07-31-2011 01:30 AM - edited 03-04-2019 01:08 PM
We have 2 routers and 2 ISPs with BGP, router running in metro-e link and router 2 running in T1 link, the strange thing is when the metro-e link down, still can ping to BGP next-hop ip address, but the BGP session was down. So if there anyway to track BGP session not next ip address so that it will failover to router 2?
07-31-2011 03:40 AM
you could try EEM if you IOS support it bellow example show that the system will automatically will do cli update to the HHSRP priority when the BGP session is down
event manager applet A
event syslog pattern "%BGP-5-ADJCHANGE: neighbor x.x.x.xDown Peer closed the session" -- x.x.x.x BGP peer IP
action 1.0 syslog priority critical msg "EBGP Session to peer is down"
action 2.0 cli command "enable"
action 3.0 cli command "conifg t"
action 4.0 cli command "interface fa x/x"
action 5.0 cli command " standby x priority 80 " --- 80 suppsed to be lower than the other HSRP peer
router bgp xxxx
bgp log-neighbour-changes
you need another applet like the above but the syslog patten match the BGP peer up and change th HSRP priority to something higher to bring it back as active
HTH
if helpful Rate
07-31-2011 04:14 AM
but how to automatically swap back to router 1 if the bgp session in router 1 restore?
07-31-2011 04:34 AM
As I mentioned above, you can create another EEM applet that check syslog of peer up not down like the above and it go to config mode same as above and increase the priority to 110 for example
Sent from Cisco Technical Support iPhone App
08-01-2011 05:11 AM
the EEM seems like not working, while i shutdown the bgp session, i didn't see any log show EEM is kick in? We have enable password in the router, and is the EEM working without people interactive router?
08-01-2011 06:29 AM
this is can be done even with password, you can search the Network management for a lot of EEM with BGP configs and you can post your recruitments there if you like EEM example for your case
the solution suggested by Edison, will give you automated failover as well, and there is no impact if you have enough bandwidth in the link that inter connect your BGP routers
HTH
08-01-2011 08:11 AM
EEM seems working after i double the logginh:
%HA_EM-2-LOG: BGP_down: EBGP Session to peer is down
%HA_EM-2-LOG: BGP_up: EBGP Session to peer is up
but how i can sure that EEM will running without people login into router and without the enable password (or should i add the enable password in action)?
08-01-2011 04:25 PM
i do not think you need the enable password, otherwise you wouldnt see it working if th eapplet couldnt login
you can test it in you router or a quick lab
please rate the helpful posts in this discussion
HTH
08-01-2011 08:40 PM
that could be due to i already logging in the router, still logging after i shutdown the interface for testing via console.
08-01-2011 08:55 PM
EEM uses vty and even if you loged in it uses diffrent session anyway
- log out from the router drop the bgp session then login and check which router is the HSRP active, give it a time so that the sssions gose down and bgp send the log msg
HTH
07-31-2011 03:48 PM
Why don't you setup an IBGP between the 2 routers?
If the eBGP session to the ISP goes down, the IBGP session will route the traffic from the failed connection to the secondary router. Once the connection is restored, it will use the eBGP session as before.
Regards,
Edison
08-01-2011 04:19 AM
but we wanted the traffic to Internet always go to ISP A which is using r1, if i configure ibgp between 2 routers will have any impact?
08-01-2011 05:32 AM
if you run iBGP between the 2 routers, make sure your primary Internet router has local preference higher than 100 (default) and prepend AS outbound to the eBGP neighbor on the secondary, making this path less preferred.
This means that in non failure scenario your primary router routes all traffic, and if the primary link fails, will advertise these same routes using iBGP.
No worries
08-01-2011 07:30 AM
As stated, you can use the BGP metrics to alter to traffic engineer your flows.
If you want R1 to be the primary exit router, then apply a local-preference of 200 on incoming flows - for instance:
route-map local-pref permit 10
set local-preference 200
router bgp x
neighbor x.x.x.x route-map local-pref in
For traffic entering your network, you can use as-path prepend on R2:
route-map as-path permit 10
set as-path prepend x x
router bgp x
neighbor x.x.x.x route-map as-path out
Regards,
Edison
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: