Solved: BGP metric for Backup MPLS circuit

Brian Smith · ‎07-02-2010

We have a 10 location fully-meshed MPLS network. All CPE routers use the same AS number. Two of the locations have backup MPLS circuit with the same ISP as the primary MPLS Circuit. I've decided to use a basic route map to set the metric value of the backup circuit to a value of 10 .

One of the locations this configuration worked fine, but the other location i'm having problems.

Here is the configuation of the problem location

route-map Backup permit 10
set metric 10

router bgp 1
no synchronization
bgp log-neighbor-changes
network 172.20.114.0 mask 255.255.255.0
network 192.168.114.0
neighbor 1.1.1.1 remote-as 55000
neighbor 2.2.2.2 remote-as 55000
neighbor 2.2.2.2 route-map Backup in
neighbor 2.2.2.2 route-map Backup out
no auto-summary

When I do a "sh bgp" the backup circuit isn't added in my remote network (which are ibgp), but it's added in the ISP router..

*> 192.168.107.0    1.1.1.1                         0 55000 55000 i                Remote Location Router
*> 192.168.109.0    1.1.1.1                         0 55000 55000 i                Remote Location Router
* 140.25.2.92/30            ISP Network
                    2.2.2.2           10             0 55000 ?
*>                  1.1.1.1                         0 55000 ?
* 132.11.15.220/30        ISP Network
                    2.2.2.2           10             0 55000 ?
*>                  1.1.1.1                         0 55000 ?

From all the Routers, I can ping the backup circuit IP address that my ISP provided me (2.2.2.1 and 2.2.2.2).

When I bring down the primary circuit, I can't ping to any of my remote networks or ibgp networks. Hopefully this makes a little since, I don't know much about BGP.

Chetan Kumar Ress · ‎07-06-2010

Hi Brain

You have to check the issue with you SP . Why you are not geting route from Backup circuit and till the time you can keep the static route.

And Fast convergence simply you can reduce the holdtimer.

U can use this command

Router(config-router)# timers bgp keepalive holdtime

or even u can apply per neighbor,

Router(config-router)# neighbor [ip-address | peer-group-name] timers keepalive holdtime

Please refer the same post https://supportforums.cisco.com/thread/247105?tstart=0&viewcondensed

Regards

Chetan Kumar

View solution in original post

Chetan Kumar Ress · ‎07-02-2010

Hi

As per my understanding you have two MPLS link from Same SP. And you want to configure Primary & Secondary link.

So simply you can configure Weight on that router to select Primary & Secondary .

And you can inform the same to ISP

For Example : Location Conifg.

router bgp xxxx

no synchronization

bgp log-neighbor-changes

neighbor x.x.x.x remote-as xxxx

neighbor x.x.x.x weight 180 ------ Primary

neighbor x.x.x.x remote-as xxxx

neighbor x.x.x.x weight 150 ------ Secondary

no auto-summary

So you inbound traffic will prefer Primary link.

Regards

Chetna kumar

Brian Smith · ‎07-02-2010

Thanks for the reply,

I configured a weight attribute for the primary and secondary links. Looks like the higher weight will be the preferred router.

When I failover to the secondary circuit I still don't have any of my ibgp networks in the routing table, only the ISP networks.

Something must be configured wrong with the ISP router. I configure a default route with a admin. distance of 200 (ip route 0.0.0.0 0.0.0.0 2.2.2.2 200)

With the route i'm able to ping my remote routers, but the convergence time takes about 3 mins. Is there a way to shorten that time? .

shivlu jain · ‎07-03-2010

Yes are very much right, it will take 3 minutes because of BGP dead timer. The best way is to use RTR or Track or you need to your the BFD for faster convergence.

Also you can ask your SP to use protection local-prefixes.

Read the article:-http://www.mplsvpn.info/2009/12/pe-ce-bgp-link-protection-testing.html

regards

Shivlu Jain

http://www.mplsvpn.info

Brian Smith · ‎07-03-2010

Can I implement RTR or BFD without contacting the Service Provider? Or do I need to contact the SP so they can make a configuration change in their routers?

shivlu jain · ‎07-05-2010

RTR could be one sided. But I dont know about BFD. I think it should be bi directional.

regards

Shivlu Jain

http://www.mplsvpn.info

Brian Smith · ‎07-05-2010

RTR is Route Reflector?

Chetan Kumar Ress · ‎07-06-2010

Hi Brain

As i suggest you to discussed the same issue with SP to get resolution ASAP.

Regrads

Chetan Kumar

amar_5664 · ‎07-05-2010

hey brian,

it should have nothing to do with SP, can you post configs of your router. how are you running ibgp do you have any IGP?

on your router could you do

sh ip bgp nei received-routes

sh ip bgp nei received- routes

sh ip bgp summ

sh ip bgp nei <> adv- routes

and post it here please...

amar_5664 · ‎07-05-2010

chetan the highest weight will be preferred ... so it should be the other way round...

router bgp xxxx

no synchronization

bgp log-neighbor-changes

neighbor x.x.x.x remote-as xxxx

neighbor x.x.x.x weight 150 ------ Secondary

neighbor x.x.x.x remote-as xxxx

neighbor x.x.x.x weight 180 ------ Primary

no auto-summary

Chetan Kumar Ress · ‎07-06-2010

Hi Amar

Yes , Due to some work i was not able to review the post , So by mistake it happen.

I Realy apologize for that post. I had made the changes.

Regards

Chetan kumar

vdineshkumar83 · ‎07-06-2010

Hi Brain,

It seems you are using same AS throughout your domain which requires AS-override or allow-AS-in at service provider end to bring up the circuit. Since you are saying with primary links you are not seeing any issues may be at PE(service provider end) where the secondary link is terminated might not have the above said command. Do check with your SP. Hope this helps.

Regards,

V Dinesh Kumar

Brian Smith · ‎07-06-2010

Thanks for all the post. It's been helpfull. I'm still a bit confused with a couple of things, I hope I can explain this well.

Here is my BGP config. I'm running is BGP, using iBGP to exchange my internal networks, all the routers use bgp AS 1. (NO IGP). Two MPLS circuits (Same SP), using a weighted attribute for primary and secondary links.

Below is a "SH BGP" output. My iBGP networks (192.168.100.0/24, 192.168.101.0/24, etc) do not have the backup circuit in the bgp table, just the primary circuit. When I tested this by shutting down the interface of the primary circuit, I couldn't get to any of my internal network because they were not in the routing table, only the Service Provider networks were in the routing table. I create a static route (ip route 0.0.0.0 0.0.0.0 195.22.4.41 200) Once I added the static route I was able to ping my internal networks, but the converence time was about 3 mins.

My questions are:

I'm wondering why the iBGP networks do not have the backup circuit in it's bgp table? (I'm assuming the service provider router is configured incorrectly) Should I get the SP to fix this or keep the static route?)

How can I shorten the converence time without getting the service provider involved? Earlier posts sugguested a couple of things but I'm not sure what would work best. Would BGP fast-peering work in this case?

router bgp 1
no synchronization
bgp log-neighbor-changes
network 10.0.8.2 mask 255.255.255.255        Loopback
network 172.20.5.0 mask 255.255.255.0
network 192.168.5.0
neighbor 152.17.9.202 remote-as 65000
neighbor 152.17.9.202 weight 100
neighbor 195.22.4.41 remote-as 65000
neighbor 195.22.4.41 weight 50                    Backup Circuit
no auto-summary

ip route 0.0.0.0 0.0.0.0 195.22.4.41 200

sh bgp

*> 122.1.162.68/30 152.17.9.202                       100 65000 ?          SP Network
*                             195.22.4.41                         50 65000 ?          BACKUP CIRCUIT
*> 122.6.22.14/30
                              152.17.9.202                       100 65000 ?          SP Network
*                             195.22.4.41                            50 65000 ?        BACKUP CIRCUIT

*> 154.153.112.40/30
                              152.17.9.202                       100 65000 ?          SP Network
*                             195.22.4.41                            50 65000 ?         BACKUP CIRCUIT
*> 192.168.100.0    152.17.9.202                    100 65000 65000 i
*> 192.168.101.0    152.17.9.202                     100 65000 65000 i
*> 192.168.102.0    152.17.9.202                      100 65000 65000 i
*> 192.168.104.0    152.17.9.202                      100 65000 65000 i

Chetan Kumar Ress · ‎07-06-2010

Hi Brain

You have to check the issue with you SP . Why you are not geting route from Backup circuit and till the time you can keep the static route.

And Fast convergence simply you can reduce the holdtimer.

U can use this command

Router(config-router)# timers bgp keepalive holdtime

or even u can apply per neighbor,

Router(config-router)# neighbor [ip-address | peer-group-name] timers keepalive holdtime

Please refer the same post https://supportforums.cisco.com/thread/247105?tstart=0&viewcondensed

Regards

Chetan Kumar

amar_5664 · ‎07-07-2010

hey mate,

according to your config i dont see ibgp peering, your neighbour commands only point to your SP AS. So probably your network is not being propogated via ibgp.

could you please do sh ip bgp summ and paste it here?