Solved: Track based on the BGP session state - To HSRP

Douglas Fernando Fischer · ‎01-05-2012

Hello everyone,

we are having problem with HSRP because we are tracking the wrong parameter.

I will explain:

My scenario is:

Two 2811 connected to a LAN.

They are doing HSRP in this LAN.

Each one of those 2811 are connected to a MPLS link.

Each one have a BGP Session with the MPLS provider.

Each link goes for a different media(Radio, F.O.), and each one goes to a different Border-Router of the MPLS provider.

I define who is the preferred route to the MPLS Cloud with a prepend in a route-map on the last preferred router.

On the HSRP I define who is active and who is standby with a Track on each 2811.

This track is based on a SLA with a ICMP-Echo to the next-hop int the Wan Link of MPLS.

It were working well, but recently we saw that it only monitors the connectivity with the next-hop.

We saw it because in 2 weeks happened 5 times a fall of the BGP Session on the primary link, but the connectivity to the next-hop were good.

When it happened, the Track remained up, and the HSRP was not migrated to the secondary router.

To solve it it thought that I could monitor:

if the BGP session with that neighbor is UP.
if the Router is receiving a specific route from the MPLS.

Does anyone has any suggestion?

Edison Ortiz · ‎01-05-2012

Andrew,

I concur with the iBGP design. However, with this design, you don't don't need track anything with HSRP.

As you stated, If the primary VIP loses its BGP connection to the outside world, it will use its iBGP learned routes to forward its traffic.Tracking can introduce some false positives depending how it is configured /as noted by Douglas/.

View solution in original post

andrew.prince · ‎01-05-2012

Here is a thought - why not just create an iBGP session between the two 2811 routers, then your HSRP can just monitor the physical interface of the MPLS connection? If the BGP session fails from 1 peer but the physical interface is still up/up - it does not matter as that router will be receveing all BGP routes via the other router and vice versa??

Edison Ortiz · ‎01-05-2012

Andrew,

I concur with the iBGP design. However, with this design, you don't don't need track anything with HSRP.

As you stated, If the primary VIP loses its BGP connection to the outside world, it will use its iBGP learned routes to forward its traffic.Tracking can introduce some false positives depending how it is configured /as noted by Douglas/.

andrew.prince · ‎01-05-2012

Douglas Fernando Fischer · ‎01-05-2012

I've already implemented Eigrp between 2811.

It redistributes BGP received routes each other.

So the H.A. Solution is complete:

If one of the 2811 goes down, the other 2811 assumes by HSRP.
If one of the links(or the provider's router) goes down, the other 2811 assumes by HSRP in track decrement.
If the wan link remains up but the BGP session in this link goes down, the primary 2811 keeps active on HSRP and forward to secondary 2811 by Eigrp.

The only negative side of this scenario is the extra hop and asymmetric round trip in the 3rd case.

mvsheik123 · ‎01-05-2012

Hello,

You may want to consider Cisco EEM (embeded event monitoring) feature for your requirement. Search for 'Cisco EEM' in your favourite search engine for details and script configs.

hth

MS