[j-nsp] Ideas on failure detection for a peering exchange shared between two routers.

[Jonathan Call]

I've run into a corner case with a peering exchange that has me a little stumped for a solution that doesn't require redesigning the whole thing:

Two MX80 routers participate in the same peering exchange. (A Primary and Secondary) Each has an interface configured in the same IP network within that IX. During a random bad event (maintenance error or fiber failure within the IX) the primary router loses access to everything on the IX network but it's link stays up. The secondary router is not impacted by the event. When this happens BGP on the primary router detects the loss of connectivity to its peers and updates all of its routes based on the BGP table from the secondary router. But because the peering link on the primary router is still UP/UP, the forwarding table says the next-hop is available via the bad interface. Here is an example of a Google route being learned on the IX:

34.84.0.0/14       *[BGP/170] 1d 02:06:40, MED 0, localpref 220, from 172.xx.xx.49
                      AS path: 15169 I, validation-state: unverified
                    > to 19x.xx.x.113 via xe-0/0/2.0

Any way to work around this scenario?