[AusNOG] High availability options for terminating point-to-point Ethernet (on Cisco CE)

Mon May 29 10:56:44 EST 2017

And the service is still a SPOF.

Just get two services/links, and use plain vanilla BGP.

On 29 May 2017 at 09:55, Chris Kawchuk <juniperdude at gmail.com> wrote:
> Sorry this may have already been suggested -- and is in JunOS speak, but you
> get the idea. (literally cannot speak iOS anymore) -- requires VRRP + BGP to
> do some tricks.
>
> - Use a /29 as the interconnect
> - Use 2 x CE devices
> - Use 2 x PE devices
> - 2 x BGP sessions form each device (4 BGP sessions in total - i.e. full
> eBGP mesh across the /29 between all physical interface PE1 PE2 to CE1 CE2)
> - Switches in the middle (far end, local end)
> - Setup a VRRP on both ends (both CE devices as group 2 at customer end,
> both PE devices with group 1 on service provider end)
> - Overwrite net-hop with the respective vrrp address on bgp export both
> ends.
>
>
> __________
>
> Customer/CE facing /29 --- This is from PE1s perspective:
>
> 206.100.204.73 is vrrp
> 206.100.204.74 is physical
> 206.100.204.75 is physical on 2nd PE router (not shown)
>
>
> interfaces {
>     ge-0/0/2 {
>         unit 0 {
>             family inet {
>                 address 206.100.204.74/29 {
>                     vrrp-group 1 {
>                         virtual-address 206.100.204.73;
>                         priority 200;
>                         preempt;
>                         accept-data;
>                     }
>                 }
>             }
>         }
>     }
>     lo0 {
>         unit 0 {
>             family inet {
>                 filter {
>                     input Routing_Engine_Protection;
>                 }
>                 address 1.1.1.1/32;
>             }
>         }
>     }
> }
>
>
> eBGP sessions:
>
> CE device vrrp is 206.100.204.76
> CE device #1 physical is 206.100.204.77
> CE device #2 physical is 206.100.204.78
>
> This is from PE1s perspective: (PE2 not shown) (may be in VRF, may not be if
> inet.0 traffic)
>
>
> protocols {
>     bgp {
>         group EBGP {
>             type external;
>             local-address 206.100.204.74; /* my physical */
>             hold-time 20;
>             export EBGP-EXPORT;
>             peer-as 65002;
>             local-as 65001;
>             neighbor 206.100.204.77; /* CE1 Physical */
>             neighbor 206.100.204.78; /* CE2 Physical */
>         }
>     }
> }
>
>
> policy-options {
>     policy-statement EBGP-EXPORT {
>         term 1 {
>             from {
>                 route-filter the-routes-you-want-to-send/24 exact;
>             }
>             then {
>                 next-hop 206.100.204.73;  /* Overwrite BGP next-hop with our
> vrrp address -- far end CEs do the same with their vrrp address */
>                 accept;
>             }
>         }
>         term 2 {
>             then reject;
>         }
>     }
> }
>
>
> Hope that helps.
>
> - CK.
>
>
>
> On 25 May 2017, at 8:35 pm, Matt Selbst <matt.j.selbst at gmail.com> wrote:
>
> Hi,
>
> Hoping for some advice. What is everyone doing for terminating
> point-to-point Ethernet services like AAPT's e-Line in a high availability
> environment? Cisco environment.
>
> With PPPoE, high availability was much easier as you could just have
> multiple LNS's and failover easily when the client would re-auth. With
> terminating a VLAN handoff on a /30 or /31 it makes HA much harder. If the
> customer edge router dies, failover seems pretty hard. VRRP doesn't seem to
> be an option especially with hundreds of customer sub-interfaces.
>
> Any ideas?
>
> -Matt
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>