Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1764
Views
0
Helpful
7
Replies

BGP auto failover with multihoming provider

Go to solution
syafrilmp
Level 1
Level 1

‎11-27-2019 11:07 PM - edited ‎11-28-2019 02:49 AM

I want to ask is possible to make auto-failover and load balancing with multihoming provider (different ISP) but with special condition. I mean I want all 10.6.x.x/16 segments going through R1 but 10.6.55.x/24 dedicated to R2 when both of WAN is up.

FYI now I used BGP routing and IP prefix list, It oke for now but when WAN 2 is down I must manually erase some configuration in R2 due to VLAN 10.6.55.x is static in there. the condition that I want is :
1. 10.6.x.x/16 all the way through to WAN 1 and 10.6.55.x/24 to WAN 2 if both of them is up

2. If WAN 2 down I want 10.6.55.x/24 is automatically moving to WAN 1

3. if WAN 1 down I also want 10.6.x.x/16 is automatically moving to WAN 2 with 10.6.55.x/24 still going to WAN 2

For those who curious why VLAN 10.6.55.x going to WAN 2 when both of WAN was up instead of WAN 1 because of VLAN 55 was used to VICON

 

WhatsApp Image 2019-11-28 at 10.39.32.jpeg

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Georg Pauwen
VIP
VIP
In response to syafrilmp

‎11-29-2019 03:46 AM

Hello,

 

sorry for the misunderstanding: what I am saying is: you cannot have 10.6.0.0/16 and e.g.10.6.55.0/24 on the same router.

 

Either way, I assume that you do not actually have 10.6.x.x/16 configured on an interface, but just want to use that as a summary address. So the PBR would look like this:

 

access-list 101 deny ip 10.6.55.0 0.0.0.255 any
access-list 101 permit ip 10.6.0.0 0.0.255.255 any
!
access-list 102 permit ip 10.6.55.0 0.0.0.255 any
!
route-map TO_WAN permit 10
match ip address 101
set ip next-hop 10.2.20.x
continue
route-map TO_WAN permit 20
match ip address 102
continue
route-map TO_WAN permit 30

!

interface Vlanif2
ip address 10.6.2.x 255.255.255.x
vrrp vrid 1 virtual-ip 10.6.2.x
vrrp vrid 1 priority 200
vrrp vrid 1 preempt-mode timer delay 30
ip policy route-map TO_WAN

 

 

View solution in original post

0 Helpful
7 Replies 7

Go to solution
Georg Pauwen
VIP
VIP

‎11-28-2019 01:41 AM

Hello,

 

your best option is probably to use policy based routing. Judging from your drawing, the R.LB device is the device where your local networks come in and go out to each respective WAN router ? Post the configuration of the R.LB device, and indicate which platform that is, and what IOS you are running, so we can fill in the necessary bits and pieces...

0 Helpful

Go to solution
syafrilmp
Level 1
Level 1
In response to Georg Pauwen

‎11-28-2019 03:19 AM

this the config file of R1, R2, and R LB

Preview file
8 KB
Preview file
8 KB
Preview file
8 KB
0 Helpful

Go to solution
Georg Pauwen
VIP
VIP
In response to syafrilmp

‎11-28-2019 04:07 AM - edited ‎11-28-2019 04:18 AM

Hello,

 

thanks for the configs. On which device are the routed interfaces for 10.6.x.x/16 and 10.6.55.x/24 ?

 

Or is this the interface connecting to the core switch where 10.6.x.x/16 and 10.6.55.x/24 are configured on ?

 

interface Vlanif2
ip address 10.6.2.x 255.255.255.x

0 Helpful

Go to solution
syafrilmp
Level 1
Level 1
In response to Georg Pauwen

‎11-28-2019 08:35 AM

all segment in core switch is 10.6.x.x/16 (LOCAL IP) but VLAN 10.6.55.x/24 which belong to 10.6.x.x/16 segment is specific just for VICON ONLY. if you see in R. LB at interface GigabitEthernet4/0/0 that port is connected to core switch where 10.6.x.x/16 and 10.6.55.x/24 are configured

0 Helpful

Go to solution
Georg Pauwen
VIP
VIP
In response to syafrilmp

‎11-28-2019 09:46 AM

Hello,

 

-->  if you see in R. LB at interface GigabitEthernet4/0/0 that port is connected to core switch where 10.6.x.x/16 and 10.6.55.x/24 are configured

 

You cannot configure both IP addresses on the Core switch, since they are overlapping. That is why I am asking where the interfaces are configured. Either way, you need route maps that match the IP addresses, and then set the next hop:

 

access-list 101 permit ip 10.6.0.0 0.0.255.255 any
access-list 102 permit ip 10.6.55.0 0.0.0.255 any
!
route-map TO_WAN1 permit 10
match ip address 101
set ip next-hop 10.2.20.x
!
route-map TO_WAN1 permit 20

!

route-map TO_WAN2 permit 10
match ip address 102
set ip next-hop 10.2.21.x
!
route-map TO_WAN2 permit 20
!
interface X
ip address 10.6.x.x 255.255.0.0
ip policy route-map TO_WAN1
!
interface Y
ip address 10.6.55.x 255.255.255.0
ip policy route-map TO_WAN2

0 Helpful

Go to solution
syafrilmp
Level 1
Level 1
In response to Georg Pauwen

‎11-28-2019 04:41 PM

why cannot both IP addresses because 10.6.55.x/24 is included in the family of my local network. let me get straight, why i say 10.6.x.x/16 because I had many VLAN in there example 10.6.101.x/24 (gadget only), 10.6.200.x/25 (printer only), 10.6.55.x/24 (VICON only), and etc. so hope can make you clear sir

 

and belong to example config on your reply, so i have do that to my R. LB?

0 Helpful

Go to solution
Georg Pauwen
VIP
VIP
In response to syafrilmp

‎11-29-2019 03:46 AM

Hello,

 

sorry for the misunderstanding: what I am saying is: you cannot have 10.6.0.0/16 and e.g.10.6.55.0/24 on the same router.

 

Either way, I assume that you do not actually have 10.6.x.x/16 configured on an interface, but just want to use that as a summary address. So the PBR would look like this:

 

access-list 101 deny ip 10.6.55.0 0.0.0.255 any
access-list 101 permit ip 10.6.0.0 0.0.255.255 any
!
access-list 102 permit ip 10.6.55.0 0.0.0.255 any
!
route-map TO_WAN permit 10
match ip address 101
set ip next-hop 10.2.20.x
continue
route-map TO_WAN permit 20
match ip address 102
continue
route-map TO_WAN permit 30

!

interface Vlanif2
ip address 10.6.2.x 255.255.255.x
vrrp vrid 1 virtual-ip 10.6.2.x
vrrp vrid 1 priority 200
vrrp vrid 1 preempt-mode timer delay 30
ip policy route-map TO_WAN

 

 

0 Helpful
Customers Also Viewed These Support Documents