The ISP's dampening will cut you off? Sent from my iPhone
On Oct 12, 2012, at 10:01 AM, Marko Milivojevic <[email protected]> wrote: > Well, well... What if it flaps back and forth? :-) > > -- > Marko Milivojevic - CCIE #18427 (SP R&S) > Senior CCIE Instructor - IPexpert > > On Fri, Oct 12, 2012 at 12:06 AM, vin.ccie29412 <[email protected]> wrote: >> peering to an hsrp vip will work , fast hellos can be used to minimise >> the swap delay , in all circumstances bgp will flap . >> >> to have device redundancy to a single upstream pe would sound over spec , >> but to a multi node internal external peer would be ideal . A Flap is much >> better than total loss of service . >> >> Regards >> >> Vin >> >> >> >> >> On Fri, Oct 12, 2012 at 5:47 AM, Marko Milivojevic >> <[email protected]>wrote: >> >>> To be honest, I'm as amused as you are with this :-). I'm in a >>> bootcamp for the next three weeks, but I'll for sure give it a >>> thorough test when I'm done :-). >>> >>> I'm guessing it can be made to work, as long as HSRP-side is >>> "passive", i.e. not the one initiating connection. Of course, without >>> a state exchange between HSRP peers, when there is HSRP failover, BGP >>> will flap. This is probably why it's not recommended. >>> >>> -- >>> Marko Milivojevic - CCIE #18427 (SP R&S) >>> Senior CCIE Instructor - IPexpert >>> >>> On Thu, Oct 11, 2012 at 5:16 PM, Nick Bonifacio <[email protected]> >>> wrote: >>>> There has to be instability issues, right? Flapping, arps and macs >>> getting hosed perhaps? >>>> >>>> *Paging Dr. Marko* >>>> >>>> >>>> ________________________________ >>>> From: Tony Singh <[email protected]> >>>> To: Nick Bonifacio <[email protected]> >>>> Cc: Bob McCouch <[email protected]>; "[email protected]" < >>> [email protected]> >>>> Sent: Thursday, October 11, 2012 6:13 PM >>>> Subject: Re: [OSL | CCIE_RS] Hello team can we make bgp neighbor ship >>> HSRP virtual IP ? >>>> >>>> >>>> Good work Nick >>>> >>>> I'm sure Cisco know this works..? Why do they not recommend it then ... >>>> >>>> >>>> -- >>>> BR >>>> >>>> Tony >>>> Sent from my iPhone on 3 >>>> >>>> On 11 Oct 2012, at 23:06, Nick Bonifacio <[email protected]> wrote: >>>> >>>> >>>> >>>>> >>>>> R5(config-router)#do sh ip b >>>>> *Oct 11 22:09:20.495: %BGP-5-ADJCHANGE: neighbor 10.0.46.1 Down User >>> reset >>>>> *Oct 11 22:09:20.907: %BGP-5-ADJCHANGE: neighbor 10.0.46.1 Up gp >>>>> BGP table version is 16, local router ID is 10.0.46.55 >>>>> Status codes: s suppressed, d damped, h history, * valid, > best, i - >>> internal, >>>>> r RIB-failure, S Stale >>>>> Origin codes: i - IGP, e - EGP, ? - incomplete >>>>> >>>>> >>>>> Network Next Hop Metric LocPrf Weight Path >>>>> *>i192.46.1.0 10.0.46.1 1234 100 10000 i >>>>> *>i192.46.2.0 10.0.46.1 1234 100 10000 i >>>>> *>i192.46.3.0 10.0.46.1 1234 100 10000 i >>>>> *>i192.46.4.0 10.0.46.1 1234 100 10000 i >>>>> *>i192.46.5.0 10.0.46.1 1234 100 10000 i >>>>> *>i192.46.6.0 10.0.46.1 1234 100 10000 i >>>>> *>i192.46.7.0 10.0.46.1 1234 100 10000 i >>>>> *>i192.46.8.0 10.0.46.1 1234 100 10000 i >>>>> *>i192.46.9.0 10.0.46.1 1234 100 10000 i >>>>> *>i192.46.10.0 10.0.46.1 1234 100 10000 i >>>>> *>i192.46.11.0 10.0.46.1 1234 100 10000 i >>>>> *>i192.46.12.0 10.0.46.1 1234 100 10000 i >>>>> *>i192.46.13.0 10.0.46.1 1234 100 10000 i >>>>> *>i192.46.14.0 10.0.46.1 1234 100 10000 i >>>>> *>i192.46.15.0 10.0.46.1 1234 100 10000 i >>>>> R5(config-router)# >>>>> >>>>> >>>>> i need a fast way to copy and paste prefixes in :) >>>>> >>>>> >>>>> I did manipulate weight, MED... >>>>> >>>>> ________________________________ >>>>> From: Tony Singh <[email protected]> >>>>> To: Nick Bonifacio <[email protected]> >>>>> Cc: Bob McCouch <[email protected]>; "[email protected]" < >>> [email protected]> >>>>> Sent: Thursday, October 11, 2012 5:54 PM >>>>> Subject: Re: [OSL | CCIE_RS] Hello team can we make bgp neighbor ship >>> HSRP virtual IP ? >>>>> >>>>> Take it further see how many prefixes it can handle, check metrics work >>> weight local pref med... >>>>> >>>>> -- >>>>> BR >>>>> >>>>> Tony >>>>> >>>>> Sent from my iPad >>>>> >>>>> On 11 Oct 2012, at 22:34, Nick Bonifacio <[email protected]> wrote: >>>>> >>>>>> I can't believe it, working on real hardware as well: >>>>>> >>>>>> interface FastEthernet0/0 >>>>>> ip address 10.0.46.6 255.255.255.0 >>>>>> duplex auto >>>>>> speed auto >>>>>> standby 0 ip 10.0.46.1 >>>>>> >>>>>> >>>>>> router bgp 456 >>>>>> no synchronization >>>>>> bgp log-neighbor-changes >>>>>> neighbor 10.0.46.55 remote-as 456 >>>>>> no auto-summary >>>>>> >>>>>> >>>>>> ------------------------------------------------------------------ >>>>>> >>>>>> >>>>>> interface FastEthernet0/0 >>>>>> ip address 10.0.46.55 255.255.255.0 >>>>>> duplex >>>> auto >>>>>> speed auto >>>>>> >>>>>> >>>>>> router bgp 456 >>>>>> no synchronization >>>>>> bgp log-neighbor-changes >>>>>> neighbor 10.0.46.1 remote-as 456 >>>>>> no auto-summary >>>>>> >>>>>> >>>>>> R5(config-router)#do sh ip bgp sum >>>>>> BGP router identifier 10.0.46.55, local AS number 456 >>>>>> BGP table version is 1, main routing table version 1 >>>>>> >>>>>> Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ >>> Up/Down State/PfxRcd >>>>>> 10.0.46.1 4 456 5 5 1 0 >>> 0 00:03:18 0 >>>>>> >>>>>> >>>>>> R5(config-router)#do sh tcp brief >>>>>> TCB Local Address >>>> Foreign Address (state) >>>>>> 66A1041C 10.0.46.55.39341 10.0.46.1.179 >>> ESTAB >>>>>> >>>>>> >>>>>> System image file is "flash:c1841-adventerprisek9-mz.124-24.T7.bin" >>>>>> >>>>>> >>>>>> >>>>>> ________________________________ >>>>>> From: Nick Bonifacio <[email protected]> >>>>>> To: Bob McCouch <[email protected]> >>>>>> Cc: "[email protected]" <[email protected]> >>>>>> Sent: Thursday, October 11, 2012 8:51 AM >>>>>> Subject: Re: [OSL | CCIE_RS] Hello team can we make bgp neighbor ship >>> HSRP virtual IP ? >>>>>> >>>>>> Just what I need, another OCD day. Oh well, I'll be home in about 8 >>> hours and will have access to real hardware. I will let everyone know what >>> happens. >>>>>> >>>>>> Nick >>>>>> >>>>>> Sent from my iPhone >>>>>> >>>>>> On Oct 11, 2012, at 8:43 AM, Bob McCouch <[email protected]> wrote: >>>>>> >>>>>>> Interesting. I was also pretty sure that didn't work. At best it would >>>>>>> only do a passive open (respond to a TCP syn) no originate the >>>>>>> session. >>>>>>> >>>>>>> Bob >>>>>>> -- >>>>>>> Sent from my iPhone, please excuse any typos. >>>>>>> >>>>>>> On Oct 11, 2012, at 8:25 AM, >>>> Nick Bonifacio <[email protected]> wrote: >>>>>>> >>>>>>>> //Disclaimer: I am using GNS3 for this example. >>>>>>>> >>>>>>>> This is the way I understand it, anyone else feel free to chime in: >>>>>>>> >>>>>>>> Think update source. >>>>>>>> >>>>>>>> router bgp 4 >>>>>>>> neighbor 10.0.4.5 remote-as 5 >>>>>>>> neighbor 10.0.4.5 update-source FastEthernet0/0 >>>>>>>> >>>>>>>> >>>>>>>> interface FastEthernet0/0 >>>>>>>> ip address 10.0.4.4 255.255.255.0 >>>>>>>> duplex auto >>>>>>>> speed auto >>>>>>>> standby 0 ip 10.0.4.254 >>>>>>>> >>>>>>>> how can I create a neighborship by sourcing the standby 0 IP? I >>> can't. >>>>>>>> >>>>>>>> Let's look at router 5 on the other side >>>>>>>> >>>>>>>> interface >>>> FastEthernet0/0 >>>>>>>> ip address 10.0.4.5 255.255.255.0 >>>>>>>> duplex auto >>>>>>>> speed auto >>>>>>>> >>>>>>>> router bgp 5 >>>>>>>> no synchronization >>>>>>>> bgp log-neighbor-changes >>>>>>>> neighbor 10.0.1.1 remote-as 1 >>>>>>>> neighbor 10.0.4.254 remote-as 4 >>>>>>>> no auto-summary >>>>>>>> >>>>>>>> >>>>>>>> Let's debug BGP on R4 >>>>>>>> >>>>>>>> R4(config-router)#no >>>>>>>> *Mar 1 00:31:36.267: BGP: 10.0.4.5 passive open to 10.0.4.254 >>>>>>>> *Mar 1 00:31:36.271: BGP: 10.0.4.5 passive open failed - 10.0.4.254 >>> is not update-source FastEthernet0/0's address (10.0.4.4) >>>>>>>> *Mar 1 00:31:36.271: BGP: 10.0.4.5 remote connection attempt >>> failed, local address 10.0.4.254 >>>>>>>> R4(config-router)#no >>>>>>>> *Mar 1 00:31:38.255: BGP: 10.0.4.5 open active, local address >>>> 10.0.4.4 >>>>>>>> *Mar 1 00:31:38.311: BGP: 10.0.4.5 open failed: Connection refused >>> by remote host, open active delayed 26388ms (35000ms max, 28% jitter) >>>>>>>> R4(config-router)#no >>>>>>>> >>>>>>>> ok it is complaining about 10.0.4.254 not being fa0/0's address. >>> Fine, I will remove update source fa0/0 >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> router bgp 4 >>>>>>>> no synchronization >>>>>>>> bgp log-neighbor-changes >>>>>>>> neighbor 10.0.4.2 remote-as 2 >>>>>>>> neighbor 10.0.4.3 remote-as 3 >>>>>>>> neighbor 10.0.4.5 remote-as 5 >>>>>>>> neighbor 10.0.4.5 update-source FastEthernet0/0 >>>>>>>> maximum-paths 3 >>>>>>>> no auto-summary >>>>>>>> >>>>>>>> no neighbor 10.0.4.5 update-source FastEthernet0/0 >>>>>>>> >>>>>>>> BGP: 10.0.4.5 rcvd OPEN w/ remote AS 5 >>>>>>>> *Mar 1 >>>> 00:33:09.427: BGP: 10.0.4.5 went from OpenSent to OpenConfirm >>>>>>>> *Mar 1 00:33:09.427: BGP: 10.0.4.5 send message type 1, length >>> (incl. header) 45 >>>>>>>> *Mar 1 00:33:09.475: BGP: 10.0.4.5 went from OpenConfirm to >>> Established >>>>>>>> *Mar 1 00:33:09.475: %BGP-5-ADJCHANGE: neighbor 10.0.4.5 Up >>>>>>>> >>>>>>>> uh oh, it is working! Interesting.. I am in GNS3 but will lab it up >>> at home on real hardware once I get there. This is not the behavior I >>> expected. >>>>>>>> >>>>>>>> R5#sh ip bgp sum >>>>>>>> [...] >>>>>>>> Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down >>> State/PfxRcd >>>>>>>> 10.0.1.1 4 1 40 40 2 0 0 00:36:01 >>>> 1 >>>>>>>> 10.0.4.254 4 4 16 22 2 0 0 00:02:47 >>> 1 >>>>>>>> >>>>>>>> >>>>>>>> I also tested it with iBGP and the same behavior occured. I also >>> failed over the HSRP address and made another node active as 10.0.4.254 and >>> the adjacency did come back up on that router! >>>>>>>> >>>>>>>> I will try this out on real hardware once I get home and then report >>> back. We had tried this in production 2 months ago using ASR1000s and >>> could not get it working. >>>>>>>> >>>>>>>> Nick >>>>>>>> >>>>>>>> >>>>>>>> ________________________________ >>>>>>>> From: Samir Idris <[email protected]> >>>>>>>> To: Nick Bonifacio <[email protected]> >>>>>>>> Cc: Taqdir Singh <[email protected]>; " >>> [email protected]" <[email protected]> >>>>>>>> Sent: Thursday, October 11, 2012 7:50 AM >>>>>>>> Subject: Re: [OSL | CCIE_RS] Hello team can we make bgp neighbor >>> ship HSRP virtual IP ? >>>>>>>> >>>>>>>> >>>>>>>> Nick, >>>>>>>> >>>>>>>> Why cant we source from a virtual IP? Can you shed some light on >>> the logic? >>>>>>>> >>>>>>>> Regards, >>>>>>>> Samir. >>>>>>>> >>>>>>>> On Thursday, October 11, 2012, Nick >>>> Bonifacio <[email protected]> wrote: >>>>>>>>> Hi Taqdir, >>>>>>>>> >>>>>>>>> You have to source from a physical interface and cannot source from >>> a vIP. Here is a link to "best practice" using HSRP and multihomed BGP >>> environments: >>> http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a0080093f2c.shtml >>>>>>>>> >>>>>>>>> >>>>>>>>> Thanks! >>>>>>>>> Nick >>>>>>>>> >>>>>>>>> ________________________________ >>>>>>>>> From: Taqdir Singh <[email protected]> >>>>>>>>> To: [email protected] >>>>>>>>> Sent: Thursday, October 11, 2012 3:16 AM >>>>>>>>> Subject: [OSL | CCIE_RS] Hello team can we make bgp neighbor ship >>> HSRP virtual IP ? >>>>>>>>> >>>>>>>>> Hello team can we make bgp neighborship with HSRP virtual IP ? >>>>>>>>> _______________________________________________ >>>>>>>>> For more information regarding industry leading CCIE Lab training, >>> please visit http://www.ipexpert.com/ >>>>>>>>> >>>>>>>>> Are you a CCNP or CCIE and looking for a job? Check out >>> http://www.platinumplacement.com/ >>>>>>>>> >>>>>>>>> http://onlinestudylist.com/mailman/listinfo/ccie_rs >>>>>>>>> _______________________________________________ >>>>>>>>> For more information regarding industry leading CCIE Lab training, >>> please visit http://www.ipexpert.com/ >>>>>>>>> >>>>>>>>> Are you a CCNP or CCIE and looking for a job? Check out >>> http://www.platinumplacement.com/ >>>>>>>>> >>>>>>>>> http://onlinestudylist.com/mailman/listinfo/ccie_rs >>>>>>>> >>>>>>>> -- >>>>>>>> Samir Idris >>>>>>>> _______________________________________________ >>>>>>>> For more information regarding industry leading CCIE Lab training, >>> please visit www.ipexpert.com >>>>>>>> >>>>>>>> Are >>>> you a CCNP or CCIE and looking for a job? Check out >>> www.PlatinumPlacement.com >>>>>>>> >>>>>>>> http://onlinestudylist.com/mailman/listinfo/ccie_rs >>>>>> _______________________________________________ >>>>>> For more information regarding industry leading CCIE Lab training, >>> please visit www.ipexpert.com >>>>>> >>>>>> Are you a CCNP or CCIE and looking for a job? Check out >>> www.PlatinumPlacement.com >>>>>> >>>>>> http://onlinestudylist.com/mailman/listinfo/ccie_rs >>>>>> _______________________________________________ >>>>>> For more information regarding industry leading CCIE Lab training, >>> please visit www.ipexpert.com >>>>>> >>>>>> Are you a CCNP or CCIE and looking for a job? Check out >>> www.PlatinumPlacement.com >>>>>> >>>>>> http://onlinestudylist.com/mailman/listinfo/ccie_rs >>>> _______________________________________________ >>>> For more information regarding industry leading CCIE Lab training, >>> please visit www.ipexpert.com >>>> >>>> Are you a CCNP or CCIE and looking for a job? Check out >>> www.PlatinumPlacement.com >>>> >>>> http://onlinestudylist.com/mailman/listinfo/ccie_rs >>> _______________________________________________ >>> For more information regarding industry leading CCIE Lab training, please >>> visit www.ipexpert.com >>> >>> Are you a CCNP or CCIE and looking for a job? Check out >>> www.PlatinumPlacement.com >>> >>> http://onlinestudylist.com/mailman/listinfo/ccie_rs >> _______________________________________________ >> For more information regarding industry leading CCIE Lab training, please >> visit www.ipexpert.com >> >> Are you a CCNP or CCIE and looking for a job? Check out >> www.PlatinumPlacement.com >> >> http://onlinestudylist.com/mailman/listinfo/ccie_rs > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com > > http://onlinestudylist.com/mailman/listinfo/ccie_rs _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://onlinestudylist.com/mailman/listinfo/ccie_rs
