Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Failover routes

Hello,

We have a rather odd issue with some backup static routes on my MPLS routers that I've yet to figure out the cause.

We use BGP for routing on the MPLS, but in the event that a site has its circuits go down, we have static routes with a distance of 250 set that kick in and direct traffic to a Cisco PIX that will create a VPN tunnel to the remote sites to get around the failure.

The problem we have is when the circuits come back up, some of the sites still use the static routes instead of BGP.

Here's an example of our configuration:

router bgp xxxxx

no synchronization

no bgp log-neighbor-changes

network 10.1.1.0 (this is the network of the LAN interface)

neighbor xx.xx.xx.xx remote-as xxx

neighbor xx.xx.xx.xx weight 45555

no auto-summary

ip route 10.1.3.0 255.255.255.0 10.1.1.225 250

Thanks in advance for any help.

  • WAN Routing and Switching
11 REPLIES
Blue

Re: Failover routes

Is the site learning a comparable route through BGP?

By comparable, I mean a prefix with the same length subnet mask.

So, does the spoke router learn about 10.1.3.0 255.255.255.0 through BGP?

[EDIT] Just to be clear, the BGP configuration you show is from which router, the hub or spoke? Which side initiates the IPSec tunnel? [EDIT]

New Member

Re: Failover routes

Has to be the same subnet mask or BGP has a better one. If static route has better subnet mask, traffic will use it from very beginning whatever the AD is. Say hello to Gary Dulin.

New Member

Re: Failover routes

BGP and the static route should have the same subnet mask (/24)

Router#sh ip route 10.1.3.0

Routing entry for 10.1.3.0/24

Known via "bgp xxxxx", distance 20, metric 0

Tag xxxx, type external

Last update from xx.xx.xx.xx 3w1d ago

Routing Descriptor Blocks:

* xx.xx.xx.xx, from xx.xx.xx.xx, 3w1d ago

Route metric is 0, traffic share count is 1

AS Hops 2

Route tag xxxx

Blue

Re: Failover routes

Oh man! have I heard stuff about YOU! WHOA! LOLOL

New Member

Re: Failover routes

I build the BGP network for ACS, check with Gary :)

Blue

Re: Failover routes

LOL...OK. Its not about your knowledge base that I would hear about.

Say hello to David Chau. lol

New Member

Re: Failover routes

First off, thanks for the reply.

Yes, 10.1.3.0/24 is learned via BGP and should be the preferred route. The static route is supposed to only go into effect if that BGP route disappears out of the routing table. That part seems to work fine, it just doesn't go back to the BGP provided route when it comes back into the routing table.

The configuration was for a spoke site. The actual BGP neighbors I can't get configs from because they are controlled by the MPLS provider.

The hub site config looks pretty much the same, the only difference is it doesn't have the BGP neighbor weight and it has a different BGP neighbor. I'm thinking of adding the BGP neighbor weight to all sites.

If my logic is correct, setting the BGP neighbor weight should force it to be preferred over the static routes. That doesn't seem to have worked though for the site config I referenced. It still uses the static route.

The IPSec tunnel is actually established by a Cisco PIX 515, which is off the LAN interface at IP 10.1.1.225

Hope that makes sense.

New Member

Re: Failover routes

Your BGP weight has nothing to do with route selection in this case. If the route is learned from EBGP, it has AD 20 and will automatically win over static which is AD 250. Can you provide a topology diagram?

New Member

Re: Failover routes

Here's a topology diagram. My Visio skills suck so hopefully it makes sense.

I'll be posting the output of sh ip bgp 10.1.3.0 and sh ip route 10.1.3.0 later. I need to schedule a test to reproduce the issue to get that. Right now they both show BGP as the preferred route.

208
Views
0
Helpful
11
Replies
This widget could not be displayed.