Here's someone from Cisco agreeing that it works but pointing out one of the issues mentioned earlier, that the routers doing HSRP wouldn't be able to initiate the BGP open:
https://supportforums.cisco.com/thread/200104 Bob -- Sent from my iPhone, please excuse any typos. On Oct 11, 2012, at 6:16 PM, Nick Bonifacio <[email protected]> wrote: There has to be instability issues, right? Flapping, arps and macs getting hosed perhaps? *Paging Dr. Marko* ------------------------------ *From:* Tony Singh <[email protected]> *To:* Nick Bonifacio <[email protected]> *Cc:* Bob McCouch <[email protected]>; "[email protected]" < [email protected]> *Sent:* Thursday, October 11, 2012 6:13 PM *Subject:* Re: [OSL | CCIE_RS] Hello team can we make bgp neighbor ship HSRP virtual IP ? Good work Nick I'm sure Cisco know this works..? Why do they not recommend it then ... -- BR Tony Sent from my iPhone on 3 On 11 Oct 2012, at 23:06, Nick Bonifacio <[email protected]> wrote: R5(config-router)#do sh ip b *Oct 11 22:09:20.495: %BGP-5-ADJCHANGE: neighbor 10.0.46.1 Down User reset *Oct 11 22:09:20.907: %BGP-5-ADJCHANGE: neighbor 10.0.46.1 Up gp BGP table version is 16, local router ID is 10.0.46.55 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *>i192.46.1.0 10.0.46.1 1234 100 10000 i *>i192.46.2.0 10.0.46.1 1234 100 10000 i *>i192.46.3.0 10.0.46.1 1234 100 10000 i *>i192.46.4.0 10.0.46.1 1234 100 10000 i *>i192.46.5.0 10.0.46.1 1234 100 10000 i *>i192.46.6.0 10.0.46.1 1234 100 10000 i *>i192.46.7.0 10.0.46.1 1234 100 10000 i *>i192.46.8.0 10.0.46.1 1234 100 10000 i *>i192.46.9.0 10.0.46.1 1234 100 10000 i *>i192.46.10.0 10.0.46.1 1234 100 10000 i *>i192.46.11.0 10.0.46.1 1234 100 10000 i *>i192.46.12.0 10.0.46.1 1234 100 10000 i *>i192.46.13.0 10.0.46.1 1234 100 10000 i *>i192.46.14.0 10.0.46.1 1234 100 10000 i *>i192.46.15.0 10.0.46.1 1234 100 10000 i R5(config-router)# i need a fast way to copy and paste prefixes in :) I did manipulate weight, MED... ------------------------------ *From:* Tony Singh <[email protected]> *To:* Nick Bonifacio <[email protected]> *Cc:* Bob McCouch <[email protected]>; "[email protected]" < [email protected]> *Sent:* Thursday, October 11, 2012 5:54 PM *Subject:* Re: [OSL | CCIE_RS] Hello team can we make bgp neighbor ship HSRP virtual IP ? Take it further see how many prefixes it can handle, check metrics work weight local pref med... -- BR Tony Sent from my iPad On 11 Oct 2012, at 22:34, Nick Bonifacio <[email protected]> wrote: > I can't believe it, working on real hardware as well: > > interface FastEthernet0/0 > ip address 10.0.46.6 255.255.255.0 > duplex auto > speed auto > standby 0 ip 10.0.46.1 > > > router bgp 456 > no synchronization > bgp log-neighbor-changes > neighbor 10.0.46.55 remote-as 456 > no auto-summary > > > ------------------------------------------------------------------ > > > interface FastEthernet0/0 > ip address 10.0.46.55 255.255.255.0 > duplex auto > speed auto > > > router bgp 456 > no synchronization > bgp log-neighbor-changes > neighbor 10.0.46.1 remote-as 456 > no auto-summary > > > R5(config-router)#do sh ip bgp sum > BGP router identifier 10.0.46.55, local AS number 456 > BGP table version is 1, main routing table version 1 > > Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd > 10.0.46.1 4 456 5 5 1 0 0 00:03:18 0 > > > R5(config-router)#do sh tcp brief > TCB Local Address Foreign Address (state) > 66A1041C 10.0.46.55.39341 10.0.46.1.179 ESTAB > > > System image file is "flash:c1841-adventerprisek9-mz.124-24.T7.bin" > > > > ________________________________ > From: Nick Bonifacio <[email protected]> > To: Bob McCouch <[email protected]> > Cc: "[email protected]" <[email protected]> > Sent: Thursday, October 11, 2012 8:51 AM > Subject: Re: [OSL | CCIE_RS] Hello team can we make bgp neighbor ship HSRP virtual IP ? > > Just what I need, another OCD day. Oh well, I'll be home in about 8 hours and will have access to real hardware. I will let everyone know what happens. > > Nick > > Sent from my iPhone > > On Oct 11, 2012, at 8:43 AM, Bob McCouch <[email protected]> wrote: > >> Interesting. I was also pretty sure that didn't work. At best it would >> only do a passive open (respond to a TCP syn) no originate the >> session. >> >> Bob >> -- >> Sent from my iPhone, please excuse any typos. >> >> On Oct 11, 2012, at 8:25 AM, Nick Bonifacio <[email protected]> wrote: >> >>> //Disclaimer: I am using GNS3 for this example. >>> >>> This is the way I understand it, anyone else feel free to chime in: >>> >>> Think update source. >>> >>> router bgp 4 >>> neighbor 10.0.4.5 remote-as 5 >>> neighbor 10.0.4.5 update-source FastEthernet0/0 >>> >>> >>> interface FastEthernet0/0 >>> ip address 10.0.4.4 255.255.255.0 >>> duplex auto >>> speed auto >>> standby 0 ip 10.0.4.254 >>> >>> how can I create a neighborship by sourcing the standby 0 IP? I can't. >>> >>> Let's look at router 5 on the other side >>> >>> interface FastEthernet0/0 >>> ip address 10.0.4.5 255.255.255.0 >>> duplex auto >>> speed auto >>> >>> router bgp 5 >>> no synchronization >>> bgp log-neighbor-changes >>> neighbor 10.0.1.1 remote-as 1 >>> neighbor 10.0.4.254 remote-as 4 >>> no auto-summary >>> >>> >>> Let's debug BGP on R4 >>> >>> R4(config-router)#no >>> *Mar 1 00:31:36.267: BGP: 10.0.4.5 passive open to 10.0.4.254 >>> *Mar 1 00:31:36.271: BGP: 10.0.4.5 passive open failed - 10.0.4.254 is not update-source FastEthernet0/0's address (10.0.4.4) >>> *Mar 1 00:31:36.271: BGP: 10.0.4.5 remote connection attempt failed, local address 10.0.4.254 >>> R4(config-router)#no >>> *Mar 1 00:31:38.255: BGP: 10.0.4.5 open active, local address 10.0.4.4 >>> *Mar 1 00:31:38.311: BGP: 10.0.4.5 open failed: Connection refused by remote host, open active delayed 26388ms (35000ms max, 28% jitter) >>> R4(config-router)#no >>> >>> ok it is complaining about 10.0.4.254 not being fa0/0's address. Fine, I will remove update source fa0/0 >>> >>> >>> >>> router bgp 4 >>> no synchronization >>> bgp log-neighbor-changes >>> neighbor 10.0.4.2 remote-as 2 >>> neighbor 10.0.4.3 remote-as 3 >>> neighbor 10.0.4.5 remote-as 5 >>> neighbor 10.0.4.5 update-source FastEthernet0/0 >>> maximum-paths 3 >>> no auto-summary >>> >>> no neighbor 10.0.4.5 update-source FastEthernet0/0 >>> >>> BGP: 10.0.4.5 rcvd OPEN w/ remote AS 5 >>> *Mar 1 00:33:09.427: BGP: 10.0.4.5 went from OpenSent to OpenConfirm >>> *Mar 1 00:33:09.427: BGP: 10.0.4.5 send message type 1, length (incl. header) 45 >>> *Mar 1 00:33:09.475: BGP: 10.0.4.5 went from OpenConfirm to Established >>> *Mar 1 00:33:09.475: %BGP-5-ADJCHANGE: neighbor 10.0.4.5 Up >>> >>> uh oh, it is working! Interesting.. I am in GNS3 but will lab it up at home on real hardware once I get there. This is not the behavior I expected. >>> >>> R5#sh ip bgp sum >>> [...] >>> Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd >>> 10.0.1.1 4 1 40 40 2 0 0 00:36:01 1 >>> 10.0.4.254 4 4 16 22 2 0 0 00:02:47 1 >>> >>> >>> I also tested it with iBGP and the same behavior occured. I also failed over the HSRP address and made another node active as 10.0.4.254 and the adjacency did come back up on that router! >>> >>> I will try this out on real hardware once I get home and then report back. We had tried this in production 2 months ago using ASR1000s and could not get it working. >>> >>> Nick >>> >>> >>> ________________________________ >>> From: Samir Idris <[email protected]> >>> To: Nick Bonifacio <[email protected]> >>> Cc: Taqdir Singh <[email protected]>; "[email protected]" <[email protected]> >>> Sent: Thursday, October 11, 2012 7:50 AM >>> Subject: Re: [OSL | CCIE_RS] Hello team can we make bgp neighbor ship HSRP virtual IP ? >>> >>> >>> Nick, >>> >>> Why cant we source from a virtual IP? Can you shed some light on the logic? >>> >>> Regards, >>> Samir. >>> >>> On Thursday, October 11, 2012, Nick Bonifacio <[email protected]> wrote: >>>> Hi Taqdir, >>>> >>>> You have to source from a physical interface and cannot source from a vIP. Here is a link to "best practice" using HSRP and multihomed BGP environments: >>>> >>>> http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a0080093f2c.shtml >>>> >>>> >>>> Thanks! >>>> Nick >>>> >>>> ________________________________ >>>> From: Taqdir Singh <[email protected]> >>>> To: [email protected] >>>> Sent: Thursday, October 11, 2012 3:16 AM >>>> Subject: [OSL | CCIE_RS] Hello team can we make bgp neighbor ship HSRP virtual IP ? >>>> >>>> Hello team can we make bgp neighborship with HSRP virtual IP ? >>>> _______________________________________________ >>>> For more information regarding industry leading CCIE Lab training, please visit http://www.ipexpert.com/ >>>> >>>> Are you a CCNP or CCIE and looking for a job? Check out http://www.platinumplacement.com/ >>>> >>>> http://onlinestudylist.com/mailman/listinfo/ccie_rs >>>> _______________________________________________ >>>> For more information regarding industry leading CCIE Lab training, please visit http://www.ipexpert.com/ >>>> >>>> Are you a CCNP or CCIE and looking for a job? Check out http://www.platinumplacement.com/ >>>> >>>> http://onlinestudylist.com/mailman/listinfo/ccie_rs >>> >>> -- >>> Samir Idris >>> _______________________________________________ >>> For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com >>> >>> Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com <http://www.platinumplacement.com/> >>> >>> http://onlinestudylist.com/mailman/listinfo/ccie_rs > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com <http://www.platinumplacement.com/> > > http://onlinestudylist.com/mailman/listinfo/ccie_rs > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com <http://www.platinumplacement.com/> > > http://onlinestudylist.com/mailman/listinfo/ccie_rs _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://onlinestudylist.com/mailman/listinfo/ccie_rs
