[c-nsp] automating router failover in eBGP environment

Adam Greene maillist at webjogger.net
Thu Mar 14 11:11:52 EDT 2013 

Hi guys,

I received a number of off-list replies which all tended toward:
-	run HSRP on LAN side only
-	have both 7204VXR routers peer either with both providers or split
peering up between routers
-	run iBGP between routers
-	consider BFD to speed up convergence

Some more info: the customer has their own ASN and advertises their block to
both upstream providers. They receive default routes from both providers but
one of them has a higher weight.

The only downside to the suggestions is that it may imply coordinating with
the upstream providers, and the customer wants this done by ... tomorrow! So
I may do a short-term fix, then move to a better design as time permits.

If I come up with a solution which seems groovy in any way, I will share.

Thanks,
Adam


-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Adam Greene
Sent: Wednesday, March 13, 2013 5:55 PM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] automating router failover in eBGP environment

Hi guys,

 

Customer has a 7204VXR (15.1(4)M5, Advanced Enterprise K9) running eBGP to
two upstream providers on the WAN side, and to about 10 customers on the LAN
side. The (2) WAN ports and the (1) LAN port are all GigE. They have a
redundant 7204VXR they can manually fail over to when the primary router
fails. 

 

They want to automate the failover.

 

My first thought is to put a switch in front of and behind the two 7204VXR's
and run HSRP, on both the LAN and WAN interfaces of the routers. 

 

Questions: 

-          Will I run into any gotchas with this approach; and 

-          Is there a better way?

 

Convergence is a big issue. It needs to be as fast as possible. I assume BGP
peering will pass to the backup router as fast as HSRP does, since all the
BGP peers care about is the IP address they are peering with, and the
virtual IP will not change during failover.

 

But maybe there is a better / faster way.

 

Thanks for any input / advice.

 

Thanks,

Adam

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list