HSRP Redundancy in Multi-homed ISPs - BGP AS-Path prepending

6/24/2013

 
In this lab, we are going to use IBGP and EBGP for peer relationship. HSRP will provide us redundant gateways as if active fail; standby will take the place of active HSRP. Read requirements carefully.
Picture
Requiremnents:
  • Configure IP Addresses as per diagram. Configure one loop back address 5.5.5.5 on Internet router.
  • Configure HSRP on both HSRP1 (Active) and HSRP2 (standby). Track interface between HSRP1 & ISP1 and HSRP2 & ISP2 for fail-over.
  • Without doing any configuration related to propagating any network to neighbors, redistribution, static routing. Make sure network 100.10.10.0 should communicate to network 5.5.5.5.
  • Packet coming from internet router to LAN should take preffered path and ensure that secondary path route becomes less preferred as compared to preferred path
  • Demonstrate internet router path for 100.10.10.0 network by using show ip bgp 100.10.10.0 command and by traceroute.
! HSRP1 Configuration
interface Serial0/0
ip address 16.16.16.1 255.255.255.0
no shut

interface FastEthernet0/1
ip address 100.10.10.1 255.255.255.0
no shut

standby 10 ip 100.10.10.100
standby 10 priority 150
standby 10 preempt delay minimum 70

standby 10 track Serial0/0 60

router bgp 50
network 100.10.10.0 mask 255.255.255.0
neighbor 16.16.16.2 remote-as 80
neighbor 100.10.10.2 remote-as 50
neighbor 100.10.10.2 next-hop-self

! HSRP2 Configuration
interface FastEthernet0/0
ip address 100.10.10.2 255.255.255.0
no shut

standby 10 ip 100.10.10.100
standby 10 priority 120
standby 10 preempt
standby 10 track Serial0/0

interface Serial0/0
ip address 22.22.22.1 255.255.255.0
no shut

router bgp 50
network 100.10.10.0 mask 255.255.255.0
neighbor 22.22.22.2 remote-as 200
neighbor 22.22.22.2 route-map AS-Path-Append out

neighbor 100.10.10.1 remote-as 50
neighbor 100.10.10.1 next-hop-self

access-list 10 permit 100.10.10.0


route-map AS-Path-Append permit 10
match ip address 10
set as-path prepend 50




! ISP1 Configuration
interface Serial0/0
ip address 16.16.16.2 255.255.255.0
no shut

interface Serial0/1
ip address 160.16.16.1 255.255.255.0
no shut

router bgp 80
neighbor 16.16.16.1 remote-as 50
neighbor 160.16.16.2 remote-as 500

! ISP2 Configuration
interface Serial0/0
ip address 22.22.22.2 255.255.255.0
no shut

interface Serial0/1
ip address 210.16.16.2 255.255.255.0
no shut

router bgp 200
neighbor 22.22.22.1 remote-as 50
neighbor 210.16.16.1 remote-as 500

! Internet Configuration
interface Loopback0
ip address 5.5.5.5 255.255.255.0

interface Serial0/0
ip address 160.16.16.2 255.255.255.0
no shut

interface Serial0/1
ip address 210.16.16.1 255.255.255.0
no shut

router bgp 500
network 5.5.5.0 mask 255.255.255.0
neighbor 160.16.16.1 remote-as 80
neighbor 210.16.16.2 remote-as 200
Configuration Explanation










70 seconds delay so that BGP routes get into routing table.
Tracking serial 0/0 so that if it gets failed; HSRP shift role to standby router























when communicating to neighbor 22.22.22.2 and sending information out to it; BGP should consult route-map name AS-PAth-Append



Access list 10 permitting route. (We use this in route map)

Here comes route map
route map will match all ip addresses in access list 10
if match found then it will prepend its AS-Path attribute with 50. This will let outside world (AS) perceive that this route is the longest one as compared some other actually equal route.

BGP network verification

Internet#show ip bgp 100.10.10.0
BGP routing table entry for 100.10.10.0/24, version 3
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Flag: 0x820
  Advertised to update-groups:
        1
  200 50 50 [Look here you see that actual AS-Path should have (200 50) but due to route map and AS-Path prepend applied on HSRP2 router; Router AS path is showing that this route will go from 3 AS]
    210.16.16.2 from 210.16.16.2 (210.16.16.2)
      Origin IGP, localpref 100, valid, external
  80 50 [Here there are 2 AS in AS-Path; hence preferable]
    160.16.16.1 from 160.16.16.1 (160.16.16.1)
      Origin IGP, localpref 100, valid, external, best

Trace route verification

When both HSRP routers are running cool and tracked interfaces have no issues at all. Following is the trace route.

pc1V10[1]> tracert 5.5.5.5
traceroute to 5.5.5.5, 64 hops max, press Ctrl+C to stop
 1   100.10.10.1   70.000 ms  62.000 ms  40.000 ms
 2   16.16.16.2   80.000 ms  40.000 ms  36.000 ms
 3   *160.16.16.2   107.000 ms

(Please note that as 5.5.5.5 is a loopback thats why
traceroute just stops here)

Anyhow see the path. PAckets are taking HSRP1 path.

Now I have shutdown HSRP and ISP1 interface so that HSRP2 should take Active role. Now see results

Internet#show ip bgp 100.10.10.0
BGP routing table entry for 100.10.10.0/24, version 4
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Flag: 0x820
  Advertised to update-groups:
        1
  200 50 50
    210.16.16.2 from 210.16.16.2 (210.16.16.2)
      Origin IGP, localpref 100, valid, external, best

Please note that now previously preferred route is not there
pc1V10[1]> tracert 5.5.5.5
traceroute to 5.5.5.5, 64 hops max, press Ctrl+C to stop
 1   100.10.10.2   60.000 ms  30.000 ms  30.000 ms
 2   22.22.22.2   60.000 ms  40.000 ms  40.000 ms
 3   *210.16.16.1   72.000 ms

(Please note that as 5.5.5.5 is a loopback thats why
traceroute just stops here)

Anyhow see the path. PAckets are taking HSRP2 path.

Comments are closed.