[c-nsp] First hop redundancy with evc + bridge interface on asrs

Thu May 3 03:06:08 EDT 2012

Hi all

First time post so please be gentle :)

Just wondering what the options are for first hop redundancy when using evc + bridge domain.

The basic topology is two asrs are connected to a switch.
Into that switch is a connection from a local layer 2 fibre provider.
Per customer connections are handed over with 2x dot1q tags.

Router config looks something like below.

The aim is the end user will have an ip (e.g. 192.168.1.1/24) and route via a virtual ip (192.168.1.254) .  If there is a failure second router assumes IP and traffic keeps flowing.  The reason for using the bridge is to save IP addresses - i.e. not assigning a /29 to each connection.

According to http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/chassis/bdi.html hsrp & vrrp isn't supported on the bridge interface.
I have no experience using GBLP but tried using the config below.  This didn't work.
On the client router I could see it learning the GBLP MAC address but pings both ways failed.
The switch in the middle was showing the MAC address as well.

Second option I was looking at trying is using a combination of EEM, ip sla + track.  E.g. router 2 pings router 1, if pings fail the eem applet adds the virtual IP address.  Rough script below.

Any help, advice or a realty check if i'm doing something silly would be greatly appreciated.

Thanks

Bryan

Router 1 (primary)

interface GigabitEthernet0/0/1
no ip address
negotiation auto
service instance 1 ethernet
  encapsulation dot1q 5 second-dot1q 500
  rewrite ingress tag pop 2 symmetric
  bridge-domain 1

interface BDI1
ip address 192.168.1.252 255.255.255.0

Router 2 (backup)

interface GigabitEthernet0/0/1
no ip address
negotiation auto
service instance 1 ethernet
  encapsulation dot1q 5 second-dot1q 500
  rewrite ingress tag pop 2 symmetric
  bridge-domain 1

interface BDI1
ip address 192.168.1.253 255.255.255.0

GBLP Config

interface BDI1
glbp 1 authentication text abc123
glbp 1 preempt
 glbp 1 priority 150 (set lower on backup router)
glbp 1 timers 5 15
glbp 1 ip 192.168.1.254

Script to move IP

ip sla 10
icmp-echo 192.168.1.252
timeout 5000
frequency 5
ip sla schedule 10 life forever start-time now

track 10 ip sla 10 reachability
delay down 10 up 10

event manager applet primary_router_down
event track 10 state down
action 1.0 syslog msg "Primary router offline"
action 1.1 cli command "enable"
action 1.2 cli command "conf t"
action 1.3 cli command "int bdi1"
action 1.4 cli command "ip address 192.168.1.254 secondary"
action 1.5 cli command "exit"
action 1.6 cli command "wr"

event manager applet primary_router_up
event track 10 state up
action 1.0 syslog msg "Primary router online"
action 1.1 cli command "enable"
action 1.2 cli command "conf t"
action 1.3 cli command "int bdi1"
action 1.4 cli command "no ip address 192.168.1.254 secondary"
action 1.5 cli command "exit"
action 1.6 cli command "wr"