Accepted Solutions
Hi Yogesh,
I have tried another soultion to suit your requirement. Changes are made only on R3 , R4 and R5 and the desired results are acheived. Below topology was used with similar ip addresses.Do let me know if this helps
This is how you acheive it.
On R3 and R4 you can have Local Preference Set so that the routes from Primary SP is always preferred.
route-map LOCAL-PREF, permit, sequence 10
Match clauses:
Set clauses:
local-preference 500
Policy routing matches: 0 packets, 0 bytes
router bgp 3
neighbor 10.1.1.2 route-map LOCAL-PREF in
Thus under normal conditions the primary SP will always be preferred when both links are up.
-------------------------------------------------------------------------------------------------------------------
Now coming to the main config, as you said we will make some changes on R5 so that incoming and ooutgoing routes are preferred via the SP2 when the primary link at R3 or R4 is down.
First of all I set a PBR on the interfaces connecting to R3 and R4 so that whenever packets from the source address of R3 or R5's loopback is received the next hop is set to 20.1.1.10 ie link to SP2.
interface FastEthernet0/0
description Link to R3
ip address 20.1.1.2 255.255.255.252
ip policy route-map PBR-R3-R4
duplex auto
speed auto
route-map PBR-R3-R4 permit 10
match ip address 10
set ip next-hop 20.1.1.10
access-list 10 permit 3.3.3.3
access-list 10 permit 4.4.4.4
This way when traffic from source 3.3.3.3 or 4.4.4.4 is received on R5 the traffic is routed to 20.1.1.10 instead of the preferred path 10.1.1.6 on R5.
-------------------------------------------------------------------------------------------------------------------
Now coming to the incoming routes since we cannot make changes on R6 we will tweak the adverrtised routes on R5 so that R6 prefers SP2 for reverse traffic to 3.3.3.3 or 4.4.4.4
Create a route-map and set AS path prepend 3 3
route-map R3-R4-TO-SP1 permit 10
match ip address 10
set as-path prepend 3 3
access-list 10 permit 3.3.3.3
access-list 10 permit 4.4.4.4
Apply that route-map to the bgp peering with R1,
router bgp 3
neighbor 10.1.1.10 route-map R3-R4-TO-SP1 out
R1 receives two BGP routes for 3.3.3.3 and 4.4.4.4 from R3 and R4 respectively and R5 but the one from R3 and R4 in preferred becasue it has a shorter AS path than the one received from R5 and advertises the same to R6 and hence R6 always prefers SP1 under normal circumstances .
--------------------------------------------------------------------
Also at R5 I set an AS path prepend of 3 on all routes on the BGP peering with SP2 so that all routes are sent with AS path 3 3 and when R6 receives routes from SP2 the AS path is 2 3 3.
route-map TO-SP2 permit 10
set as-path prepend 3
neighbor 20.1.1.10 route-map TO-SP2 out
--------------------------------------------------------------------
When the link between R3 and R1 is down it stops receiving this route from R3 and puts the route from R5 in it BGP table and advertises the same to R6. But at R6 now the route received from SP2 R2 has a shorter AS path and hence prefers R2 for its reverse route.
At R6 the route preference will be R6-R1-R3 ( AS Path 1 3) , Next R6-R2-R5-R3 ( AS Path 2 3 3) , Next ( AS Path ( 1 3 3 3) as shown below.
R6#sh ip bgp
BGP table version is 10, local router ID is 6.6.6.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 100.1.1.1 0 0 1 i
*> 2.2.2.2/32 200.1.1.1 0 0 2 i
*> 3.3.3.3/32 100.1.1.1 0 1 3 i
* 200.1.1.1 0 2 3 3 i
*> 4.4.4.4/32 100.1.1.1 0 1 3 i
* 200.1.1.1 0 2 3 3 i
*> 5.5.5.5/32 100.1.1.1 0 1 3 i
* 200.1.1.1 0 2 3 3 i
*> 6.6.6.6/32 0.0.0.0 0 32768 i
-------------------------------------------------------------------------------------------------------------------
Under all conditions R5 will always prefer SP1 as it primary SP because the the AS path is prepended only for loopback addresses of R3 and R4.
Routing entry for 6.6.6.6/32
Known via "bgp 3", distance 20, metric 0
Tag 1, type external
Last update from 10.1.1.10 00:03:06 ago
Routing Descriptor Blocks:
* 10.1.1.10, from 10.1.1.10, 00:03:06 ago
Route metric is 0, traffic share count is 1
AS Hops 2
**********************************************************************************
**********************************************************************************
Trace from R3 to R6 when both links are up.
R3#sh ip bgp summary
BGP router identifier 3.3.3.3, local AS number 3
BGP table version is 15, main routing table version 15
5 network entries using 505 bytes of memory
8 path entries using 384 bytes of memory
10 BGP path attribute entries using 600 bytes of memory
3 BGP AS-PATH entries using 72 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1561 total bytes of memory
BGP activity 5/0 prefixes, 11/3 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.1.1.2 4 1 49 42 15 0 0 00:20:50 3
20.1.1.2 4 3 69 58 15 0 0 00:44:55 4
R3#trac
R3#traceroute
Protocol [ip]:
Target IP address: 6.6.6.6
Source address: 3.3.3.3
Numeric display [n]:
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Port Number [33434]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to 6.6.6.6
1 10.1.1.2 24 msec 20 msec 20 msec
2 100.1.1.2 52 msec * 48 msec
----------------------------------------------------------------------------------------------------------------
Reverse Route from R6 to R3 when both links are up.
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
100.1.1.1 4 1 51 48 8 0 0 00:41:39 4
200.1.1.1 4 2 49 49 8 0 0 00:41:42 5
R6#tr
R6#traceroute
Protocol [ip]:
Target IP address: 3.3.3.3
Source address: 6.6.6.6
Numeric display [n]:
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Port Number [33434]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to 3.3.3.3
1 100.1.1.1 24 msec 28 msec 20 msec
2 10.1.1.1 44 msec * 40 msec
R6#
------------------------------------------------------------------------------------------------------
Shutting Down the Primary Link at R3
BGP activity 5/0 prefixes, 11/6 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.1.1.2 4 1 65 58 0 0 0 00:02:25 Idle
20.1.1.2 4 3 92 81 18 0 0 01:02:42 4
R3#traceroute
Protocol [ip]:
Target IP address: 6.6.6.6
Source address: 3.3.3.3
Numeric display [n]:
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Port Number [33434]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to 6.6.6.6
1 20.1.1.2 36 msec 20 msec 20 msec
2 20.1.1.10 32 msec 48 msec 32 msec
3 200.1.1.2 68 msec * 68 msec
R3#
-----------------------------------------------------------------------------------------------------------
Reverse Route from R6 to R3 when primary link at R3 is down.
R6#traceroute
Protocol [ip]:
Target IP address: 3.3.3.3
Source address: 6.6.6.6
Numeric display [n]:
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Port Number [33434]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to 3.3.3.3
1 200.1.1.1 44 msec 32 msec 20 msec
2 20.1.1.9 32 msec 48 msec 28 msec
3 20.1.1.1 76 msec * 76 msec
----------------------------------------------------------------------------------------------------
Traffic from R5 to R6 is aunaffected when primary link at R3 is down.
Trace from R5 to R6 when primary link at R3 is down.
R5#traceroute
Protocol [ip]:
Target IP address: 6.6.6.6
Source address: 5.5.5.5
Numeric display [n]:
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Port Number [33434]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to 6.6.6.6
1 10.1.1.10 40 msec 40 msec 24 msec
2 100.1.1.2 52 msec * 44 msec
R5#
----------------------------------------------------------------------------------------------
HTH
Regards
Umesh
Hi Yogesh,
I tried this scenario in GNS3 its work fine for me.
1) The traffic of R5 should divert via Primary SP i.e. R1 even if Primary link of R3/R4 is down. If its primary links goes down then R5 should take path from R2.
I shutdown R3 primary BGP neighbor relationship between R3 -- R1.
R3(config)#router bgp 3
R3(config-router)#neighbor 10.1.1.1 shutdown
R3(config-router)#^Z
R3#
R3#
Jul 7 07:12:17.555: %BGP-5-ADJCHANGE: neighbor 10.1.1.1 Down Admin. shutdown
Jul 7 07:12:17.711: %SYS-5-CONFIG_I: Configured from console by console
R3#
R3#sh ip bgp summary | B Ne
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.1.1.1 4 1 378 337 0 0 0 00:05:57 Idle (Admin)
20.1.1.1 4 3 493 439 100 0 0 06:00:24 4
R3#
I shutdown R4 primary BGP neighbor relationship between R4 -- R1.
R4(config)#router bgp 3
R4(config-router)#neighbor 10.1.1.5 shutdown
R4(config-router)#^Z
R4#
Jul 7 07:14:49.067: %SYS-5-CONFIG_I: Configured from console by console
Jul 7 07:14:49.287: %BGP-5-ADJCHANGE: neighbor 10.1.1.5 Down Admin. shutdown
R4#
R4#sh ip bgp summary | B Ne
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.1.1.5 4 1 467 392 0 0 0 00:02:47 Idle (Admin)
20.1.1.5 4 3 502 440 117 0 0 03:58:15 4
R4#
If I did the trace from R5 to R6 loopback it will go via R5.
R5 Primary link --->R1--->R6
R5#traceroute 6.6.6.6 source loopback 5
Type escape sequence to abort.
Tracing the route to 6.6.6.6
1 10.1.1.9 36 msec 32 msec 8 msec
2 100.1.1.1 72 msec * 36 msec
R5#
Reverse traffic from R6 to Loopback R5. Both the traffic are symmetric.
R6#
R6#traceroute 5.5.5.5 source loopback 6
Type escape sequence to abort.
Tracing the route to 5.5.5.5
1 100.1.1.2 60 msec 44 msec 24 msec
2 10.1.1.10 100 msec * 96 msec
R6#
Now I will shutdown the R5 primary neighbor relationship between R5 --- R1
R5(config)#router bgp 3
R5(config-router)#neighbor 10.1.1.9 shutdown
R5(config-router)#^Z
R5#
R5#
Jul 7 07:25:51.451: %BGP-5-ADJCHANGE: neighbor 10.1.1.9 Down Admin. shutdown
Jul 7 07:25:51.459: %SYS-5-CONFIG_I: Configured from console by console
R5#
Now traffic should go via R5 secondary link.
R5#traceroute 6.6.6.6 source loopback 5
Type escape sequence to abort.
Tracing the route to 6.6.6.6
1 20.1.1.9 24 msec 40 msec 0 msec
2 200.1.1.1 32 msec * 24 msec
R5#
Reverse traffic from R6 to Loopback R5. Both the traffic is symmetric.
R6#
R6#traceroute 5.5.5.5 source loopback 6
Type escape sequence to abort.
Tracing the route to 5.5.5.5
1 200.1.1.2 52 msec 44 msec 40 msec
2 20.1.1.10 16 msec * 20 msec
R6#
2) If Primary Link of R3/R4 towards SP1 is down then the traffic of R3 & R4 should divert via Secondary SP i.e. R2. In this case, the Primary link of R5 is till up so the Loopback of R5 should be reachable via SP1 the Loopback of R3/R4 should be reachable via R2.
Current traffic is going via R3--R1--R6
R3#
R3#traceroute 6.6.6.6 source loopback 3
Type escape sequence to abort.
Tracing the route to 6.6.6.6
1 10.1.1.1 48 msec 72 msec 16 msec
2 100.1.1.1 48 msec * 72 msec
R3#
After shutting the primary bgp neighbor between R3—R1.
R3#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#router bgp 3
R3(config-router)#neighbor 10.1.1.1 shutdown
R3(config-router)#^Z
R3#
Jul 7 07:42:51.763: %SYS-5-CONFIG_I: Configured from console by console
Jul 7 07:42:51.947: %BGP-5-ADJCHANGE: neighbor 10.1.1.1 Down Admin. shutdown
R3#
R3#traceroute 6.6.6.6 source loopback 3
Type escape sequence to abort.
Tracing the route to 6.6.6.6
1 20.1.1.1 24 msec 56 msec 24 msec
2 20.1.1.9 24 msec 56 msec 28 msec
3 200.1.1.1 52 msec * 80 msec
R3#
Reverse traffic from R6 to Loopback R3. Both the traffic is symmetric. Loopback of R3 is reachable via ISP 2 when primary BGP neighbor is down.
R6#traceroute 3.3.3.3 source loopback 6
Type escape sequence to abort.
Tracing the route to 3.3.3.3
1 200.1.1.2 32 msec 56 msec 20 msec
2 20.1.1.10 36 msec 48 msec 20 msec
3 20.1.1.2 40 msec * 64 msec
R6#
Current traffic is going via R4---R1---R6
R4#traceroute 6.6.6.6 source loopback 4
Type escape sequence to abort.
Tracing the route to 6.6.6.6
1 10.1.1.5 36 msec 44 msec 24 msec
2 100.1.1.1 28 msec * 28 msec
After shutting the primary bgp neighbor between R4—R1.
R4#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R4(config)#router bgp 3
R4(config-router)#neighbor 10.1.1.5 shutdown
R4(config-router)#^Z
R4#
Jul 7 07:40:32.967: %BGP-5-ADJCHANGE: neighbor 10.1.1.5 Down Admin. shutdown
Jul 7 07:40:33.111: %SYS-5-CONFIG_I: Configured from console by console
R4#
R4#traceroute 6.6.6.6 source loopback 4
Type escape sequence to abort.
Tracing the route to 6.6.6.6
1 20.1.1.5 28 msec 48 msec 24 msec
2 20.1.1.9 20 msec 16 msec 52 msec
3 200.1.1.1 20 msec * 96 msec
R4#
Reverse traffic from R6 to Loopback R4. Both the traffic is symmetric. Loopback of R4 is reachable via ISP 2 when primary BGP neighbor is down.
R6#traceroute 4.4.4.4 source loopback 6
Type escape sequence to abort.
Tracing the route to 4.4.4.4
1 200.1.1.2 40 msec 48 msec 24 msec
2 20.1.1.10 12 msec 60 msec 12 msec
3 20.1.1.6 108 msec * 68 msec
R6#
Primary link of R5 is till up so the Loopback of R5 should be reachable via SP1
R5 Primary BGP neighbor is UP.
R5#sh ip bgp sum | b Ne
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.1.1.9 4 1 600 586 91 0 0 06:01:14 3
20.1.1.2 4 3 488 548 91 0 0 06:39:37 1
20.1.1.6 4 3 483 550 91 0 0 04:38:07 1
20.1.1.9 4 2 552 584 91 0 0 06:44:12 3
R5#
Trace from R5 to R6
R5#traceroute 6.6.6.6 source loopback 5
Type escape sequence to abort.
Tracing the route to 6.6.6.6
1 10.1.1.9 24 msec 52 msec 24 msec
2 100.1.1.1 8 msec * 72 msec
R5#
Reverse traffic from R6 to Loopback R5. Both the traffic is symmetric.
R6#traceroute 5.5.5.5 source loopback 6
Type escape sequence to abort.
Tracing the route to 5.5.5.5
1 100.1.1.2 28 msec 40 msec 16 msec
2 10.1.1.10 16 msec * 68 msec
R6#
Now I will explain how I have done this.To achieve this I created 2 policy base routing in R5 on interface Fa0/1 & Fa1/0.
R5#sh running-config interface FastEthernet0/1
Building configuration...
Current configuration : 135 bytes
!
interface FastEthernet0/1
ip address 20.1.1.5 255.255.255.252
ip policy route-map Traffic_From_R3&R4
duplex auto
speed auto
end
R5#
R5#sh running-config interface FastEthernet1/0
Building configuration...
Current configuration : 135 bytes
!
interface FastEthernet1/0
ip address 20.1.1.1 255.255.255.252
ip policy route-map Traffic_From_R3&R4
duplex auto
speed auto
end
R5#
R5#sh route-map Traffic_From_R3&R4
route-map Traffic_From_R3&R4, permit, sequence 10
Match clauses:
ip address (access-lists): 100
Set clauses:
ip next-hop 20.1.1.9
Policy routing matches: 158 packets, 9560 bytes
route-map Traffic_From_R3&R4, permit, sequence 20
Match clauses:
Set clauses:
Policy routing matches: 28 packets, 1960 bytes
R5#
R5#sh ip access-list 100
Extended IP access list 100
10 permit ip host 3.3.3.3 host 6.6.6.6 (36 matches)
20 permit ip host 4.4.4.4 host 6.6.6.6 (36 matches)
R5#
Also I have used AS-path prepend attribute in R1 & R2.So that R6 choose the best path as you like.
R1 BGP configuration.
R1#sh running-config | s bgp
router bgp 1
bgp log-neighbor-changes
neighbor 10.1.1.2 remote-as 3
neighbor 10.1.1.6 remote-as 3
neighbor 10.1.1.10 remote-as 3
neighbor 100.1.1.1 remote-as 4
!
address-family ipv4
neighbor 10.1.1.2 activate
neighbor 10.1.1.2 route-map Traffic_From_R5&R3 in
neighbor 10.1.1.6 activate
neighbor 10.1.1.6 route-map Traffic_From_R5&R3 in
neighbor 10.1.1.10 activate
neighbor 10.1.1.10 soft-reconfiguration inbound
neighbor 10.1.1.10 route-map Traffic_From_R5 in
neighbor 100.1.1.1 activate
no auto-summary
no synchronization
network 1.1.1.1 mask 255.255.255.255
exit-address-family
R1#
R1#
R1#sh route-map Traffic_From_R5&R3
route-map Traffic_From_R5&R3, permit, sequence 10
Match clauses:
ip address (access-lists): 20
Set clauses:
as-path prepend last-as 2
Policy routing matches: 0 packets, 0 bytes
route-map Traffic_From_R5&R3, permit, sequence 20
Match clauses:
Set clauses:
Policy routing matches: 0 packets, 0 bytes
R1#
R1#sh ip access-list 20
Standard IP access list 20
10 permit 5.5.5.5 (5 matches)
R1#
R1#sh route-map Traffic_From_R5
route-map Traffic_From_R5, permit, sequence 10
Match clauses:
ip address (access-lists): 10
Set clauses:
as-path prepend last-as 2
Policy routing matches: 0 packets, 0 bytes
route-map Traffic_From_R5, permit, sequence 20
Match clauses:
Set clauses:
Policy routing matches: 0 packets, 0 bytes
R1#
R1#sh ip access-list 10
Standard IP access list 10
10 permit 3.3.3.3 (14 matches)
20 permit 4.4.4.4 (14 matches)
R1#
R2 BGP configuration.
R2#sh running-config | s bgp
router bgp 2
bgp log-neighbor-changes
neighbor 20.1.1.10 remote-as 3
neighbor 200.1.1.1 remote-as 4
!
address-family ipv4
neighbor 20.1.1.10 activate
neighbor 200.1.1.1 activate
neighbor 200.1.1.1 route-map Traffic_From_R5 out
no auto-summary
no synchronization
network 2.2.2.2 mask 255.255.255.255
exit-address-family
R2#
R2#sh route-map Traffic_From_R5
route-map Traffic_From_R5, permit, sequence 10
Match clauses:
ip address (access-lists): 10
Set clauses:
as-path prepend last-as 1
Policy routing matches: 0 packets, 0 bytes
route-map Traffic_From_R5, permit, sequence 20
Match clauses:
Set clauses:
Policy routing matches: 0 packets, 0 bytes
R2#
R2#sh ip access-list 10
Standard IP access list 10
10 permit 4.4.4.4 (3 matches)
20 permit 3.3.3.3 (2 matches)
30 permit 5.5.5.5 (1 match)
R2#
In R3, R4 & R5 I have created a route-map PRIMARY_LINK and I have applied that in all primary links in inbound direction. In that route-map I have matched Loopback6 and set weight 100.
R3 BGP configuration.
R3#sh running-config | s bgp
router bgp 3
bgp log-neighbor-changes
neighbor 10.1.1.1 remote-as 1
neighbor 20.1.1.1 remote-as 3
!
address-family ipv4
neighbor 10.1.1.1 activate
neighbor 10.1.1.1 route-map PRIMARY_LINK in
neighbor 20.1.1.1 activate
no auto-summary
no synchronization
network 3.3.3.3 mask 255.255.255.255
exit-address-family
R3#
R3#sh route-map PRIMARY_LINK
route-map PRIMARY_LINK, permit, sequence 10
Match clauses:
ip address prefix-lists: LO6
Set clauses:
weight 100
Policy routing matches: 0 packets, 0 bytes
route-map PRIMARY_LINK, permit, sequence 20
Match clauses:
Set clauses:
Policy routing matches: 0 packets, 0 bytes
R3#
R3#sh ip prefix-list
ip prefix-list LO6: 1 entries
seq 5 permit 6.6.6.6/32
R3#
Message was edited by: Sindhukumar Chithamabaram
Hi Yogesh,
It not like that from R1 If you see the best route for 3.3.3.3 & 4.4.4.4 is from R3 & R4 right. So R1 will advertise the best route to R6.
Note now both the router R3 & R4 primary link is UP only.
When R3 & R4 primary link is down at that time R6 will select the best path via secondary link.
Any way you can't apply this logic in ISP RTR . (R1 & R2) . Any way it nice to work this kind of complex BGP routing
Hi Yogesh,
I have tried another soultion to suit your requirement. Changes are made only on R3 , R4 and R5 and the desired results are acheived. Below topology was used with similar ip addresses.Do let me know if this helps
This is how you acheive it.
On R3 and R4 you can have Local Preference Set so that the routes from Primary SP is always preferred.
route-map LOCAL-PREF, permit, sequence 10
Match clauses:
Set clauses:
local-preference 500
Policy routing matches: 0 packets, 0 bytes
router bgp 3
neighbor 10.1.1.2 route-map LOCAL-PREF in
Thus under normal conditions the primary SP will always be preferred when both links are up.
-------------------------------------------------------------------------------------------------------------------
Now coming to the main config, as you said we will make some changes on R5 so that incoming and ooutgoing routes are preferred via the SP2 when the primary link at R3 or R4 is down.
First of all I set a PBR on the interfaces connecting to R3 and R4 so that whenever packets from the source address of R3 or R5's loopback is received the next hop is set to 20.1.1.10 ie link to SP2.
interface FastEthernet0/0
description Link to R3
ip address 20.1.1.2 255.255.255.252
ip policy route-map PBR-R3-R4
duplex auto
speed auto
route-map PBR-R3-R4 permit 10
match ip address 10
set ip next-hop 20.1.1.10
access-list 10 permit 3.3.3.3
access-list 10 permit 4.4.4.4
This way when traffic from source 3.3.3.3 or 4.4.4.4 is received on R5 the traffic is routed to 20.1.1.10 instead of the preferred path 10.1.1.6 on R5.
-------------------------------------------------------------------------------------------------------------------
Now coming to the incoming routes since we cannot make changes on R6 we will tweak the adverrtised routes on R5 so that R6 prefers SP2 for reverse traffic to 3.3.3.3 or 4.4.4.4
Create a route-map and set AS path prepend 3 3
route-map R3-R4-TO-SP1 permit 10
match ip address 10
set as-path prepend 3 3
access-list 10 permit 3.3.3.3
access-list 10 permit 4.4.4.4
Apply that route-map to the bgp peering with R1,
router bgp 3
neighbor 10.1.1.10 route-map R3-R4-TO-SP1 out
R1 receives two BGP routes for 3.3.3.3 and 4.4.4.4 from R3 and R4 respectively and R5 but the one from R3 and R4 in preferred becasue it has a shorter AS path than the one received from R5 and advertises the same to R6 and hence R6 always prefers SP1 under normal circumstances .
--------------------------------------------------------------------
Also at R5 I set an AS path prepend of 3 on all routes on the BGP peering with SP2 so that all routes are sent with AS path 3 3 and when R6 receives routes from SP2 the AS path is 2 3 3.
route-map TO-SP2 permit 10
set as-path prepend 3
neighbor 20.1.1.10 route-map TO-SP2 out
--------------------------------------------------------------------
When the link between R3 and R1 is down it stops receiving this route from R3 and puts the route from R5 in it BGP table and advertises the same to R6. But at R6 now the route received from SP2 R2 has a shorter AS path and hence prefers R2 for its reverse route.
At R6 the route preference will be R6-R1-R3 ( AS Path 1 3) , Next R6-R2-R5-R3 ( AS Path 2 3 3) , Next ( AS Path ( 1 3 3 3) as shown below.
R6#sh ip bgp
BGP table version is 10, local router ID is 6.6.6.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 100.1.1.1 0 0 1 i
*> 2.2.2.2/32 200.1.1.1 0 0 2 i
*> 3.3.3.3/32 100.1.1.1 0 1 3 i
* 200.1.1.1 0 2 3 3 i
*> 4.4.4.4/32 100.1.1.1 0 1 3 i
* 200.1.1.1 0 2 3 3 i
*> 5.5.5.5/32 100.1.1.1 0 1 3 i
* 200.1.1.1 0 2 3 3 i
*> 6.6.6.6/32 0.0.0.0 0 32768 i
-------------------------------------------------------------------------------------------------------------------
Under all conditions R5 will always prefer SP1 as it primary SP because the the AS path is prepended only for loopback addresses of R3 and R4.
Routing entry for 6.6.6.6/32
Known via "bgp 3", distance 20, metric 0
Tag 1, type external
Last update from 10.1.1.10 00:03:06 ago
Routing Descriptor Blocks:
* 10.1.1.10, from 10.1.1.10, 00:03:06 ago
Route metric is 0, traffic share count is 1
AS Hops 2
**********************************************************************************
**********************************************************************************
Trace from R3 to R6 when both links are up.
R3#sh ip bgp summary
BGP router identifier 3.3.3.3, local AS number 3
BGP table version is 15, main routing table version 15
5 network entries using 505 bytes of memory
8 path entries using 384 bytes of memory
10 BGP path attribute entries using 600 bytes of memory
3 BGP AS-PATH entries using 72 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1561 total bytes of memory
BGP activity 5/0 prefixes, 11/3 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.1.1.2 4 1 49 42 15 0 0 00:20:50 3
20.1.1.2 4 3 69 58 15 0 0 00:44:55 4
R3#trac
R3#traceroute
Protocol [ip]:
Target IP address: 6.6.6.6
Source address: 3.3.3.3
Numeric display [n]:
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Port Number [33434]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to 6.6.6.6
1 10.1.1.2 24 msec 20 msec 20 msec
2 100.1.1.2 52 msec * 48 msec
----------------------------------------------------------------------------------------------------------------
Reverse Route from R6 to R3 when both links are up.
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
100.1.1.1 4 1 51 48 8 0 0 00:41:39 4
200.1.1.1 4 2 49 49 8 0 0 00:41:42 5
R6#tr
R6#traceroute
Protocol [ip]:
Target IP address: 3.3.3.3
Source address: 6.6.6.6
Numeric display [n]:
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Port Number [33434]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to 3.3.3.3
1 100.1.1.1 24 msec 28 msec 20 msec
2 10.1.1.1 44 msec * 40 msec
R6#
------------------------------------------------------------------------------------------------------
Shutting Down the Primary Link at R3
BGP activity 5/0 prefixes, 11/6 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.1.1.2 4 1 65 58 0 0 0 00:02:25 Idle
20.1.1.2 4 3 92 81 18 0 0 01:02:42 4
R3#traceroute
Protocol [ip]:
Target IP address: 6.6.6.6
Source address: 3.3.3.3
Numeric display [n]:
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Port Number [33434]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to 6.6.6.6
1 20.1.1.2 36 msec 20 msec 20 msec
2 20.1.1.10 32 msec 48 msec 32 msec
3 200.1.1.2 68 msec * 68 msec
R3#
-----------------------------------------------------------------------------------------------------------
Reverse Route from R6 to R3 when primary link at R3 is down.
R6#traceroute
Protocol [ip]:
Target IP address: 3.3.3.3
Source address: 6.6.6.6
Numeric display [n]:
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Port Number [33434]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to 3.3.3.3
1 200.1.1.1 44 msec 32 msec 20 msec
2 20.1.1.9 32 msec 48 msec 28 msec
3 20.1.1.1 76 msec * 76 msec
----------------------------------------------------------------------------------------------------
Traffic from R5 to R6 is aunaffected when primary link at R3 is down.
Trace from R5 to R6 when primary link at R3 is down.
R5#traceroute
Protocol [ip]:
Target IP address: 6.6.6.6
Source address: 5.5.5.5
Numeric display [n]:
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Port Number [33434]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to 6.6.6.6
1 10.1.1.10 40 msec 40 msec 24 msec
2 100.1.1.2 52 msec * 44 msec
R5#
----------------------------------------------------------------------------------------------
HTH
Regards
Umesh
Hi Umesh,
Thanks for the reply with all details.
Topology of the solution which was approved is given below:
1) Every Branc is having Primary Connection to Primary SP via EBGP towards HUB Location.
2) At one of the Branch, additional Aggregator Router has been added just to terminate the Secondary Link from the Rest of the Branches via IBGP. This Aggregator Router will have EBGP with Secondary SP and thus if any Primary link fails, only Secondary SP can be utilized without much manipulation.
The Secondary Links on all the branches would be on Wireless...UBR concept.
By using the earlier Design I was actually trying to reduce the cost of additional aggregator Router which was used in approved design.
Earlier design was rejected due to below reasons:
1) Client dont want any of their branch to become Transit Branch for Other branches.
2) There might be issue with Crypto, RRI which they are using.
Excuse for the delay reply since I was not keeping well.
Once again, thanks for reply.
Regards,
Yogesh.
