03-31-2011 08:28 AM - edited 03-04-2019 11:56 AM
Hello,
I have a dual homed ISP Setup:
R1---> ISP1
R2----> ISP2
NO iBGP between them.
The Firewall behind R1 & R2 is setup for failover (Active/Standby). So R1 and R2 have HSRP on their LAN Interfaces - one HSRP Group fro Each ISP.
I have a PUBLIC IP Block, say 4.5.6.0/24, which is being advertized over BOTH R1 & R2, but R1 being a preferred route when both links are active (using AS-Prepend for that IP Block, on R2). Idea is, when R1-ISP1 link Fails, the IP block 4.5.6.0/24 msut be reachable over R2-ISP2 Link (link with a longer AS-Path).
But, when R1-ISP1 link fails, the route for 4.5.6.0/24 does NOT reconverge- The Upstream ISPs (confirmed via a looking glass site)- are still sending traffic over to ISP1, and it dies at R1-ISP1 Link.
Any other emthods how this can be acheived?
Thanks!
03-31-2011 10:43 AM
Hi,
are you sure ISP1 does not have a static configured for your 4.5.6.0/24?
Is it visible with your AS number originating under normal conditions through an Internet looking glass?
BR,
Milan
03-31-2011 10:49 AM
Milan,
thanks for the reply. Yes, I see that my ASN (say 45678) gets appended to the route when I check the route using a few ISP's looking glass sites.:
Following are results from ISP (different from the two I peer with)- for the route 4.5.6.0/24
ISP-X:
BGP routing table entry for 4.5.6.0/24, version 8919944
Bestpath Modifiers: always-compare-med, deterministic-med
Paths: (12 available, best #9)
Not advertised to any peer
1234 45678, (received & used)
ISP-Y:
BGP routing table entry for 4.5.6.0/24, version 19432520
Bestpath Modifiers: deterministic-med
Paths: (1 available, best #1)
1234 1234 1234 1234 45678
I believe they are tagging my routes with a diff Local-Pref or something (as as-path comes into play only when there is a tie between weight and local-pref - in BGP route selection) - dont knwo what type of tagging though
thanks.
03-31-2011 11:01 AM
Likely that ISP1 is tagging your routes with a higher local preference in their policy. Otherwise, I don't see any issue why this should not work.
03-31-2011 11:09 AM
Also, did you happen to check from a global route-server like this one?
telnet route-views.oregon-ix.net
This will also give you the local preference values set anywhere in the middle in case you didn't [Should show 100 if it is at default]
03-31-2011 11:56 AM
Thanks for the reply.
Yes, I see the routes with LP as 90- and spoke with the ISP. Will need to tag my routes to have this changed it seems.
Thanks to rama & milan.
04-01-2011 12:07 AM
Hi,
that still does not explain the behaviour:
When R1-ISP1 link fails, ISP1 should NOT receive your prefixes at all and should NOT advertise them to the upstream ISP.
Unless there is some interconnection between ISP1 and ISP2 and there is something wrong within the ISP1 network?!
Are you able to shutdown the R1-ISP1 line for a test and watch the AS-PATH within your prefixes through some upstream looking glass?
BR,
Milan
05-29-2015 02:14 PM
Yeah, you would better look the AS-PATH with your prefixes through different backbone core routers with read only access level
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide