Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
852
Views
5
Helpful
5
Replies

shorten time span to failover between 2 isp

ucha arifki
Level 1
Level 1

‎10-26-2022 12:45 AM

Hello guys, looking for some references.
currently my network have 2 different ISP. 1 as a main link and the other as the backup if the main link goes down.
I've tested 2 times by shutdown the main link and ping to the loopback address from outside network to check whether the failover works or not, and luckily it does work.
the 1st attempt it takes around 8 sec to switch to the backup link.
the 2nd attempt it takes around 12 sec to switch to the backup link.

Is it possible to shorten the time span to switch to the backup link? or even better if there are no time out when the main link goes down.

heres the topology

uchaarifki_0-1666770206410.png

here's my configuration, device used is cisco asr1001-x

!
interface Loopback1
 ip address 198.51.101.240 255.255.255.255
!
!
interface GigabitEthernet0/0/0.123
 description INP-FO-ISAT
 encapsulation dot1Q 123
 ip address 114.5.179.150 255.255.255.252
!
interface GigabitEthernet0/0/0.155
 description INIX-FO-ISAT
 encapsulation dot1Q 155
 ip address 124.195.39.226 255.255.254.0
!
!
interface GigabitEthernet0/0/1.144
 description INIX-RADIO-RADMILLA
 encapsulation dot1Q 144
 ip address 103.158.98.150 255.255.255.252
!
!
interface GigabitEthernet0/0/1.321
 description INP-RADIO-RADMILLA
 encapsulation dot1Q 321
 ip address 103.158.98.146 255.255.255.252
!
interface GigabitEthernet0/0/2
 description TO-FIREWALL
 ip address 10.200.0.1 255.255.255.252
 negotiation auto
!
!
router bgp 149176
 bgp log-neighbor-changes
 neighbor 103.158.98.145 remote-as 141125
 neighbor 103.158.98.149 remote-as 141125
 neighbor 114.5.179.149 remote-as 4761
 neighbor 124.195.38.1 remote-as 17922
 neighbor 124.195.39.1 remote-as 17922
 !
 address-family ipv4
  network 103.158.98.144 mask 255.255.255.252
  network 103.158.98.148 mask 255.255.255.252
  network 114.5.179.148 mask 255.255.255.252
  network 124.195.38.0 mask 255.255.254.0
  network 198.51.101.0
  redistribute static
  neighbor 103.158.98.145 activate
  neighbor 103.158.98.145 soft-reconfiguration inbound
  neighbor 103.158.98.145 route-map RADM-INIX-TO-ITB-AJW in
  neighbor 103.158.98.145 route-map RADM-INIX-PREPEND-ITB-AJW-OUT out
  neighbor 103.158.98.149 activate
  neighbor 103.158.98.149 soft-reconfiguration inbound
  neighbor 103.158.98.149 route-map RADM-INP-TO-ITB-AJW in
  neighbor 103.158.98.149 route-map RADM-INP-ITB-AJW-OUT out
  neighbor 114.5.179.149 activate
  neighbor 114.5.179.149 soft-reconfiguration inbound
  neighbor 114.5.179.149 route-map INP-TO-ITB-AJW in
  neighbor 114.5.179.149 route-map INP-ITB-AJW-OUT out
  neighbor 124.195.38.1 activate
  neighbor 124.195.38.1 soft-reconfiguration inbound
  neighbor 124.195.38.1 route-map INIX-TO-ITB-AJW in
  neighbor 124.195.38.1 route-map INIX-PREPEND-ITB-AJW-OUT out
  neighbor 124.195.39.1 activate
  neighbor 124.195.39.1 soft-reconfiguration inbound
  neighbor 124.195.39.1 route-map INIX-TO-ITB-AJW in
  neighbor 124.195.39.1 route-map INIX-PREPEND-ITB-AJW-OUT out
 exit-address-family
!
ip forward-protocol nd
no ip http server
no ip http secure-server
ip tftp source-interface GigabitEthernet0
ip route 0.0.0.0 0.0.0.0 103.158.98.145 50
ip route 10.200.0.0 255.255.0.0 10.200.0.2
ip route 198.51.101.0 255.255.255.0 10.200.0.2
!
ip prefix-list DEFAULT-ROUTE seq 5 permit 0.0.0.0/0
!
ip prefix-list DENY-ALL seq 5 deny 0.0.0.0/0 le 32
!
ip prefix-list ITB-AJW-ROUTE seq 10 permit 198.51.101.0/24
access-list 1 permit 167.205.23.29
access-list 1 permit 167.205.23.19
access-list 1 permit 167.205.1.247
!
!
route-map RADM-INP-ITB-AJW-OUT permit 10
 match ip address prefix-list ITB-AJW-ROUTE
 set as-path prepend 149176 149176 149176 149176
!
route-map INIX-PREPEND-ITB-AJW-OUT permit 10
 match ip address prefix-list ITB-AJW-ROUTE
 set as-path prepend 149176 149176
!
route-map RADM-INIX-TO-ITB-AJW permit 10
 set local-preference 300
!
route-map INIX-TO-ITB-AJW permit 10
 set local-preference 500
!
route-map RADM-INIX-PREPEND-ITB-AJW-OUT permit 10
 match ip address prefix-list ITB-AJW-ROUTE
 set as-path prepend 149176 149176 149176 149176 149176 149176
!
route-map INP-ITB-AJW-OUT permit 10
 match ip address prefix-list ITB-AJW-ROUTE
!
route-map RADM-INP-TO-ITB-AJW permit 10
 set local-preference 300
!
route-map INP-TO-ITB-AJW permit 10
 match ip address prefix-list DEFAULT-ROUTE
 set local-preference 500
!

 Thanks!

0 Helpful
5 Replies 5

Georg Pauwen
VIP
VIP

‎10-26-2022 01:06 AM

Hello,

you might want to look into BFD for BGP ('neighbor ip-address fall-over bfd'). See the link attached below.

Configuring BFD Support for BGP

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/xe-16/irg-xe-16-book/bgp-support-for-bfd.html

ucha arifki
Level 1
Level 1
In response to Georg Pauwen

‎10-26-2022 06:12 PM

Hi Georg,
thanks for the input, so the bfd configuration only need to be applied on my router and ISP1 (main link) or need to applied on ISP2 (backup link) too?

0 Helpful

paul.driver
Level 1
Level 1

‎10-26-2022 01:18 AM - edited ‎10-26-2022 01:19 AM

Hello
Next hop tracking and fast failover is enabled by default for (ibgp/ebgp peering ) which should negate the need for the hold timer to be reached before a direct peering is torn down, but if you wish a faster failover you could  decrease those bgp timers or append an independent detection feature such as BFD which is similar to fast failover but is also to non-directly connected ebgp peering

.
Example
bfd-template BFD
interval min-tx 500 min-rx 500 multiplier 5 
< min-tx -rx> = trasmit interval values between the BFD packets
 < multiplier x > =  value of how many packets are require to be missed before peering is deemed unavailble

int x/x
bfd template BFD

or
int x/x
bfd interval min-tx 500 min-rx 500 multiplier 5 

router bgp xxx
neighbor x.x.x.x fall-over bfd 



0 Helpful

paul driver
VIP
VIP

‎10-26-2022 01:22 AM

Hello
Next hop tracking and fast failover is enabled by default for (ibgp/ebgp peering ) which should negate the need for the hold timer to be reached before a direct peering is torn down, but if you wish a faster failover you could  decrease those bgp timers or append an independent detection feature such as BFD which is similar to fast failover but is also to non-directly connected ebgp peering

.
Example
bfd-template BFD
interval min-tx 500 min-rx 500 multiplier 5 
< min-tx -rx> = trasmit interval values between the BFD packets
 < multiplier x > =  value of how many packets are require to be missed before peering is deemed unavailble

int x/x
bfd template BFD

or
int x/x
bfd interval min-tx 500 min-rx 500 multiplier 5 

router bgp xxx
neighbor x.x.x.x fall-over bfd 

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

ucha arifki
Level 1
Level 1
In response to paul driver

‎10-26-2022 06:14 PM

Hi Paul,
thanks for the input, so the bfd configuration only need to be applied on my router and ISP1 (main link) or need to applied on ISP2 (backup link) too?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card