[j-nsp] BGP peering from a VIP address
kim at halavakoski.net
Fri Mar 28 12:57:24 EDT 2008
I'm no BGP guru but I can put in my guess on the "motivation" part:
Cost :) Atleast that was something we considered when planning our
multi-homing solution @work and not being completely fluent in BGP
Consider the following setup:
2 routers, 2 peerings: 1 peering to router 1 and 1 peering to router
2, igp between router 1 and router 2. Getting two BGP-sessions to each
transit to have a full mesh will in most cases double the cost for
that transit capacity, so instead of having 2 * X Mbps costs you would
have 4 * X Mbps costs.
By configuring the BGP to a VIP on the routers one would think that
there is another layer of resilency for hardware failure in the VRRP
instead of just relying on BGP timers / BFD to fail over traffic to
the other BGP session...but like Pekka said, I'm not sure about the
motivation and real facts here... :)
What would be the major drawbacks/differences between using 2
peerings, 4 peerings fully meshed and 2 peerings to router VIPs in the
On 28 Mar 2008, at 18:30, Pekka Savola wrote:
> On Fri, 28 Mar 2008, Stefan Fouant wrote:
>> There is some internal debate here in my office today as to whether
>> or not
>> Juniper can support a BGP implementation in conjunction with VRRP,
>> as in,
>> BGP is sourced from a VRRP VIP address.
>> Now before everyone attempts to tear me a new one... I should
>> state that
>> I'm pretty sure this shouldn't be done and to do so would pretty
>> much break
>> the protocol in every way imaginable... however, I am being told
>> that Cisco
>> has some knobs to accomplish this and I just want to be certain if
>> can do something along these lines...
> I guess this would work, for some definition of "work", if you add
> "accept-data" under VRRP config.
> The BGP session would flap when VRRP mastership switches (TCP reset,
> so it would likely be re-established quickly), but depending on the
> number of routes carried and some other BGP timers, this would be
> I'm not sure what motivation there would be to configure BGP to VIP
> address, instead of just having two BGP sessions and tuning down BGP
> timers (and/or using BFD).
> Pekka Savola "You each name yourselves king, yet the
> Netcore Oy kingdom bleeds."
> Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
> juniper-nsp mailing list juniper-nsp at puck.nether.net
More information about the juniper-nsp