Solved: Configuring BGP

ermionline · ‎01-31-2019

Hi,

We have two ISP links which are connected to a router then connects to a firewall. As shown in the below picture and

we want to configure failover using BGP with the two ISP links.

What configuration we need.

MUHAMMAD TAYYAB MUNIR · ‎02-04-2019

Your talking between the firewall and IGW router? if yes not mandatory to have BGP, you can configure anything default/static route or dynamic routing between them.

BR

Tayyab

*** Please rate all helpful responses and mark solutions***

View solution in original post

Deepak Kumar · ‎02-04-2019

Hi,

Yes, you can use the default route on the ASA.

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

View solution in original post

shaps · ‎01-31-2019

If you are using BGP then you can use local preference, setting a higher one on the primary circuit inbound, outbound to the providers you can metrics or AS path pre-pend, although this very much depends on the provider and is difficult to determine the ingress to your network.

If you have a large enough address space, for instance a /23 you could advertise 2 /24s from the primary and a /23 at the secondary site.

ermionline · ‎02-04-2019

But they want me to configure BGP. is it possible to do that?

MUHAMMAD TAYYAB MUNIR · ‎02-04-2019

Hi @ermionline

The Answer is yes BGP is possible and most of ISP using BGP between the PE to CE. Could you please answer following question in order to provide you the correct solutions?

1) what are the requirements?

2) you want to use both links active/active or only one and the second one will be standby primary/secondary?

3) Send the email to ISP and ask what parameter they want you to configure on your end i.e AS, AS prepend for return traffic and LP for outgoing traffic and how they will send the traffic back to you..

Once you get the info post here to understand more.

BR

Tayyab

*** Please rate all helpful responses and mark solutions***

ermionline · ‎02-04-2019

Hi Tayyab Munnir,

We want it t be Active/standby

The ISP has given has AS number which is 6454.
As you can see on the diagram i have a Router connected to the ISP Devices and firewall behind that connected to the Router and the internal network, so do i need to configure BGP on both devices?

MUHAMMAD TAYYAB MUNIR · ‎02-04-2019

Hi @ermionline

Your talking between the firewall and IGW router? if yes not mandatory to have BGP, you can configure anything default/static route or dynamic routing between them.

BR

Tayyab

*** Please rate all helpful responses and mark solutions***

Deepak Kumar · ‎02-04-2019

Hi,

You try below configuration:

interface gig 0/0
ip address 10.130.50.250 255.255.255.x
!
!
interface gig1/0
ip address 10.130.65.250 255.255.255.x
!
!
router bgp 6454
no sychronization
bgp log-neighbor-changes
no auto-summery
neighbor 10.130.50.252 remote-as 6454
neighbor 10.130.65.252 remote-as 6454
neighbor 10.130.65.252 route-map AS-6454-INCOMING in
!
ip as-path access-list 1 permit 6454
!
route-map AS-6454-INCOMING permit 10
match as-path 1
set local-preference 500

A subnet between router to you can advertise in the BGP or use redistribution connected with route-map or without route-map. I am not sure about your this subnet. Is it purchased from ISP?

Regards,
Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

ermionline · ‎02-04-2019

Thanks Dupak,

My subnet is 172.10.10.0/30 and 172.20.0.0/16. and they are not purchased from the ISP.

one another thing, so it means i don`t need to configure BGP between the router and Firewall? i just can use static routes to on the firewall to forward traffic to the Router.

Deepak Kumar · ‎02-04-2019

Hi,

Yes, you can use the default route on the ASA.

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!