Automatic failover EIGRP to BGP

protocol_1984 · ‎02-10-2013

HI,

Our branch office is connected to head office via 2 links from 2 different service provider. Traffic is routed through BGP via 1st service provider and traffic is routed through EIGRP (Tunnel) through 2nd service provider. 1st link is of 512 kb and second link is of 1 mb. the priority route should be thro 2 nd provider.

By default the routes are passing through the 1st provider as we route through BGP. Currently we remove BGP routes and forwarding the traffic to 2nd provider. Whenever 2nd link goes down we manually shift the traffic by adding routes in the BGP.

How to make it as dynamic failover and give priority to 2nd service provider of 1 mb and running EIGRP.

Scenario:

Config:

Router A:

interface GigabitEthernet0/1

ip address 172.x.x.246 255.255.255.252

router eigrp 100

redistribute static

redistribute bgp 65215 metric 100 1 255 1 1500

network 172.16.0.0 0.0.1.255

no auto-summary

router bgp 65215

no synchronization

bgp log-neighbor-changes

neighbor 172.x.x.245

redistribute eigrp 100

no auto-summary

Router B:

interface Tunnel200

ip address 172.16.251.1 255.255.255.252

tunnel source 87.x.x.154

tunnel destination 87.x.x.234

interface GigabitEthernet0/1

ip address 87.x.x.154 255.255.255.252

duplex auto

speed auto

router eigrp 100

network 172.16.251.0 0.0.0.3

network 172.16.0.0 0.0.1.255

Branch Router:

interface Tunnel200

ip address 172.16.251.2 255.255.255.252

tunnel source 87.x.x.234

tunnel destination 87.x.x.154

interface FastEthernet0/2/0

ip address 87.x.x.234 255.255.255.252

router eigrp 100

network 172.16.251.0 0.0.0.3

no auto-summary

ip route 87.x.x.0 255.255.0.0 87.x.x.233

milan.kulik · ‎02-10-2013

Hi,

it's not clear how the routing on your branch router is done:

Is it running BGP to the first provider and EIGRP to the second?

You could run BGP through the Tunnel to router B then and make your route preferences tuned as you need possibly?

HTH,

Milan

protocol_1984 · ‎02-10-2013

Hi Milan,

Branch office routing is done by BGP through first service provider. I removed the BGP config as to make the traffic to flow thro EIGPR. The below is the actual config.

Branch Router:

interface Tunnel200

ip address 172.16.251.2 255.255.255.252

tunnel source 87.x.x.234

tunnel destination 87.x.x.154

interface FastEthernet0/2/0

ip address 87.x.x.234 255.255.255.252

router eigrp 100

network 172.16.251.0 0.0.0.3

no auto-summary

ip route 87.x.x.0 255.255.0.0 87.x.x.233

router bgp 65215

no synchronization

bgp log-neighbor-changes

network 172.16.5.X x.x.x.127

neighbor 192.168.131.57 remote-as 29684

no auto-summary

milan.kulik · ‎02-10-2013

Hi,

so wouldn;t it be possible to advertise to the Provider 2 via EIGRP only prefixes necessary to establish the tunnel and then run BGP between your HQ Router B and the branch router through the tunnel?

The configuring Local Preference correct way on both sites you could prefer the path through the tunnel, i.e, provider 2.

HTH,

Milan.

protocol_1984 · ‎02-11-2013

Hi,

Can u give a sample config like where to tweak the settings. I have to do this in the live environment...

Thanks.

Raffi...

milan.kulik · ‎02-12-2013

Hi,

when your tunnel is Up, I'd try to start BGP peering between Router B and Branch router through the Tunnel.

But it would be easier to run eBGP to get the prefixes to beat the EIGRP routes.

When the eBGP peering is esatblished between the Brach router and Router B through the tunnel, it shlould beat EIGRP prefixes automatically.

You just might need to tune Local Preference on Router B to make it the outgoing router for your traffic from your HQ to the Brange Office - I'm not sure if your router A and B are peering? And what's the default GW used in your HQ LAN?

HTH,

Milan

Ajay Raj · ‎02-12-2013

Hi Mohamed,

Since the AD value to BGP is less than EIGRP. BGP routes will be preferred by default.

To override this, you can configure BGP Backdoor. Then the traffic will flow via EIGRP.

milan.kulik · ‎02-12-2013

Hi,

"...AD value to BGP is less than EIGRP." is valid for eBGP but not for iBGP.

That's why I suggested to run eBGP through the tunnel.

BR,

Milan

protocol_1984 · ‎02-17-2013

Hi Milan,

EBGP Peering is done between router A and branch router. The routing is happening without issues. Link between Router B and branch router is through DIA for which GRE tunnel is configured and passed thorugh EIGRP.

When both r configured primary by default is by EBGP and secondary is thro DIA. I need the primary to be DIA and backup thro EBGP.

ROuter A and Router B are not peering thro iBGP. HQ LAN default GW differs for different segment.

milan.kulik · ‎02-19-2013

Hi,

to make the primary to be DIA and backup thro EBGP, you mihgt try to increase Local Preference of BGP prefixes received from the GRE tunnel.You would need to configure that on both tunnel sides.

There might be a problem with subnets where Router A is configured as a default GW though.

So you would need to configure Router A to prefer a path to Branch office via Router B somehow, or to exclude the subnets using Router A as the default GW from the Local Preference increase (described above) on the Branch router.

In the later case those subnets will keep preferring EBGP path to/from Branch Office.

HTH,

Milan