08-05-2013 05:20 AM - edited 03-04-2019 08:39 PM
Hi,
been labing a backup solution using a GRE VPN link. The primary connection is a BGP Link. See attached.
I was hoping someon could explain the behavior I'm seeing.
I have a constant ping going from the HQ Site to the Remote sites loopback amd the Remote site to the HQs loopback..
The HQ router and the Remote Site router are using the BGP routes initially. When I shut the interface facing the Remote Site on the BGP WAN Provider router, the Remote site only drops one ping but, the HQ site ping fails for about 30 seconds and then picks up after it gets the EIGRP route to the Remote Site over the GRE tunnel. Is this normal behavior as it has to wait for the BGP route to time out?
Also, when I bring the interface back up on the BGP WAN Provider, the BGP routes don't come back. I have to manually do a clear ip eigrp neighbor on the Remote Site Router or the HQ router.
Thank you, Pat.
08-05-2013 11:06 AM
The 30 seconds delay is normal. When you shut the interface the local router immediatly shuts the bgp peer based on the default command "bgp fast-external-fallover". The other end will wait for the hold time to expire before considering the other end down (you can change it with "timers bgp
The bgp route not comming back depends on your config. Is it iBGP or eBGP peer?
How is the GRE been considered as backup?
08-05-2013 12:16 PM
Guibarati,
I'm using eBGP. Yes, the GRE is the backup. I would like instant failover but, maybe that isn't safe? I have my timers set now for 15 45. How quick can I go? Also, after the primary WAN circuit has come back, I would like to wait a certain amount of time before going back to the primary WAN circuit. Do you think an SLA and tracking and an EEM script would be the best way to accomplish this?
Thank you, Pat.
08-05-2013 12:31 PM
For waiting when the link is back you need to use "dampening" on BGP neigboor. That's the best and correct way.
For instant (almost) failover we need other information, what is your "update-source" on the BGP peers, and how the routers know the destination neighbor address?
08-05-2013 01:09 PM
Guibarati,
Update Source? Can't remember if I configured one as I'm at work and not at my home desktop.I'll look tonight.
I'm not sure I follow your question.
Thank you.
08-05-2013 01:13 PM
you can use the following:
neighbor
IF IGP looses route for the BGP peer, bgp immediatly bring the peer down. In this case you would need an IGP to reach eachother BGP peer IP address.
08-05-2013 01:34 PM
Thanks Guibarati,
Did you mean "neighbor
"IF IGP looses route for the BGP peer, bgp immediatly bring the peer down. In this case you would need an IGP to reach eachother BGP peer IP address."
I don't follow this sentence. Could you please clarify?
Thank you
08-05-2013 06:56 PM
08-06-2013 08:31 AM
Thanks Muca.
How would I configure this on the ebgp routers HQ and Remote Site that aren't directly connected - from the network in the diagram?
Thank you
08-06-2013 07:49 PM
Hi Patrick,
I am not the most experienced guy with bgp but have a look at the following documents. I think it will help.
It seems that :
Using the "neighbor fall-over” command neighbors don't need to be directly connected
Using the “Bgp Fast-external-failover” relies only on directly connected neighbor
08-05-2013 11:11 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
You might also consider enabling keepalives across the GRE tunnel. (I often use keepalive 1.)
08-05-2013 12:21 PM
Joseph,
I'm using 3 2 at the moment. Using 1 won't buy me much will it?
Thank you
08-05-2013 05:54 PM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
No, not a whole lot. It should take link down in 3 seconds rather than your 6.
08-05-2013 11:46 AM
EIGRP is a preferred protocol on Cisco routers and its learned routes will be preferred over BGP.
Thanks.
08-05-2013 12:24 PM
Rais,
correct me if I'm wrong but, I believe eBGP would be preferred over EIGRP. eBGP cost is 20.
Thank you, Pat.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: