10-24-2002 02:55 AM - edited 03-02-2019 02:21 AM
I am currently running BGP between 2 ISP's over HSRP between (2) 2621 routers. I have HSRP setup between the 2 routers as well as tracking of the Serial interfaces for failover. This seems to work great in the case of a T1 failure or a router hardware failure however, in the case of a Ethernet port failure it does not seem to work. I even added a Track F0/0 which handles the HSRP failover however the BGP routes are still active on the active T1 interface. How can I keep this redudancy alive even during a F0/0 failure.
10-24-2002 04:32 AM
Hope I understand your requirements.
HSRP is working for your LAN side, you can even remove the track f0/0 as the missed keepalives between the f0/0 interfaces will force the failover on the LAN side. Once this failover has occurred, your failed BGP router should stop advertising it's routes (otherwise it blackholes about half of the people accessing your site). How are your routers learning the routes that they are advertising? If it's via a routing protocol, those routes will drop from the router once the f0/0 fails, and the routes will drop from the BGP table (won't get advertised). Once the f0/0 is up, your IGP will learn the routes again and BGP will start advertising again. If the route advertising is directly connected (ie f0/0's network), when f0/0 fails the route will withdraw from BGP.
Hope it helps.
Steve
10-24-2002 04:59 AM
Can you explain from my config below?
Router A
!
!
interface FastEthernet0/0
ip address 1.2.3.3 255.255.255.0
no ip mroute-cache
duplex auto
speed auto
standby 1 ip 1.2.3.2
standby 1 priority 105
standby 1 preempt
standby 1 authentication foobar
!
interface Serial0/0
bandwidth 1536
ip address 4.3.2.130 255.255.255.252
ip access-group 101 in
ip access-group 101 out
no ip mroute-cache
no fair-queue
!
interface FastEthernet0/1
no ip address
no ip mroute-cache
shutdown
duplex auto
speed auto
no cdp enable
!
router bgp 12345
no synchronization
bgp log-neighbor-changes
network 1.2.3.0 mask 255.255.255.0
neighbor 1.2.3.4 remote-as 12345
neighbor 1.2.3.4 next-hop-self
neighbor 4.3.2.129 remote-as 1111
neighbor 4.3.2.129 soft-reconfiguration inbound
no auto-summary
!
ip classless
ip route 0.0.0.0 0.0.0.0 4.3.2.129
end
ROUTER B
!
!
!
interface FastEthernet0/0
ip address 1.2.3.4 255.255.255.0
no ip redirects
no ip proxy-arp
no ip mroute-cache
duplex auto
speed auto
standby 1 ip 1.2.3.2
standby 1 priority 110
standby 1 preempt
standby 1 authentication foobar
standby 1 track Se0/0
!
interface Serial0/0
bandwidth 1536
ip address 2.1.1.246 255.255.255.252
no ip redirects
no ip proxy-arp
encapsulation ppp
no ip mroute-cache
no fair-queue
service-module t1 clock source internal
service-module t1 timeslots 1-24
!
interface FastEthernet0/1
no ip address
no ip mroute-cache
shutdown
duplex auto
speed auto
!
router bgp 12345
no synchronization
bgp log-neighbor-changes
network 1.2.3.0 mask 255.255.255.0
neighbor 1.2.3.3 remote-as 12345
neighbor 1.2.3.3 next-hop-self
neighbor 2.1.1.245 remote-as 2222
neighbor 2.1.1.245 soft-reconfiguration inbound
neighbor 2.1.1.245 route-map foo out
no auto-summary
!
ip classless
ip route 0.0.0.0 0.0.0.0 2.1.1.245
no ip http server
!
access-list 2 permit 1.2.3.0 0.0.0.255
route-map foo permit 10
match ip address 2
set as-path prepend 12345 12345
10-24-2002 08:12 AM
If routerB's s0/0 fails, HSRP will fail over. If routerB's f0/0 fails, HSRP will failover as the keepalives (hello's) between routerB and routerA fails. RouterA stops receiving the hellos and becomes HSRP active. LAN side has failed over. Now for the WAN side, you shouldn't have to do much. Remove no synch (so it needs to synch with the IP table). RouterB's BGP is learning the route that it is advertising via the network command, but that route must still be in the IP table for it to advertise. If the f0/0 fails, that network is removed from the IP table, hence routerB won't advertise the BGP route any more. Only routerA is now. If you add more routes other than 1.2.3.0/24 and learn them via a protocol (eg OSPF or EIGRP), when the f0/0 fails, the route will be removed from the IP table and BGP will stop advertising them.
You may want to add a route-map to filter other AS' as well (so you don't become a transit AS).
eg
ip as-path access-list 20 permit ^$
ip as-path access-list 20 deny .*
!
route-map test permit 20
match as-path 20
Hope it is clear.
Steve
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide