cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2531
Views
10
Helpful
7
Replies
Highlighted

Dual Homed ISP - BGP for failover - IP Block Routing questions.

Hello,

I have a dual homed ISP Setup:

R1---> ISP1

R2----> ISP2

NO iBGP between them.

The Firewall behind R1 & R2 is setup for failover (Active/Standby). So R1 and R2 have HSRP on their LAN Interfaces - one HSRP Group fro Each ISP.

I have a PUBLIC IP Block, say 4.5.6.0/24, which is being advertized over BOTH R1 & R2, but R1 being a preferred route when both links are active (using AS-Prepend for that IP Block, on R2). Idea is, when R1-ISP1 link Fails, the IP block 4.5.6.0/24 msut be reachable over R2-ISP2 Link (link with a longer AS-Path).

But, when R1-ISP1 link fails, the route for 4.5.6.0/24 does NOT reconverge- The Upstream ISPs (confirmed via a looking glass site)- are still sending traffic over to ISP1, and it dies at R1-ISP1 Link.

Any other emthods how this can be acheived?

Thanks!

7 REPLIES 7
Highlighted
Advocate

Hi,

are you sure ISP1 does not have a static configured for your  4.5.6.0/24?

Is it visible with your AS number originating under normal conditions through an Internet looking glass?

BR,

Milan

Highlighted

Milan,

thanks for the reply. Yes, I see that my ASN (say 45678) gets appended to the route when I check the route using a few ISP's looking glass sites.:

Following are results from ISP (different from the two I peer with)- for the route 4.5.6.0/24

ISP-X:

BGP routing table entry for 4.5.6.0/24, version 8919944
Bestpath Modifiers: always-compare-med, deterministic-med
Paths: (12 available, best #9)
  Not advertised to any peer
  1234 45678, (received & used)

ISP-Y:

BGP routing table entry for 4.5.6.0/24, version 19432520
Bestpath Modifiers: deterministic-med
Paths: (1 available, best #1)
    1234 1234 1234 1234 45678

I believe they are tagging my routes with a diff Local-Pref or something (as as-path comes into play only when there is a tie between weight and local-pref - in BGP route selection) - dont knwo what type of tagging though

thanks.

Highlighted

Likely that ISP1 is tagging your routes with a higher local preference in their policy. Otherwise, I don't see any issue why this should not work.

Highlighted

Also, did you happen to check from a global route-server like this one?

telnet route-views.oregon-ix.net

This will also give you the local preference values set anywhere in the middle in case you didn't [Should show 100 if it is at default]

Highlighted

Thanks for the reply.

Yes, I see the routes with LP as 90- and spoke with the ISP. Will need to tag my routes to have this changed it seems.

Thanks to rama & milan.

Highlighted

Hi,

that still does not explain the behaviour:

When R1-ISP1 link fails, ISP1 should NOT receive your prefixes at all and should NOT advertise them to the upstream ISP.

Unless there is some interconnection between ISP1 and ISP2 and there is something wrong within the ISP1 network?!

Are you able to shutdown the R1-ISP1 line for a test and watch the AS-PATH within your prefixes through some upstream looking glass?

BR,

Milan

Highlighted

Yeah, you would better look the AS-PATH with your prefixes through different backbone core routers with read only access level