Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1159
Views
0
Helpful
3
Replies

Regarding dual-homed ISP for Internet connection

LakshmiPrabu
Level 1
Level 1

‎12-20-2017 04:39 AM - edited ‎03-05-2019 09:40 AM

Hi, 

 

Recently we had a situation in the network where one of the ISP links had failed. We have two ASR routers connecting to ISP-A and ISP-B. ISP-A is the primary router for outbound traffic whereas the inbound traffic has both ISP-A and ISP-B advertising the public routes of the company to the internet. 

 

ISP-B had failed due to a provider issue. For a specific duration of time (say - 13 minutes). From a set of internal proxy IPs traffic was sent to a external URL for authentication. The outbound traffic to the external URL was via ISP-A whereas the reverse traffic seemed to follow the path of ISP-B to reach to my organization. 

 

Sine ISP-B has failed, the reverse traffic did not reach my organization's internet routers. Is it something that I can do to control this so that the reverse traffic also comes to ISP-A itself whenever ISP-B has failed. 

 

Secondly, I have a advertise map which has the below statement

 

neighbor x.x.x.x advertise-map TheAdvertiseMap non-exist-map TheNonExistCondition

 

In the advertise-map I have referenced a prefix-list for the prefix A.A.A.A/24

 

In the non-exist route-map I have referenced a ip-prefix list and a bgp community-list 

route-map TheNonExistCondition permit 50
match ip address prefix-list LocalPrefixes
match community TheCommunityList

 

This prefix list also uses A.A.A.A/24

The community list is configured as ip community-list expanded TheCommunityList permit 10005:5555

 

While verifying the routes received through this BPG community list I could see a subnet received on the BPG table. 

 

I would like to understand the application of advertise map and its related route-map and community 

Labels:
0 Helpful
3 Replies 3

thecrev
Level 1
Level 1

‎12-20-2017 10:17 AM

If you are advertising your prefix to each ISP, and they are properly advertising them to the internet, then everything should work automatically. In this situation, you wouldn't need the advertise-map neighbor statement. If your link to ISP-B is lost, then ISP-B should stop advertising your prefix to the internet, so the internet would automatically start sending return traffic to ISP-A.

 

To understand the advertise-map neighbor statement a little easier, it's best to read it from right to left. So let's take yours as an example:

 

neighbor x.x.x.x advertise-map TheAdvertiseMap non-exist-map TheNonExistCondition

 

This statement basically says "If the network prefix in TheNonExistCondition map doesn't exist in my routing table, then advertise the network prefix in TheAdvertiseMap map to my other neighbor x.x.x.x".

 

 

0 Helpful

LakshmiPrabu
Level 1
Level 1
In response to thecrev

‎12-20-2017 10:19 AM

The actual case here is there is a prefix list and community list as well
called inside the NonexistCondition
0 Helpful

thecrev
Level 1
Level 1
In response to LakshmiPrabu

‎12-20-2017 10:59 AM

I haven't looked at the docs, but assuming that the community list is a
valid parameter for advertise-maps, then the statement would also check to
see if there are any routes in the local routing table that are labeled
with that community string.

I'm guessing it would be an AND statement. No routes with thisPrefix AND no
routes with thisCommunity

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card