2013 - 08:41
User Badges:
  • Red, 2250 points or more

Hi,


I believe I know what your problem could be.

It was discussed in this forum several times already, see https://supportforums.cisco.com/message/3372479#3372479 , e.g. (just replace EIGRP with OSPF in your case).


When you are running BGP/OSPF mutual redistribution, you need to be careful of the sequence in which the prefixes are received from particular routing protocols.

In your case, imagine following scenario on your HO router:

You've got a prefix received from BGP in your routing table. That prefix is redistributed to OSPF.

Then your Internet connection fails.

The prefix is withdrawn by your ISP and removed from your BGP table.

But you are still receiving the same prefix via OSPF (redistributed by your Sales router).

So it gets redistributed to BGP on your HO router (with BGP attribute weight=32768).

When your Internet connections gets Up again, your ISP starts advertising the prefix via BGP again.

But at the moment there is the same prefix in the BGP table of your HO router already with better weight.

So the prefix received from your ISP is worse from BGP process point of view now.

And the routing via OSPF remains active until you clear it manually.

To fix this, you need to modify the weight attribute as described in the thread mentioned above.


Best regards,

Milan

Actions

This Discussion