<html><head><meta http-equiv="Content-Type" content="text/html charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;"><font face="Calibri"><span style="font-size: 15px;">Sorry this may have already been suggested -- and is in JunOS speak, but you get the idea. (literally cannot speak iOS anymore) -- requires VRRP + BGP to do some tricks.</span></font><div><font face="Calibri"><span style="font-size: 15px;"><br></span></font></div><div><font face="Calibri"><span style="font-size: 15px;">- Use a /29 as the interconnect</span></font></div><div><font face="Calibri"><span style="font-size: 15px;">- Use 2 x CE devices</span></font></div><div><font face="Calibri"><span style="font-size: 15px;">- Use 2 x PE devices<br></span></font><div><font face="Calibri"><span style="font-size: 15px;">- 2 x BGP sessions form each device (4 BGP sessions in total - i.e. full eBGP mesh across the /29 between all physical interface PE1 PE2 to CE1 CE2)</span></font></div><div><font face="Calibri"><span style="font-size: 15px;">- </span></font><span style="font-size: 15px; font-family: Calibri;">Switches in the middle (far end, local end)</span></div><div><font face="Calibri"><span style="font-size: 15px;">- Setup a VRRP on both ends (both CE devices as group 2 at customer end, both PE devices with group 1 on service provider end)</span></font></div><div><span style="font-size: 15px; font-family: Calibri;">- Overwrite net-hop with the respective vrrp address on bgp export both ends.</span></div><div><br></div><div><br></div><div>__________</div><div><br></div><div><div><font face="Calibri"><span style="font-size: 15px;">Customer/CE facing /29 --- </span></font><span style="font-family: Calibri; font-size: 15px;">This is from PE1s perspective:</span></div><div><span style="font-family: Calibri; font-size: 15px;"><br></span></div><div><font face="Calibri"><span style="font-size: 15px;">206.100.204.73 is vrrp</span></font></div><div><font face="Calibri"><span style="font-size: 15px;">206.100.204.74 is physical</span></font></div><div><font face="Calibri"><span style="font-size: 15px;">206.100.204.75 is physical on 2nd PE router (not shown)</span></font></div><div><font face="Calibri"><span style="font-size: 15px;"><br></span></font></div><div><br></div><div><font face="Courier New"><span style="font-size: 14px;">interfaces {</span></font></div><div><font face="Courier New"><span style="font-size: 14px;"> ge-0/0/2 {</span></font></div><div><font face="Courier New"><span style="font-size: 14px;"> unit 0 {</span></font></div><div><font face="Courier New"><span style="font-size: 14px;"> family inet {</span></font></div><div><font face="Courier New"><span style="font-size: 14px;"> address 206.100.204.74/29 {</span></font></div><div><font face="Courier New"><span style="font-size: 14px;"> vrrp-group 1 {</span></font></div><div><font face="Courier New"><span style="font-size: 14px;"> virtual-address 206.100.204.73;</span></font></div><div><font face="Courier New"><span style="font-size: 14px;"> priority 200;</span></font></div><div><font face="Courier New"><span style="font-size: 14px;"> preempt;</span></font></div><div><font face="Courier New"><span style="font-size: 14px;"> accept-data;</span></font></div><div><font face="Courier New"><span style="font-size: 14px;"> }</span></font></div><div><font face="Courier New"><span style="font-size: 14px;"> }</span></font></div><div><font face="Courier New"><span style="font-size: 14px;"> }</span></font></div><div><font face="Courier New"><span style="font-size: 14px;"> }</span></font></div><div><font face="Courier New"><span style="font-size: 14px;"> }</span></font></div></div><div><font face="Courier New"><span style="font-size: 14px;"><div> lo0 {</div><div> unit 0 {</div><div> family inet {</div><div> filter {</div><div> input Routing_Engine_Protection;</div><div> }</div><div> address 1.1.1.1/32;</div><div> }</div><div> }</div><div> }</div><div>}</div><div><br></div><div><br></div></span></font></div><div><font face="Calibri"><span style="font-size: 15px;">eBGP sessions:</span></font></div><div><font face="Calibri"><span style="font-size: 15px;"><br></span></font></div><div><font face="Calibri"><span style="font-size: 15px;">CE device vrrp is 206.100.204.76</span></font></div><div><font face="Calibri"><span style="font-size: 15px;">CE device #1 physical is 206.100.204.77</span></font></div><div><font face="Calibri"><span style="font-size: 15px;">CE device #2 physical is 206.100.204.78</span></font></div><div><font face="Calibri"><span style="font-size: 15px;"><br></span></font></div><div><font face="Calibri"><span style="font-size: 15px;">This is from PE1s perspective: (PE2 not shown) (may be in VRF, may not be if inet.0 traffic)</span></font></div><div><span style="font-family: 'Courier New'; font-size: 14px;"><br></span></div><div><font face="Courier New"><span style="font-size: 14px;"><br></span></font></div><div><font face="Courier New"><span style="font-size: 14px;"><div>protocols {</div><div> bgp {</div><div> group EBGP {</div><div> type external;</div><div> local-address 206.100.204.74; /* my physical */</div><div> hold-time 20;</div><div> export EBGP-EXPORT;</div><div> peer-as 65002;</div><div> local-as 65001;</div><div> neighbor 206.100.204.77; /* CE1 Physical */</div></span></font><div style="font-family: 'Courier New'; font-size: 14px;"> neighbor 206.100.204.78; /* CE2 Physical */</div><div style="font-family: 'Courier New'; font-size: 14px;"> }</div><div style="font-family: 'Courier New'; font-size: 14px;"> }</div><div style="font-family: 'Courier New'; font-size: 14px;">}</div><div style="font-family: 'Courier New'; font-size: 14px;"><br></div><div style="font-family: 'Courier New'; font-size: 14px;"><br></div><div style="font-family: 'Courier New'; font-size: 14px;"><div>policy-options {</div><div> policy-statement EBGP-EXPORT {</div><div> term 1 {</div><div> from {</div><div> route-filter the-routes-you-want-to-send/24 exact;</div><div> }</div><div> then {</div><div> next-hop 206.100.204.73; /* Overwrite BGP next-hop with our vrrp address -- far end CEs do the same with their vrrp address */</div><div> accept;</div><div> }</div><div> }</div><div> term 2 {</div><div> then reject;</div><div> }</div><div> }</div></div><div style="font-family: 'Courier New'; font-size: 14px;">}</div><div style="font-family: 'Courier New'; font-size: 14px;"><br></div><div><font face="Calibri"><span style="font-size: 15px;"><br></span></font></div><div><font face="Calibri"><span style="font-size: 15px;">Hope that helps.</span></font></div><div><font face="Calibri"><span style="font-size: 15px;"><br></span></font></div><div><font face="Calibri"><span style="font-size: 15px;">- CK.</span></font></div><div style="font-family: 'Courier New'; font-size: 14px;"><br></div></div><div><br></div><div><br><div><div>On 25 May 2017, at 8:35 pm, Matt Selbst <<a href="mailto:matt.j.selbst@gmail.com">matt.j.selbst@gmail.com</a>> wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><div dir="ltr">Hi,<div><br></div><div>Hoping for some advice. What is everyone doing for terminating point-to-point Ethernet services like AAPT's e-Line in a high availability environment? Cisco environment.</div><div><br></div><div>With PPPoE, high availability was much easier as you could just have multiple LNS's and failover easily when the client would re-auth. With terminating a VLAN handoff on a /30 or /31 it makes HA much harder. If the customer edge router dies, failover seems pretty hard. VRRP doesn't seem to be an option especially with hundreds of customer sub-interfaces.</div><div><br></div><div>Any ideas?</div><div><br></div><div>-Matt</div><div><br></div></div></blockquote></div></div></div></body></html>