I have a problem. I have two gateway routers going to the internet. both routers have the exact BGP table and are peering to two different AS's from two different providers. I have set up HSRP between the two routers as well for redanduncy. the problem: i have shut down the secondary outgoing link due to the fact that when it is enabled, my network becomes very very slow! that is, when both routers are peering and my network is going out through my primary. but when i disable the outgoing interface on the secondary router everything stabilises. how can this be as i have HSRP right? meaning traffic should not go out the STANDBY interface anyway!
my routers are 3900s. what am thinking is that traffic is being dropped somewhere in the cloud. I think traffic is being confused on the cloud as to which AS to go to between the two I am peering with. how do I stop that?
Are you sure your not becoming a transit AS for the two ISPs?
Apply a filter to just advertise your local routes
Ip as-path filter-list 10 permit ^$
Router bgp 8000
Neighbour (isp) xx filter-list 10 out
Sent from Cisco Technical Support iPad App
Yeah I was just throwing that in there as food for thought. It's worth verifying that the route-map is filtering as expected though.
Sent from Cisco Technical Support Android App
Tracking ip routing just makes sure that routing can be done out oif the specified interface.
Add the track to the external interface on the primary R1-ISP1, also add iBGP between both routers and apply a high local pref on the primary router.
I'm afraid the primary rule of BGP is that you have no ability to tell a neighbouring AS how to route your traffic, it is up to them. What we can do is make one of our links look 'less attractive' using AS prepending, but in the case it shouldn't be needed, and its not something we can take away automatically should the secondary become active.
Start by adding the IP routing object tracker to your HSRP config, then create iBGP between your routers. Apply the route-map with a higher local pref and that way any traffic that does end up at the secondary will be routed to the primary over the iBGP link.
We have had several suggestions about manipulating incoming BGP advertisements and outbound advertisements. We know that each BGP neighbor is configured in an inbound route map and an outbound route map. But we do not know what the route maps are doing. From the fact that the BGP neighbors are also configured with send-community I believe it is reasonable to assume that there is already some manipulation being done. It would be very helpful if the original poster would clarify what is in the route maps and what filtering or other manipulation is already being done.
yeah its starting to make sense now. so the tracking will go with HSRP right? then it will be tracking the external interface of the primary link. should this fail, the secondary kicks in. on the iBGP part, if i set a higher local pref on the primary....how will the routing occur when the primary link goes down?
Perhaps there is some aspect of your question that I am not understanding yet. But it seems pretty simple to me. BGP runs using a TCP connection. So when the primary link goes down the the BGP neighbor relationship times out and goes down. That means that all routes learned from that BGP neighbor are removed and the routes learned from the backup neighbor are the routes that are used.
Is there something else that you are asking?
If we relied on BGP timers then yes it could take up to 180 secs for the failover. However we can tune this using BFD for BGP and/or neighbour fall-over.
If you set a higher local pref on the primary then any traffic that did arrive at the secondary would be routed to the primary.
If the primary went down and the peer is lost using fast peer sesion deactivation with BFD or neighbour fall over (which will cause a failover quicker), the peer will be determined down, the BGP will advertise out to its iBGP neighbour the fact it cannot reach those networks anymore and the secondary will act as the new primary by re-converging its BGP table.
Meanwhile HSRP has already failed over due to detecting the outside inter4face on the primary is down and is now sending all requests to the secondary BGP gateway.
If i got all of the suggestions correctly from you. what you are advising is that i run an IBGP between the two routers with a higher prepend on the primary router.
I configure trcking (ip routing) and set it to HSRP.
I have arranged for some downtime this weekend to try out all of your suggestions. I am very greatful to you all.
"higher prepend on the primary router."
No, set a higher local pref on the inbound routes from the ISP using a route map.
Prpending AS' would only be used on the secondary if we wanted the internet to look upon the advertised routes from secondary router as less favourable.