Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
376
Views
0
Helpful
1
Replies

BGP Configuration and Failover

keen4.net
Level 1
Level 1

‎02-29-2016 09:03 PM - edited ‎03-05-2019 03:27 AM

Hello All,

We have two links from two different ISPs on BGP. Both links are connected on different CE router at our end. Network diagram attached for reference.

We are advertising two pools on this links , 192.168.10.0/24 from one ISP and 192.168.30.0/24 from other ISP.

Couple of days back we have experienced a problem during outage of ISP-1 link. We were not able to access pool advertised on ISP-1. Failover to second ISP was also not happened.

Requesting to help to validate the BGP configuration and suggest where might be the problem, so that we can fix the same and failover to either of the ISP can happen smoothly.

Also, if please anyone can help me the understand the configuration on BGP, as bit confused what exactly happened the time of failover so that IP were not reachable from outside.

Configuration is below.

ISP-1

router bgp 200
 no bgp log-neighbor-changes
 network 192.168.10.0 mask 255.255.255.0
 network 192.168.30.0 mask 255.255.255.0
 neighbor 172.16.1.1 remote-as 100
 neighbor 172.16.1.1 next-hop-self
 neighbor 172.16.1.1 soft-reconfiguration inbound
 neighbor 172.16.1.1 route-map AS_PREP out
 neighbor 172.16.1.1 maximum-prefix 50000 50
 neighbor 172.16.1.1 filter-list 10 out
 neighbor 192.168.10.3 remote-as 200
 neighbor 192.168.10.3 version 4
 neighbor 192.168.10.3 next-hop-self
 neighbor 192.168.10.3 soft-reconfiguration inbound
 neighbor 192.168.10.3 prefix-list default out
 neighbor 192.168.10.3 maximum-prefix 25000 50

ip as-path access-list 1 permit ^100$
ip as-path access-list 10 permit ^$

ip prefix-list LAN1 seq 5 permit 192.168.30.0/24
!
ip prefix-list LAN2 seq 5 permit 192.168.10.0/24
!
ip prefix-list block seq 5 deny 0.0.0.0/0 ge 1
!
ip prefix-list default seq 5 permit 0.0.0.0/0

route-map WAN_OUT permit 10
 match as-path 10
!
route-map AS_PREP permit 10
 match ip address prefix-list LAN1
 set as-path prepend 200 200 200 200 200
!
route-map AS_PREP permit 20

ip route 0.0.0.0 0.0.0.0 172.16.1.1 name ISP-1

interface GigabitEthernet0/0
 description ISP-1 Link
 ip address 172.16.1.1 255.255.255.252
 ip access-group 100 in
 ip access-group 100 out
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip accounting output-packets
 ip flow ingress
 ip flow egress
 duplex auto
 speed auto
 no cdp enable

interface GigabitEthernet0/1
 description *** Conected to LAN **
 ip address 192.168.30.2 255.255.255.0 secondary
 ip address 192.168.10.2 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 standby 1 ip 192.168.10.1
 standby 1 timers 5 15
 standby 1 priority 110
 standby 1 preempt
 duplex auto
 speed auto
 no cdp enable


+++++++++++
ISP-2 :-


router bgp 200
 no bgp log-neighbor-changes
 network 192.168.10.0 mask 255.255.255.0
 network 192.168.30.0 mask 255.255.255.0
 neighbor 192.168.10.2 remote-as 200
 neighbor 192.168.10.2 version 4
 neighbor 192.168.10.2 next-hop-self
 neighbor 192.168.10.2 soft-reconfiguration inbound
 neighbor 192.168.10.2 prefix-list default out
 neighbor 192.168.10.2 maximum-prefix 25000 50
 neighbor172.16.100.1 remote-as 300
 neighbor172.16.100.1 next-hop-self
 neighbor172.16.100.1 soft-reconfiguration inbound
 neighbor172.16.100.1 route-map AS_PREP out
 neighbor172.16.100.1 maximum-prefix 50000 50
 neighbor172.16.100.1 filter-list 10 out

ip as-path access-list 1 permit ^300$
ip as-path access-list 10 permit ^$

ip prefix-list LAN1 seq 5 permit 192.168.30.0/24
!
ip prefix-list LAN2 seq 5 permit 192.168.10.0/24
!
ip prefix-list block seq 5 deny 0.0.0.0/0 ge 1
!
ip prefix-list default seq 5 permit 0.0.0.0/0

route-map WAN_OUT permit 10
 match as-path 10
!
route-map AS_PREP permit 10
 match ip address prefix-list LAN2
 set as-path prepend 200 200 200 200 200
!
route-map AS_PREP permit 20

ip route 0.0.0.0 0.0.0.0 172.16.1.1 name Default

interface GigabitEthernet0/0
 description ISP-2 Link
 ip address 192.168.30.3 255.255.255.0 secondary
 ip address 192.168.10.3 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 standby 1 ip 192.168.10.1
 standby 1 timers 5 15
 standby 1 preempt
 duplex auto
 speed auto
 no cdp enable
!
interface GigabitEthernet0/1
 description *** Connected to LAN ***
 ip address 172.16.100.2 255.255.255.252
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip flow ingress
 ip flow egress
 duplex auto
 speed auto
 no cdp enable

Regards

JN

Labels:
Preview file
31 KB
0 Helpful
1 Reply 1

katimazu
Cisco Employee
Cisco Employee

‎03-01-2016 01:28 PM

Hi JN,

I see a couple issues off the bat:

 

  1. On ISP-1, your neighbor IP to AS 100 is set for 172.16.1.1, which is the IP configured on your Gi0/0 interface. The neighbor should be set for the IP on the ISP side which should be 172.16.1.2.
  2. I think the IP’s on Gi0/0 and Gi0/1 on ISP-2 might be flipped. I would recommend verifying your documentation for your IP addressing scheme for this device. Your BGP configs on ISP-2 seem to indicate that 192.168.10.2 is within your AS (200) while 172.16.100.1 is to your ISP2 AS (300). If this is the case, 172.16.100.2/30 should be configured on Gi0/0; 192.168.10.3/24 & 192.168.30.3 on Gi0/1.

-Katina

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card