Contact our honeypot department if you are desperate to get blacklisted.

Friday, October 30, 2009

PE-CE BGP dual-homed with backup

This document details the configurations necessary to connect an MPLS customer to an MPLS Service Provider via two separate link terminating on two separate PE Routers. In this case the customer has a 10mpbs Ethernet circuit, which is to be used as the primary link, and an ADSL line which is to be used when the Ethernet circuit is not functioning.

This configuration uses standard, default BGP timers and therefore the failover takes approximately 180 seconds. It will revert back to the primary significantly faster once connectivity has been re-established.


!!PE-01 - Ethernet PE
!
!!Enter the PE's BGP configuration
router bgp
!! Enter the customer's PE-CE BGP configuration 
 address-family ipv4 vrf CustomerVRF
 no synchronization
 !! use this to send a default route to all other PE routers in this VRF, not the cusotmer's PE routers.
 default-information originate
 !! replace this with the customer's BGP AS.  Must be >=65000
 neighbor 192.168.2.2 remote-as 65nnn 
 neighbor 192.168.2.2 update-source GigabitEthernet0/1
 !! Always set a password
 neighbor 192.168.2.2 password  
 neighbor 192.168.2.2 next-hop-self
 !! (optional) send a default route
 neighbor 192.168.2.2 default-originate
 !! Always limit the number of routes accepted
 neighbor 192.168.2.2 maximum-prefix 250 80
 !! don't use classful summaries
 no auto-summary 
 neighbor 192.168.2.2 activate
 exit-address-family


!PE-02 - ADSL RAS PE
!
route-map CustomerVRFSetLocalIn permit 10
 set local-preference 50
!
route-map CustomerVRFSetLocalIn permit 20
!
!!Enter the PE's BGP configuration
router bgp
!! Enter the customer's PE-CE BGP configuration
 address-family ipv4 vrf CustomerVRF    
 no synchronization
 !! (optional) send a default route
 default-information originate
 !! replace this with the customer's BGP AS.  Must be >=65000  
 neighbor 192.168.1.2 remote-as 65nnn
 !! Change this to whatever the PE's connected interface on their VRF is 
 neighbor 192.168.1.2 update-source Loopbackn
 !! Always set a password
 neighbor 192.168.1.2 password   
 neighbor 192.168.1.2 next-hop-self
 !! (optional) send a default route
 neighbor 192.168.1.2 default-originate 
 !! set route map which will lower the LocalPref (and thereby the chances of being entered into the Provider's LFIB table).  When the preferred route is
 !! removed from BGP as a result of the neighbor going down on the primary link, this route will be entered into the LFIB on next BGP Scan.
 neighbor 192.168.1.2 route-map setlocalin in 
 !! Always limit the number of routes accepted
 neighbor 192.168.1.2 maximum-prefix 250 80 
 !! don't use classful summaries
 no auto-summary 
 neighbor 192.168.1.2 activate
 exit-address-family


!!CPE
!
route-map setlocalin permit 10
 set local-preference 50
!
route-map setlocalin permit 20
!
router bgp 65004
 no synchronization
 bgp log-neighbor-changes
 neighbor 192.168.1.1 remote-as
 !! Always set a password
 neighbor 192.168.2.1 password  
 neighbor 192.168.1.1 remote-as
 !! Always set a password
 neighbor 192.168.2.1 password  
 neighbor 192.168.1.1 route-map setlocalin in
 no auto-summary
Posted by Unknown at 8:54 AM
Labels: , , ,
Subscribe to: Posts (Atom)