Multi Homed environment - BGP & HSRP query


ISP-A --> Hand off via ISPs router(managed by ISP- no natting used on rtr) Ethernet handoff --> switch1 --> ASA outside i/f : priamry link

ISP-B Serial -->Client router (no nat) --> rtr ethernet to Switch1 --> PIX outside i/f: Backup link

Switch1: Layer2 only

Vlan10 : for ISPA handoff & ASA outside port

Vlan11 : for ISPB handoff & PIX outside port

Current failover method : Manual.

Both ISPs assigned /28 ip range for cleint.


Need to reconfigure for Automatic failover. Get rid of PIX

Client has /24 Arin assigned IP space ( and own ASN and would like move all the IPs to his own space

This is what Iam planning on:

1. Make sure both ISPs advertise client public IP space via BGP (ISPB as secondary with help of BGP AS Path)

2. Reassign the existing IP (from ISPA assigned address space) on ISP A router Fast Eht 0/1 (connects to Switch1) :

Reassign the existing IP (from ISPB assigned address space) on other router Fast Eht 0/1 (connects to Switch1) :

Place both the ports on same Vlan on Switch1.

Configure HSRP with standby IP : and ISPA router HSRP config will track external interface on ISP A router

3. Now when I take out the ISPs assigned IPs from respective routers and assign clent Own ip there, do the ISPs have to form BGP neighbor with my IPs on the routers..? or do I have to leave the ISP IPs same and have the client IPs as secondary Ips on the rtr interface (in which case HSRP may not work)

Also, the above set up will work or not..? Please suggest...

Thank you in advace



Sounds like you are on the right path.

For peerig you will want to make sure you get a /30 address from both ISP's. You will need those for BGP peering, unless the ISP provides you a different peering IP further in their network, most of the time is a /30 on the serial interface.

BGP is not instant. There is about a 30 second establishment for each peer you bring up. You will need to make sure that your ISP does nothing to your announcement, that they just pass it upstream. You control the announcement, if you advertise it out, the ISP should receive it. to verify if your ISP is forwarding use a Looking Glass and verify the routing on another network.

For number 3, I would bring up the peering session first, verify routing before making and IP changes to the network.

When making the changes you may want to make sure DNS is updated since your address scheme will change your DNS might take a little longer to start working based on TTL's

You have a large undertaking but you are on the right path.

As far as HSRP, yes, any standard HSRP config you can find on cisco will due, just needs to do failover.

However, I was just introduced to PfR, this does load sharing and helps with network performance. This might be a better solution for you.

Thank you very much for your reply. I have requested client ISPs to advertise the client subnets and it need to be tested. Please see the current configs on Internet switch and Internet routers, and iam looking at below steps.. please review and advise..


1. ISP-A router managed by ISP

2. ISP-B router managed by Client

3. ASA has default route to ISP-A rtr Fe0/0

4. PIX has default route to ISP-B Eth0

5. Eventhough Interface Vlan created on the L2Switch, no routing enabled.


A. I have added Loopback IP on ISP-B rtr for testing. (to check both ISPs advertising my network).

B. When 'A' is successful, (as client IP space IP existing on ISP-A rtr FE0/0 as secondary address) change the ASA outside IP and all necessaary routing statements pointing to new Ips.

At this time can I get rid of ISP-A's own assigned IP( and make my clients IP as primary..???

C. Change all servers to cleint IP space (including DNS entries)

D. Assign ISP-B rtr Eth0 --> Ip from client IP space

E. Configure HSRP for ISP-A rtr & ISP-B rtr IPs.

Thnak you in advance


Any suggestions....

Thank you


