Solved: HSRP BFD for BGP

Terence Lockette · ‎08-21-2013

Hello all,

I was wondering if BFD for BGP would detect routing failures in the ISPs network and will allow for failover in the event that an ISP has a failure on their network? We have 2 connections to the same ISP and am looking for a way to implement failover if our ISP has an issue on their end. Our current HSRP configuration will only take effect if an interface on our router goes down. Yesterday, our ISP had a failure on the primary connection and I had to force HSRP failover by configuring a higher priority on our other Internet router. I'm looking for an automated solution to this issue.

Thanks,

Terence

Harold Ritter · ‎08-21-2013

Hi Terence,

You are correct in saying that IOS will not allow another BGP instance to be configured and that it would generate an error message if you try to do so. You do not need to configure another instance though. iBGP would be configured under the existing BGP instance. This BGP instance would handle both the eBGP session towards the ISP and the iBGP session towards the other Internet facing router. You would need to set the local preference higher for routes learned from the ISP on the primary router, so that these routes are preferred. Under normal conditions, the primary router would prefer routes learned from the ISP over the iBGP routes learned via the secondary router. If the primary lost its connection to the ISP, the routes learned via iBGP would be used. Bear in mind that in this scenario, there is still a risk that you would lose Internet connectivity if a major issue happens in the ISP network, since both your primary and secondary connection are with that same ISP. The ideal scenario would be to use a different ISP for the secondary connection . But that is a different story.

Regards

View solution in original post

Harold Ritter · ‎08-21-2013

Terence,

BFD is more of a technique to test for link failure and will not help you if the failure is further down in the ISP network. One way to handle the redundancy here would be to run iBGP between your two routers and let them converge if you should stop receiving routes via the primary router. This technique has been used for a long time, is widely deployed and has proven to be very stable.

Regards

Terence Lockette · ‎08-21-2013

Thanks! Since I can only run one instance of BGP on my router, how can I implement iBGP? I currently run BGP on both Internet routers with my ISP.

Harold Ritter · ‎08-21-2013

Hi Terence,

I probably misunderstood your topology. From your original message, I understood that you have two routers, each one running an eBGP session to the same provider and that you run one of these two routers as HSRP primary and the other as HSRP secondary. Does that reflect your topology?

Regards

Terence Lockette · ‎08-21-2013

Yes that would be correct.

Harold Ritter · ‎08-21-2013

Thanks for the confirming the topology, You can then configure iBGP between these two routers, in addition to the eBGP session they have towards the ISP. It is usually recommended to use another interface between these two routers to run the iBGP session rather than using the LAN interface.

Regards

Terence Lockette · ‎08-21-2013

Currently, the two Internet routers are ASR1001s. Gi0/0/0 is pointing towards the ISP, Gi0/0/1 is configured with an IP from a public block we purchased and has the HSRP config, and Gi0/0/2 is pointing back towards our LAN and has a management VRF. I was, however, under the impression that you can only run one instance of BGP on a router. If you try to configure another BGP instance, it kicks back a message saying that BGP is already running (or something similar). Is that correct?

Harold Ritter · ‎08-21-2013

Hi Terence,

You are correct in saying that IOS will not allow another BGP instance to be configured and that it would generate an error message if you try to do so. You do not need to configure another instance though. iBGP would be configured under the existing BGP instance. This BGP instance would handle both the eBGP session towards the ISP and the iBGP session towards the other Internet facing router. You would need to set the local preference higher for routes learned from the ISP on the primary router, so that these routes are preferred. Under normal conditions, the primary router would prefer routes learned from the ISP over the iBGP routes learned via the secondary router. If the primary lost its connection to the ISP, the routes learned via iBGP would be used. Bear in mind that in this scenario, there is still a risk that you would lose Internet connectivity if a major issue happens in the ISP network, since both your primary and secondary connection are with that same ISP. The ideal scenario would be to use a different ISP for the secondary connection . But that is a different story.

Regards

Terence Lockette · ‎08-21-2013

Ok great! Thanks for all the information. I'll look into this BGP configuration as I'm not too familiar with more advanced configurations of the protocol. I do agree that using 2 different ISPs would help but that's not my call for now, haha. Thanks again!

Regards,

Terence