Categories
Welcome Center
Education & Development
Discussions
Certification Preparation
Recent Posts
Groups
Free Resources
Ebooks
Free Workshops
Trending Certifications Infographic
Infosec Training
IT & Security Training
Live Boot Camps
Security Awareness Training
About Infosec Institute
Home
Discussions
Off Topic
BGP Issue - Need help
Lizano
I have a router with two links, a T1 for back up and a MetroEthernet pipe as the primary. I have BGP on this but when I no shut the T1 interface the site seems to complain about slow speeds, and it seems like their might be some traffic going over the T1, when everything should be going out the Metro pipe, traffic should only go out on the T1 if the larger pipe goes down. I don't want it to load balance, I just want failover.
Here is what I have:
router bgp XXXX
no synchronization
bgp log-neighbor-changes
network 1.1.1.1 mask 255.255.255.0
neighbor a.a.a.a remote-as zzz
neighbor a.a.a.a next-hop-self
neighbor a.a.a.a send-community
neighbor a.a.a.a soft-reconfiguration inbound
neighbor a.a.a.a route-map PRIMARY_OUT out
neighbor b.b.b.b remote-as xxx
neighbor b.b.b.b next-hop-self
neighbor b.b.b.b send-community
neighbor b.b.b.b timers 5 15
neighbor b.b.b.b soft-reconfiguration inbound
neighbor b.b.b.b route-map BACKUP_IN in
route-map PRIMARY_IN permit 10
match as-path 100
set community zzz:100
route-map BACKUP_IN permit 10
set local-preference 80
set community xxx:1507
I didn't set this up, I inheritted it. Any ideas?
Find more posts tagged with
Save $250 on 2025 certification boot camps from Infosec!
Book now with code EOY2025
Button
Comments
deth1k
by the looks of things your predecessor has already configured a route-map to make routes comming in via backup less preferable (although i'd use weight statement on you primary neighbor and get rid of backup_in route-map), however you need to make sure traffic coming into this router is flowing through the primary neighbor. To do so you can use as-path prepend route-map:
route-map PRENED
set as-path prepend *yourAS a few times*
and then apply this to your backup neighbor in the outbound direction.
Also you havent showed us the rest of the config i.e route-map PRIMARY_OUT
Lizano
I found there are 2 other route map that are not being applied to anything, not so sure how they are there and not being applied.
route-map PRIMARY_IN permit 10
match as-path 100
set community zzz:100
!
route-map BACKUP_IN permit 10
set local-preference 80
set community xxxx:1507
!
route-map PRIMARY_OUT permit 10
match as-path 100
set community zzz:100
!
route-map BACKUP_OUT permit 10
match as-path 100
set as-path prepend "AS 228xx"
set community xxx:1507
!
deth1k
as per my post above you need to apply your prepend to the backup neighbor otherwise all your traffic will be leaving primary and some if not all come back via backup.
Lizano
so looking at the config, the prepend was there just the route map was not being applied. So i just need:
neighbor b.b.b.b route-map BACKUP_OUT out ?
deth1k
yep, correct
Lizano
awesome man, thanks.
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
INFOSEC Boot Camps
$250
OFF
Use code
EOY2025
to receive $250 off your 2025 certification boot camp!
BROWSE BOOT CAMPS
