cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
435
Views
0
Helpful
2
Replies

eBGP design with HSRP

bert.verhaeghe
Level 1
Level 1

We are investigating to enhance our datacenter availability and would request an AS from our RIR (RIPE) with PI address space. At the moment we have internet access in one facility in Brussels but are expanding to another facility in the Netherlands where a backup ISP connection would be connected.

We know we will need to speak eBGP to both ISPs to be able to failover our IP block if the primary ISP connection would go down. At the facility in Brussels we have a Active/Passive setup with our ISP consisting of a pair of Juniper firewalls on our behalf and Cisco routers on the ISP side with HSRP and static routing. We will replace the Juniper firewalls with a pair of Cisco ISR 4451-X routers which would be configured for the BGP session. In the Netherlands the backup ISP connection will be serviced by a Cisco 3925.

Now the question is regarding the redundant L2 setup at the Brussels facility. I know it's not possible to use a HSRP virtual IP as the BGP neighbor address, so am I correct to say the only way of implementing BGP and maintaining the redundancy at the Brussels facility would be to establish a mesh of BGP sessions between our routers and the two ISP routers?

1 Accepted Solution

Accepted Solutions

e.ciollaro
Level 4
Level 4

Hi Bert,

the easiest thing is configure two eBGP session: one between primaries router (you primary and ISP primary) and one between secondaries routers, PLUS an iBGP session between your router. This way, in case of a link failure, your primary router is stil able to route packet forwarding them to the secondary router (it could be useful because depending on the type of WAN your are using, router's WAN interfcae can be up/up alsowhen end to end connectivity is lost. In that case HSRP doesn0t change the active router).   

 

Bye,

enrico.

 

PS please rate if useful

View solution in original post

2 Replies 2

e.ciollaro
Level 4
Level 4

Hi Bert,

the easiest thing is configure two eBGP session: one between primaries router (you primary and ISP primary) and one between secondaries routers, PLUS an iBGP session between your router. This way, in case of a link failure, your primary router is stil able to route packet forwarding them to the secondary router (it could be useful because depending on the type of WAN your are using, router's WAN interfcae can be up/up alsowhen end to end connectivity is lost. In that case HSRP doesn0t change the active router).   

 

Bye,

enrico.

 

PS please rate if useful

Thank you for your comments Enrico,

I will check with our ISP if this will be the way to go. After some further reading, I think this will probably be the most suitable setup. 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco