Solved: Failover to static route when BGP fails

Huddles18 · ‎05-03-2021

Hey all,

We have just recently setup a BGP connection to our Azure environment via an ExpressRoute. What a pain that was, but we're slowly getting it up and running.

Before the BGP connection was setup, everything was being routed through our Meraki MX, and then sent through the S2S VPN, and that was how we would access Azure.

Now that BGP has been setup, I am curious how I can go about configuring our 9300 so that if BGP fails, to just go back through the Meraki MX S2S.

Here is a very basic diagram of the physical connections:

Here are some snippets of the configs:

!
vlan 1070
 name Azure
!
interface GigabitEthernet2/0/48
 description ***AZURE EXPRESS ROUTE***
 switchport trunk allowed vlan 1070
 switchport mode trunk
!
interface Vlan100
 ip address 10.1.100.1 255.255.254.0
!
interface Vlan101
 ip address 10.1.1.1 255.255.255.0
!
interface Vlan1070
 ip address 10.50.X.1 255.255.255.252
!
router bgp 6XXX2
 bgp log-neighbor-changes
 neighbor 10.50.X.2 remote-as 12076
 neighbor 10.50.X.2 password XXXXX
 !
 address-family ipv4
  network 10.1.1.0 mask 255.255.255.0
  network 10.1.100.0 mask 255.255.254.0
  neighbor 10.50.X.2 activate
 exit-address-family
!
ip route 0.0.0.0 0.0.0.0 10.1.1.X

end

Any help would be greatly appreciated.

Jon Marshall · ‎05-03-2021

Well as long as you are not relying on a default route from the Azure setup then I don't think you need to do anything.

The more specific routes are always used so as long as BGP is up and you are receiving those routes you should go via that route and if BGP goes down then the default route will be used.

Can't say what will happen for return traffic without knowing more about the other end.

Jon

View solution in original post

Jon Marshall · ‎05-03-2021

Not done the Azure thing but are you receiving specific routes from them or a default ?

Also you have a default in your configuration, what is the next hop for that ?

Jon

Huddles18 · ‎05-03-2021

Hey Jon,

Yeah, the Azure setup is pretty weird. It's been taking me some time to get that configuration straight. I don't have quite the grasp on how it works. Most of the vendors I talked to about it just shrug their shoulders at me. I have a meeting with Azure in a little, so I hope to get a better understanding of it soon.

Yes, our Azure network is advertising our subnet up there and I can see the advertisements of all subnets involved when I run the show ip bgp command.

The default route goes to our Meraki MX, which is our edge device.

Jon Marshall · ‎05-03-2021

Well as long as you are not relying on a default route from the Azure setup then I don't think you need to do anything.

The more specific routes are always used so as long as BGP is up and you are receiving those routes you should go via that route and if BGP goes down then the default route will be used.

Can't say what will happen for return traffic without knowing more about the other end.

Jon

Huddles18 · ‎05-04-2021

Ahh ok. Yeah, that makes sense.

Both ends have a static route going to the Meraki S2S. Everything seems to work with BGP being advertised without changing any of the routes.

I appreciate the clarification!