Two ISP, HSPR, BGP, Load Balancing and Failover.

staticprop · ‎03-02-2012

Hello,

I am trying to setup a scenario in my lab for a customer and need some configuration help.

Background: My customer has a class C block of public IP addresses behind two border routers. Each router is connected to a different ISP. Both routers are configured to use HSRP for failover and load balancing the outbound the traffic between the two ISP. Customers has a registered ASN with IBGP between the two routers and EBGP with each ISP. If the ISP sends out a maitenance notification stating the core router is going down for maintenance they have to manually initiate HSRP failover to send traffic to the other ISP. The reason being something is not configured properly.

1. Primary goal is to test and verify an automatic failover solution when an the upstream ISP core router goes down for service. Not the directly connected neighbor.

2. Need the config verified (leaving out template router commands and BGP route filters) by peers.

The Lab: Four Cisco routers.

Router 1 and Router 3 are used for the customer network

Router 2 and Router 4 are used for ISP 1 and ISP 2.

--------- ---------

| 2 | | 4 |

--------- ---------

| 1 | | 3 |

--------- ---------

#### Router 1 Configuration (Customer Owned) ####

interface Ethernet0/0

ip address 10.20.20.5 255.255.255.0

no ip redirects

standby 1 ip 10.20.20.10

standby 1 priority 105

standby 1 preempt

standby 1 track Ethernet0/1

standby 2 ip 10.20.20.20

standby 2 prempt

standby 2 track Ethernet0/1

interface Serial0

description P2P with ISP 1

ip address <public-routable.1> 255.255.255.252

router bgp 64512

no synchronization

bgp log-neighbor-changes

network 10.20.20.0

neighbor <public-routable.3> remote-as 64513

neighbor 10.20.20.6 remote-as 64512

neighbor 10.20.20.6 next-hop-self

no auto-summary

ip classless

ip route 10.20.20.0 255.255.255.0 Null0

#### Router 2 (ISP Owned) ####

interface Ethernet0/0

description P2P with Customer

ip address <public-routable.2> 255.255.255.252

no ip directed-broadcast

!

interface Ethernet0/1 (Connected to a switch at the moment. I figure I may need another device to configure with a different ASN to push routes from. Not sure???)

ip address 30.30.30.5 255.255.255.0

no ip directed-broadcast

!

router bgp 6513

no synchronization

network 30.30.30.0 mask 255.255.255.0

neighbor <public-routable.1> remote-as 64512

no auto-summary

#### Router 3 Configuration (Customer Owned) ####

interface Ethernet0

ip address 10.20.20.6 255.255.255.0

no ip redirects

standby 1 ip 10.20.20.10

standby 1 preempt

standby 1 track Serial0

standby 2 ip 10.20.20.20

standby 2 priority 105

standby 2 prempt

standby 2 track Serial0

interface Ethernet0/1

description P2P with ISP 2

ip address <public-routable.2> 255.255.255.252

router bgp 64512

no synchronization

bgp log-neighbor-changes

network 10.20.20.0

neighbor <public-routable.4> remote-as 64515

neighbor 10.20.20.5 remote-as 64512

neighbor 10.20.20.5 next-hop-self

no auto-summary

ip classless

ip route 10.20.20.0 255.255.255.0 Null0

#### Router 4 (ISP Owned) ####

interface Ethernet0/0

description P2P with Customer

ip address <public-routable.4> 255.255.255.252

no ip directed-broadcast

!

interface Ethernet0/1 (Connected to a switch at the moment. I figure I may need another device to configure with a different ASN to push routes from. Not sure???)

ip address 40.40.40.5 255.255.255.0

no ip directed-broadcast

!

router bgp 64515

no synchronization

network 30.30.30.0 mask 255.255.255.0

neighbor <public-routable.2> remote-as 64512

no auto-summary

Thanks for the advice, help or silly comments.

sp

tironevi · ‎03-02-2012

Does the ISP advertise any routes to the customer routers? If so you can configure tracking of these routes. So basically if there is an outage in the providers network these routes should no longer appear in the customer RIB. With tracking of routes enabled HSRP will decrement its priority should the routes disappear from the RIB. BTW are any routes exchanged between the ibgp session? If you need a config example for this let me know.

staticprop · ‎03-03-2012

Yes. Both ISP advertise routes received from peers. No internal routing. Routers 1 and 3 are the only ones on the internal network. Advertising a single prefix.

I read a little bit on this here:

http://www.cisco.com/en/US/docs/ios/ipapp/configuration/guide/ipapp_eot.html#wp1054699

It looks like this is the command needed.

track object-number ip route ip-address/prefix-length reachability

A sample config would be great.

Thanks

sp

tironevi · ‎03-13-2012

Not sure if your issue is resolved, but here is a quick example....

Lets say that ISP A advertises prefix 31.31.31.0/24 to the customer router you can configure HSRP in the following way

track 30 ip route 31.31.31.0 255.255.255.0 reachability

interface ethernet0

ip address 10.20.20.5 255.255.255.0

no ip redirects

standby 1 ip 10.20.20.10

standby 1 priority 105

standby 1 preempt

standby 1 track Ethernet0/1

standby 1 track 30

standby 2 ip 10.20.20.20

standby 2 prempt

standby 2 track Ethernet0/1

standby 1 track 30

The same logic can be applied to routes that are advertised from ISP B.

Keep in mind to accomplish what you want, it is key that you track prefixes that originated beyond the onsite Provider Routers (R2,R4). Also, for this work you cannot exchange the tracked prefixes between the customer routers (R1-R3). Based on what you said earlier you are only exchanging only local prefixes, but from the config extract you provided I see nothing preventing the exchange of provider learned prefixes between the R1 and R3.

Also to build some resiliency, you may want to track more then one prefix to ensure it is a network a true outage and not just one prefix issue. This can be done by configuring track list....I can help you with that if needed, but first verify if the above meets your requirements.

Regards,