Re: Options for fast peer failure detection with vPC and orphan ports

d-fillmore · ‎05-31-2022

Hi, If migrating from a design where a load of WAN circuits terminate directly on a router to one where the WAN circuits physically terminate on a vPC pair (9300) but logically terminate on a vPC on the router, what are my options for fast peer failure detection?

If the router has a port channel running into 2 x 9300 switches and runs BGP with remote peers from that port channel using the 9300s for L2 transit, ideally I'd use BFD. The problem is that the WAN circuits and devices connecting into the 9Ks aren't running port channels and so are considered orphan ports, which don't support BFD as the VLANs on them are considered vPC VLANs.

Besides reducing the BGP timers to something very low, does anyone have any suggestions for how to implement fast peer detection?

Many Thanks in advance

Dom

balaji.bandi · ‎05-31-2022

If that is orphan port, then that is Limitation, you need to have small downtime here.

how is your toplogy looks like. ? is the single connection difrectly connected ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

d-fillmore · ‎05-31-2022

A router connected into a pair of 9Ks w/routed sub interfaces on a port channel.

WAN circuits and routers connected into each 9K (non-vPC) in a common peering VLAN.

Decoupling the physical and logical termination has caused this issue which I don't think can be remediated using BFD unfortunately.

MHM Cisco World · ‎05-31-2022

can you draw the topology?

d-fillmore · ‎06-01-2022

In the diagram, R1 and R2 will run BGP with each CPE over a common VLAN/subnet. From the 9Ks, the ports connecting to R1 & R2 are in a vPC so the VLAN is considered a vPC VLAN. The ports connecting the 9Ks to the CPEs are considered orphan ports.

The problem I'm trying to fix is that if either CPE went down, R1 or R2 would need to wait until the BGP session times out whereas I'd rather run BFD to detect the failure much quicker.