Date created: Friday, February 27, 2015 2:35:40 PM. Last modified: Wednesday, October 4, 2017 5:06:20 PM
BGP using HSRP
BGP can run with HSRP although it's not advised. It can't be used for non-stop forwarding packet, failvoer does cause BGP to rest.
In this example, PE1 is the active HSRP device for VIP 192.168.0.254 peering with CE1 using IP 192.168.0.253. When Fa0/1 (the HSRP interface on PE1) is shut down HSRP on PE2 becomes active however no BGP session is active on PE2 to CE1 (because the ARP entriy for the HSRP address will have been switches to PE1 by SW1). CE1 will be sending BGP packets now to PE2 but PE2 will be rejecting them as there is no active session, the session will time out and when CE1 tries to re-establish PE2 will work through the BGP FSM and establish the session using the VIP.
What is important here is that both PE1 and PE2 are configured with "neighbor 192.168.0.253 transport connection-mode passive". NOTE: We could have also added "neighbor 192.168.0.254 transport connection-mode active" to CE1! This places both PE1 and PE2 in to "server" mode meaning they listen on TCP port 179 and are waiting for the neighbour to initiate the connection. There is no way within the BGP configuration options to tell the router to source BGP updates from an HSRP VIP address, only physical interface addresses. This method allows the CE to do the talking, working around that limitation, at the expense of the BGP session having to flap for failover to occur (so this is only good for small customers that don't need 5 nines of uptime, although the downtime can be lower slightly by lowering the BGP and HSRP timers).
None of the service provider side of the config is shown as it's not needed here.
hostname PE1 ip vrf Cust1 rd 1:1 route-target export 1:1 route-target import 1:1 interface Loopback0 ip address 10.0.0.1 255.255.255.255 interface Loopback192 ip vrf forwarding Cust1 ip address 192.0.2.254 255.255.255.255 interface FastEthernet0/0 description Link to CE1 FA0/0 ip vrf forwarding Cust1 ip address 192.168.0.1 255.255.255.0 standby 1 ip 192.168.0.254 standby 1 timers 1 3 standby 1 priority 110 standby 1 preempt router bgp 12345 bgp router-id 10.0.0.1 bgp log-neighbor-changes address-family ipv4 vrf Cust1 bgp router-id 192.168.0.254 redistribute connected neighbor 192.168.0.253 remote-as 65000 neighbor 192.168.0.253 transport connection-mode passive neighbor 192.168.0.253 timers 1 3 neighbor 192.168.0.253 activate neighbor 192.168.0.253 next-hop-self exit-address-family
hostname PE2 ip vrf Cust1 rd 1:1 route-target export 1:1 route-target import 1:1 interface Loopback0 ip address 10.0.0.2 255.255.255.255 interface Loopback192 ip vrf forwarding Cust1 ip address 192.0.2.254 255.255.255.255 interface FastEthernet0/1 ip vrf forwarding Cust1 ip address 192.168.0.2 255.255.255.0 standby 1 ip 192.168.0.254 standby 1 timers 1 3 router bgp 12345 bgp router-id 10.0.0.2 bgp log-neighbor-changes ! address-family ipv4 vrf Cust1 bgp router-id 192.168.0.254 redistribute connected neighbor 192.168.0.253 remote-as 65000 neighbor 192.168.0.253 transport connection-mode passive neighbor 192.168.0.253 timers 1 3 neighbor 192.168.0.253 activate neighbor 192.168.0.253 next-hop-self exit-address-family
hostname CE1 interface Loopback192 ip address 192.0.2.253 255.255.255.255 interface FastEthernet0/0 ip address 192.168.0.253 255.255.255.0 router bgp 65000 bgp log-neighbor-changes redistribute connected neighbor 192.168.0.254 remote-as 12345 neighbor 192.168.0.254 timers 1 3 neighbor 192.168.0.254 next-hop-self
PE1#show standby
FastEthernet0/0 - Group 1
State is Active
6 state changes, last state change 00:55:15
Virtual IP address is 192.168.0.254
Active virtual MAC address is 0000.0c07.ac01
Local virtual MAC address is 0000.0c07.ac01 (v1 default)
Hello time 1 sec, hold time 3 sec
Next hello sent in 0.560 secs
Preemption enabled
Active router is local
Standby router is 192.168.0.2, priority 100 (expires in 3.216 sec)
Priority 110 (configured 110)
Group name is "hsrp-Fa0/0-1" (default)
PE2#show standby
FastEthernet0/1 - Group 1
State is Standby
4 state changes, last state change 00:57:42
Virtual IP address is 192.168.0.254
Active virtual MAC address is 0000.0c07.ac01
Local virtual MAC address is 0000.0c07.ac01 (v1 default)
Hello time 1 sec, hold time 3 sec
Next hello sent in 0.048 secs
Preemption disabled
Active router is 192.168.0.1, priority 110 (expires in 2.848 sec)
Standby router is local
Priority 100 (default 100)
Group name is "hsrp-Fa0/1-1" (default)
CE1#show ip arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 192.168.0.1 58 ca01.079c.0008 ARPA FastEthernet0/0
Internet 192.168.0.2 79 ca02.0504.0006 ARPA FastEthernet0/0
Internet 192.168.0.253 - ca03.145c.0008 ARPA FastEthernet0/0
Internet 192.168.0.254 58 0000.0c07.ac01 ARPA FastEthernet0/0
CE1#show bgp all summary | b Neighbor
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
192.168.0.254 4 12345 3409 3409 12 0 0 00:58:06 2
PE1#int PE1#conf t PE1(config)#int fa0/0 PE1(config-if)#shut PE1(config-if)# *Feb 27 14:45:57.451: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 1 state Active -> Init *Feb 27 14:45:57.519: %BGP-5-ADJCHANGE: neighbor 192.168.0.253 vpn vrf Cust1 Down Interface flap *Feb 27 14:45:57.519: %BGP_SESSION-5-ADJCHANGE: neighbor 192.168.0.253 IPv4 Unicast vpn vrf Cust1 topology base removed from session Interface flap *Feb 27 14:45:59.439: %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to administratively down *Feb 27 14:46:00.439: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down PE2# *Feb 27 14:45:57.963: %HSRP-5-STATECHANGE: FastEthernet0/1 Grp 1 state Standby -> Active CE1# *Feb 27 14:45:59.283: %BGP-5-ADJCHANGE: neighbor 192.168.0.254 Down Peer closed the session *Feb 27 14:45:59.283: %BGP_SESSION-5-ADJCHANGE: neighbor 192.168.0.254 IPv4 Unicast topology base removed from session Peer closed the session PE2# *Feb 27 14:46:11.607: %BGP-5-ADJCHANGE: neighbor 192.168.0.253 vpn vrf Cust1 Up CE1# *Feb 27 14:46:11.983: %BGP-5-ADJCHANGE: neighbor 192.168.0.254 Up
Previous page: BGP Tuning
Next page: Cisco BGP Selection Process