cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3418
Views
0
Helpful
8
Replies

BGP in INTERNET

muthupriyanka
Level 1
Level 1

Hi,

  I have a live scenario in which there are 2 routers R1 and R2 -each has a WAN link to ISP1 and ISP2 respectively.I am getting full routing table from both ISP's thru EBGP and I m advertising my IP block to both ISP's.Also I have configured HSRP with 2 groups in my LAN interface vlan2 in both the routers with group 10 and group 20.For HSRP group 10,R1 is the active router and for group 20 R2 is the active router.Also I m tracking the WAN interface of my WAN link in HSRP and if the WAN link goes down,my HSRP state changes.Both the routers are connected to the switch which in turn is connected to the Firewall.Firewall has a default static route pointing towards the virtual ips of both HSRP groups.

PUBLIC IP block advertised in ISP1 : 252.0/24 and 252.0/23

PUBLIC IP block advertised in ISP2 : 253.0/24 and 252.0/23

Now my question is : Do I need IBGP between R1 and R2 ??

Regards,

Pri..

8 Replies 8

Mohamed Sobair
Level 7
Level 7

Yes, I still recommend you have IBGP between your Internal routers R1 and R2.

The reason is because , the tracking doesnt check or track the BGP session, it tracks ONLY the interface status, however, you might have an Interface connected and UP but the BGP session with one of the ISPs down, so you need both routers now to switch the traffic to the Active ISP.

Also another reason for having IBGP, is to perform some kind of loadsharing besides Redundancy of Course.

With your current Setup. You might miss both.

HTH

Mohamed

Hi Mohamed,

  Thanks for the reply..I agree with ur explantion on the WAN link staying up and BGP going down.

  But how IBGP helps in load sharing ? Can I hav a brief explanation on the same ?

  I have a reverse static route for my IP blocks pointing towards firewall in each router.

  I have a default static route poining towards both HSRP virtual ips in my firewall with equal metric.So I will have a load sharing for my forward traffic to internet happening with my MHSRP rather than IBGP.For my reverse traffic from internet,it depends on how u publish your IP blocks to both ISP's.

Regards,

Pri..

By having IBGP on both routers, you may choose to split your Internal subnet and prefer one ISP over another for inboun and outbound traffic. (Using local preference To prefer outgoing path and As-path prepending to influence the return path.

The Most important point overall, Having IBGP provides you with the most redundant solution.

Please rate.

HTH

Mohamed

Thanks..

The problem I am facing with IBGP is : Continued from earlier scenario in my 1st post

I have a reverse static route pointing towards firewall ip 252.5 for the IP blocks advertised in both the routers.

Firewall has a default static route pointing towards both HSRP groups with equal metric.

In R1, when i check the sh ip bgp advertised routes to my ISP1,the next hop shows as 252.5 for 252.0/24 and 252.0/23.

In R2,next hop for 253.0/24 and 252.0/23 shows as 252.5 but I see RIB failure for 252.0/23.This is bcoz I have a static route for 252.0/23 with AD 1 and I have a route learned via IBGP from R1 with AD 200.

So bcoz of this RIB failure,252.0/23 is not getting advertised in EBGP to ISP2.

Also I have Policy based routing configured in LAN interface to push the forward traffic for 252.0/24 thru ISP1 and 253.0/24 thru ISP2.Also if one ISP WAN link goes down, policy based routing is configured to switch the traffic thru the other ISP.My aim was to achieve symmetrical routing.

If I dont have this IBGP bw R1 and R2 ,the problem will be resolved.This is where the question arises in which case my IBGP will help me??

Can anyone help me in resolving this issue ?

Regards,

Pri..

Hi Pri,

As you are achieving the redundancy using FHRP( hsrp), you might say that iBGP is not required but i would say its recommended .

In R2,next hop for 253.0/24 and 252.0/23 shows as 252.5 but I see RIB failure for 252.0/23.This is bcoz I have a static route for 252.0/23 with AD 1 and I have a route learned via IBGP from R1 with AD 200.

So bcoz of this RIB failure,252.0/23 is not getting advertised in EBGP to ISP2.


As per Cisco FAQ, what you said is right that the RIB routes are not advertised to peers.

http://www.cisco.com/en/US/tech/tk365/technologies_q_and_a_item09186a00800949e8.shtml#twenty-three

However ,from what I have seen although its a RIB failure the route is still considered as best and will be advertised to your SP peering router unless you type the command bgp suppress-inactive under the router bgp process . What do you see when you type sh ip bgp neig adver

The rib failure in our case is just telling the R2 router that there is a better route thats learned via static than iBGP.

If you think what I am saying is not true then see below  I have labbed it for you

r10#sh ip bgp

BGP table version is 9, local router ID is 172.16.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

r> 2.2.2.2/32       172.16.1.2               0             0 300 i

r10#sh ip bgp 2.2.2.2

BGP routing table entry for 2.2.2.2/32, version 9

Paths: (1 available, best #1, table Default-IP-Routing-Table, RIB-failure(17))

  Advertised to non peer-group peers:

  10.1.1.1 192.168.2.1

  300

    172.16.1.2 from 172.16.1.2 (2.2.2.2)

      Origin IGP, metric 0, localpref 100, valid, external, best

r10#conf t

r10(config)#router bgp 100

r10(config-router)#bgp suppress-inactive

r10(config-router)#end

r10#sh ip bgp 2.2.2.2

BGP routing table entry for 2.2.2.2/32, version 10

Paths: (1 available, best #1, table Default-IP-Routing-Table, RIB-failure(17) - next-hop mismatch)

  Not advertised to any peer

  300

    172.16.1.2 from 172.16.1.2 (2.2.2.2)

      Origin IGP, metric 0, localpref 100, valid, external, best

HTH,

Regards

Kishore

Please rate if helpful

Thanks Kishore for ur valuable input..

Regards,

Pri..

I would try using a dynamic routing protocol like EIGRP and get rid of all static routes.

Florin

I wouldnt go for a routing protocol to replace just 2 or 3 static routes. Besides, even if you do enable EIGRP the RIb failure would still be there as the AD of eigrp will be less than 200.

Regards

Review Cisco Networking for a $25 gift card