BGP + OSPF Failover

[CiscoFan]

Hello Everyone, 

 

I am having an issue with failing over to my backup internet connection. How I have my home network set up is 2 internet connections, going to 2 different routers. I have OSPF routing inside my home and then going to my friends I have BGP set up between me and them. Anyways, without further ado, here is my configuration. Please let me know if there is something wrong with them. I put the configuration into spoilers so that way it doesn't take up too much space.

 

Router A:

Spoiler

router bgp 64512
 bgp log-neighbor-changes
 network 10.90.100.0 mask 255.255.255.0
 network 10.90.110.0 mask 255.255.255.0
 network 10.200.1.3 mask 255.255.255.255
 network 172.16.2.0 mask 255.255.255.252
 network 192.168.8.0 mask 255.255.254.0
 redistribute ospf 1 metric 0
 neighbor EBGP peer-group
 neighbor EBGP soft-reconfiguration inbound
 neighbor EBGP route-map Failover in
 neighbor EBGP route-map Failover out
 neighbor 10.90.100.1 remote-as 65535
 neighbor 10.90.100.1 peer-group EBGP
 neighbor 10.90.110.1 remote-as 65535
 neighbor 10.90.110.1 peer-group EBGP
 neighbor 172.16.2.2 remote-as 64512

 

router ospf 1
 redistribute static subnets
 redistribute bgp 64512 subnets
 network 10.200.1.3 0.0.0.0 area 0
 network 172.16.1.0 0.0.0.7 area 0
 network 172.16.2.0 0.0.0.3 area 0
 default-information originate metric 110
 redistribute ospf 1 metric 0

 

route-map Failover permit 10
 set metric 15000
 set as-path prepend 64512 64512 64512 64512 64512 64512 64512 64512 64512

1

 

Router B:

Spoiler

router bgp 64512
 bgp log-neighbor-changes
 network 10.90.100.0 mask 255.255.255.0
 network 10.90.110.0 mask 255.255.255.0
 network 10.200.1.4 mask 255.255.255.255
 network 192.168.8.0 mask 255.255.254.0
 timers bgp 30 45
 redistribute ospf 1 metric 0
 neighbor IBGP peer-group
 neighbor IBGP remote-as 64512
 neighbor IBGP route-reflector-client
 neighbor IBGP soft-reconfiguration inbound
 neighbor EBGP peer-group
 neighbor EBGP remote-as 65535
 neighbor EBGP soft-reconfiguration inbound
 neighbor EBGP route-map Secondary in
 neighbor EBGP route-map Secondary out
 neighbor 10.90.100.1 peer-group EBGP
 neighbor 10.90.110.1 peer-group EBGP
 neighbor 172.16.2.1 peer-group IBGP

 

router ospf 1
 redistribute static subnets
 redistribute bgp 64512 subnets
 network 10.200.1.4 0.0.0.0 area 0
 network 172.16.1.8 0.0.0.7 area 0
 network 172.16.2.0 0.0.0.3 area 0
 default-information originate metric 105
 redistribute ospf 1 metric 0

 

route-map Secondary permit 10
 set metric 10000
 set as-path prepend 64512 64512 64512 64512 64512 64512 64512

1

1

 

[beersykins]

What does your failover testing plan look like, and what do you observe when going through that plan?

[CiscoFan]

2 hours ago, beersykins said:

What does your failover testing plan look like, and what do you observe when going through that plan?

My failover testing plan is to failover BGP using the Failover route-map and then going into OSPF and increase the metric for the default route on the primary edge router. 

 

When I execute the failover plan, I can't ping the tunnel addresses but I can ping the networks behind them.

[CiscoFan]

Basically, what I do for failovers is:

log into the Primary router.

conf t

router bgp 64512

 neighbor EBGP route-map Failover in

 neighbor EBGP route-map Failover out

router ospf 1

 default-information originate metric 110

 

what is supposed to happen is the routes are supposed to go through my CenturyLink circuit with the OSPF metric of 105 and then it is supposed to change the metric for BGP to 10000 and then prepend 64512 about 7 times and the Failover route map gets prepended 9 times making the prepend of 7 times more desirable with the metric 10000.

[Sir Asvald]

Are sure it's a not a problem with your friends configuration?

[Raldo94]

How does the network look like for ospf?

[CiscoFan]

1 hour ago, Raldo94 said:

How does the network look like for ospf?

I figured it out last night, turns out the routers I am connecting to in LV.Net and at my friend's house that runs https://voiptek.info was misconfigured on BGP and then I did redistribute while modifying the metric for 100 being the primary and 105 being the backup. When I failover, I change the OSPF metric for the default-information originate to 110 and change the metric for redistributing the routes from BGP into OSPF to 110 so that the backup with the lower metric wins the routing decision. 

[leadeater]

15 hours ago, droidrzrlover said:

I figured it out last night, turns out the routers I am connecting to in LV.Net and at my friend's house that runs https://voiptek.info was misconfigured on BGP and then I did redistribute while modifying the metric for 100 being the primary and 105 being the backup. When I failover, I change the OSPF metric for the default-information originate to 110 and change the metric for redistributing the routes from BGP into OSPF to 110 so that the backup with the lower metric wins the routing decision. 

How come you're not using something like VRRP so you get automated WAN failover, is there a limitation due to the ISP and equipment you have that wouldn't allow it?

 

Example:

 

https://documentation.meraki.com/MX-Z/Other_Topics/Troubleshooting_MX_Warm_Spare_in_NAT_Mode_(NAT_HA)

 

 

 

 

[CiscoFan]

On 7/31/2018 at 11:34 PM, leadeater said:

How come you're not using something like VRRP so you get automated WAN failover, is there a limitation due to the ISP and equipment you have that wouldn't allow it?

 

Example:

 

https://documentation.meraki.com/MX-Z/Other_Topics/Troubleshooting_MX_Warm_Spare_in_NAT_Mode_(NAT_HA)

 

 

 

 

I am doing OSPF and there are limitations with the equipment that I have. I have my routers connected to my Cisco ASAs, so that is where I resolved to use OSPF. I only have DHCP for my ISP connections as well, so I can't use VRRP or any other first hop redundancy protocols.