Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
162
Views
0
Helpful
1
Replies

Newbie BGP Question

david.morrow
Level 1
Level 1

‎07-08-2003 12:15 PM - edited ‎03-02-2019 08:42 AM

Hello, I am hoping someone out there does not mind lending a newbie to BGP a hand.

I have 2 sites, A and B. A is our primary site with a full Class-C 205.205.28.0/24routed to it. Site B is our DRP site with a half Class-C 65.201.200.128/25

Until now, we have used manual methods to failover applications to the DRP site. We are now attempting to use BGP to do so.

Everything works fine with one exception. When I configure the DRP site to support the BGP scenario (basically adding BGP and appropriate IP addresses from A's network on B's router), I can no longer access it from A. I know why this happens, but I guess what I am looking for is a way around it. I do have the original /25 network still being routed to B's network, if that helps.

I've seen references to BGP Backdoor in these forums, but I am unsure if that is related.

Any help, experience would of course be greatly appreciated.

Labels:
0 Helpful
1 Reply 1

t.baranski
Level 4
Level 4

‎07-09-2003 06:46 PM

This is one of the reasons why primary and backup sites are typically connected via a backend circuit for inter-site traffic -- it's generally desirable to send such traffic over a private, backend link rather than over the Internet to avoid issues like this.

The BGP Conditional Advertisement feature may be able to help you here (http://www.cisco.com/warp/public/459/cond_adv.html). You can configure the router at site B to only advertise site A's address block if site A stops advertising it (i.e., if site A goes down).

You'll still have a routing issue at site B, though -- you need site B to send traffic destined to site A's address block to site A during normal operation, and to send it inbound to site B's network if site A fails (in order for site B to be able to do anything with traffic it receives destined to site A's block). You could, I suppose, accomplish this with a floating static route at site B which sends traffic destined to site A's block to site B's internal network. Make the administrative distance of this route higher than that of EBGP so that the EBGP route to site A's block that you get from site B's ISP is preferred. Note that you need site B's ISP to advertise site A's block to site B via BGP so that, when this route disappears, site A is presumed to be down and 1) the floating static route kicks in, and 2) site B starts advertising site A's address block per the conditional advertisement feature. I've never tried this before (again, backend circuits are your friend), however, so I may be missing something here.

There are issues with this method too, however, as you can't guarantee that site A is actually down based only on the fact that site B doesn't see a route for site A -- the issue could be with site B's ISP, or another ISP between site B and site A. If you're responsible for inter-site failover at your company, I'd suggest some hardcore reading on BGP concepts and operation -- this stuff isn't all that difficult if you're able to spend some time to learn it.

0 Helpful
Customers Also Viewed These Support Documents