Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1009
Views
0
Helpful
5
Replies

BGP/MPLS multiple static routes to same destination

bstrain1974
Level 1
Level 1

‎03-26-2019 06:46 AM

Diagram attached. Cisco beginner here. I have 6 offices in total. Currently I have 1 static route in MAIN OFFICE 1 router that points all data center traffic to FW 1 and all the other routers learn this route through BGP and it works fine. Traffic goes from FW 1 to VPN 1 then DC.

 

What I would like to do is add a static route in BRANCH 1 router that points all data center traffic to FW 2. Traffic goes from FW 2 to VPN 2 then DC.

 

I'm having trouble getting this to work. A traceroute from BRANCH 1 goes in a loop - I'm assuming because of the Verizon PE routers? 

 

MAIN OFFICE 1 ROUTER

bgp router-id 68.139.249.XXX
bgp log-neighbor-changes
timers bgp 10 30
redistribute connected
redistribute static
neighbor 68.139.249.XXX remote-as 65000

 

BRANCH 1 ROUTER

router bgp 65001
bgp router-id 68.136.106.XX
bgp log-neighbor-changes
redistribute connected
redistribute static
neighbor 68.136.106.XX remote-as 65000

Labels:
Preview file
133 KB
0 Helpful
5 Replies 5

paul driver
VIP
VIP

‎03-26-2019 03:49 PM - edited ‎03-27-2019 07:47 AM

Hello

Instead of just redistributing the static routes into the branch sites and having manual static routes at your branch office you could just redistribute/advertise the static from each main site with a local preference given to main office 2

 

example:

Main site 1
router bgp 65001
redistribute connected
redistribute static route-map LP
neighbor <branch office > remote-as 65001
neighbor <main office 2> remote-as 65001
neighbor <main office 2> next-hop-self
neighbor 68.139.x.x remote-as 65000
no auto-summary


route-map LP permit
set local-preference 20000


ip route 10.20.240.0 255.255.255.0 10.10.156.2

 

 

Main site 2

router bgp 65001
redistribute connected
redistribute static route-map LP
neighbor <branch office > remote-as 65001
neighbor <main office 1> remote-as 65001
neighbor <main office 1> next-hop-self
neighbor 68.139.x.x remote-as 65000
no auto-summary


route-map LP permit
set local-preference 50000

track 10 interface <wan interface> line-protocol

ip route 10.20.240.0 255.255.255.0 10.10.152.2 track 10




Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

bstrain1974
Level 1
Level 1
In response to paul driver

‎03-29-2019 09:45 AM

Paul, thanks so much for the reply. Currently I have just the 1 static route 10.20.40.0 in the MAIN OFFICE 1  router and that gets advertised to my other routers and works fine.

 

Going forward I want to also use VPN 2 to reach the data center. I'd like some branches to go through MAIN OFFICE 1/FW 1/VPN 1, and then some other branches to use MAIN OFFICE 2/FW 2/VPN 2.

 

Adding the static route (ip route 10.20.40.0 255.255.255.0 10.10.155.2) to BRANCH 1 did not work.

 

I have tried adding additional neighbors to 10.10.157.1 and 10.10.155.1 and also adding the ebgp-multihop command, since there are multiple Verizon routers between my 2 routers - this did not work.

 

What if I advertised the MAIN OFFICE 2 network as follows

network 10.10.155.0 mask 255.255.255.0

 

Would that possibly help? Again, thanks for any help you can provide.

 

 

0 Helpful

bstrain1974
Level 1
Level 1
In response to bstrain1974

‎03-29-2019 11:21 AM

New diagram attached to help clarify what I'm trying to do, thanks.

Preview file
164 KB
0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to bstrain1974

‎03-29-2019 11:24 AM

 

If this is a L3 MPLS solution you can't do what you want because your sites are not peering with each other they are peering with provider routers. 

 

So you cannot tell one branch to use a different default route to the others because how do you tell the provider to route a specific branch one way and other branches the other. 

 

What you would have to do to achieve this is to build tunnels across the MPLS network and then use a routing protocol across the tunnel so you could then directly influence which site goes where. 

 

Of course there are other possible solutions eg. different VPNs with different default routes but these would need to be agreed with the provider. 

 

Paul also may have some ideas ?

 

Jon

0 Helpful

bstrain1974
Level 1
Level 1
In response to Jon Marshall

‎03-29-2019 11:35 AM

I have read about the ebgp-multihop. Is that something that can be used here?

https://networklessons.com/bgp/ebgp-multihop

 

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card