Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

BGP Primary, Secondary and Tertiary Route Fail over

Hey Guys,

I’m new to bgp SO I have a couple of question on a fail over scenario. I will include a link on the bottom of the topology of the network.  First of I got rid of the stacked switch and I made an iBGP connection between the two and isp 1 and isp 2 and have the asa in active/standy mode as I want isp1 to be primary and isp2 to be secondary. I have that part figured out. My question is how do I get the traffic to route to the Tertiary location if we have an outage on both isp network communication? Keep in mind this is a 24/7 operation. Just some ideas to get me rolling I’m lost where to start with this.  If you need me to be more elaborate I can do so! Let me know!

Thanks in advance!

Everyone's tags (3)

BGP Primary, Secondary and Tertiary Route Fail over


For outbound traffic towards the ISP, you can set your weight or local pref to prefer routes. For example, on Routers 1, 2, and 3, you could set local pref to 130, 120, and 110. The higher local pref is preferred, and it's carried throughout your routing domain for all of the other routers to know about (ibgp only).

You'd create a route map on all 3 routers and then apply that to your neighbor inbound:

ip prefix-list PreferRouter1ISP permit le 32

route-map PreferRouter1ISP permit 10

match ip address prefix PreferRouter1ISP

set local-pref 130

route-map PreferRouter1ISP permit 20

router bgp 100

neighbor route-map PreferRouter1ISP in

This would set all routes that are received from the ISP to local pref of 130. Any routes learned from your ibgp neighbors will not be preferred.

You would configure this on all of your other routers, but for their respective neighbors.


*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***
New Member

BGP Primary, Secondary and Tertiary Route Fail over


This is great! thanks for the help on this. I will put this to work on the test env. And do some testing!

Again thanks!


New Member

BGP Primary, Secondary and Tertiary Route Fail over

Hi Sean,

in this scenario, you have to also consider the failover for traffic which is incoming from your ISP (i.e Internet) as well. Below is the scenario. I have named the Blue Box as InternalNW1 & Green Box as InternalNW2

In an event of the Firewalls or the link between the Firewalls & GW routers going down together in the InternalNW1, however the GW routers are still up and announcing your local supernets to the internet ( this is when you statically announce supernets with supernet static routes pointing to null 0 added).

++ In the above scenario, all your traffic will come into the InternalNW1 GW routers and get blackholed. However if you are using dynamic accouncement from these GW then obviously in this scenario the announcements will be withdrawn from the internet and only the GW from InternalNW2 will annouce the supernets to the Internet.You have to ensure that you annouce the Supernets of InternalNW1 are announces from GWs of InternalNW2 with a higher metric(like AS prepend etc) and vice versa.

In addition to this for the outgoing traffic flow, is it that you want all the traffic to exit from a single ISP? Like the egress traffic from Internal NW2 to reach internet will be traversing through the shared 100Mvps Microware connection link to the Internal NW1 and then would ride over Internal NW1 and go to the internet?

++ In the above scenario if you would want the traffic to exit the local GWs to the internet then you need to have the same local preference configured on the GW routers of both the InternalNW1 and InternalNW2. So that traffic local to the internal NW will take their local gateway to the internet and in an event of failure InternalNW1&2 will back each other. However, please ensure your accouncements to the internet are in a way so that the traffic to InternalNW1&2 come into the network via their respective GWs, This would avoid assymetrical routing and unnecessary load on the share 100Mbps Microwave connection between InternalNW1&2. In this manner you can efficiently utilize the shared 100Mbps link between the InternalNW1&2 and only the traffic between the InternalNW1 &2 will be utilizing this link.

There are other ways as well you can achieve your requirement based on your design considerations,impact and link capacities across the InternalNW1 & 2 and expected link utilization scenarios.

I hope this helps.



New Member

BGP Primary, Secondary and Tertiary Route Fail over


The first scenario Is more of what we use. and i assumed that when i annouce these routes the InternalNW2 would have to be At a higher metric or Local Pref. And thanks for the help! And Ill look in to dynamic accouncements see what i can come up with.

CreatePlease to create content