Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
647
Views
0
Helpful
2
Replies

BGP Configuration help

chevymannie
Level 1
Level 1

‎01-04-2013 01:13 PM - edited ‎03-04-2019 06:34 PM

Hi,

I have no real mentionable BGP experience so I need some help with a config.

Current configuration:

2xASA5510s (Active/Standby) --->3925 Internet Router---->Internet

Going to:

2xASA5510s(Active/Standby)---->3925 Internet Router A----->ISP (Primary)

                                          \---->3925 Internet Router B----->ISP (Backup)

Note:  Only one ISP just different speed connections

We're going to be using BGP to the ISP.  Our goal is to advertise one subnet via BGP over both links using routerA as the primary and routerB only if it fails.  How can should I configure my ASA and the internet routers to accomplish this?

Labels:
0 Helpful
2 Replies 2

John Blakley
VIP Alumni
VIP Alumni

‎01-04-2013 01:42 PM

Are you ASAs paired now or does that need to be done as well? Since you have 2 routers, you could configure hsrp on the lan side for the failover piece. The ASA would have 1 default route to the virtual IP. Then under BGP, you can set your route local preferences to be higher on RouterA than on RouterB. Then on RouterB you'd advertise a higher metric to the ISP for the same routes that you'll be advertising with RouterA.

You probably don't need local preferences (for outbound traffic). If you decide to go with hsrp, you'll only have a single active router at a time....

For the router's perspective, you could do something like (assuming you have a 192.168.1.0/24 subnet):

RouterA:

router bgp 1000

network 192.168.1.0 mask 255.255.255.0

neighbor remote-as

RouterB:

ip prefix-list Advertise permit 192.168.1.0/24

route-map Outbound permit 10

match ip address prefix Advertise

set metric 400

route-map Outbound permit 20

router bgp 1000

network 192.168.1.0 mask 255.255.255.0

neighbor remote-as

neighbor route-map Outbound out

The metric that you choose will need to be higher than the metric that router A advertises. The metric controls the inbound traffic.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***
0 Helpful

chevymannie
Level 1
Level 1
In response to John Blakley

‎01-18-2013 07:04 AM

Thanks John.  One more question.  I want to say the ISP gave us two seperate blocks of addresses.  Is it possible to still have failover for the primary IP block?  If so what configuration changes to the above would we need to make.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card