SRX

Hi All,

Been using BFD very successfully for a while with SRX devices in customer premises with failover to DSL etc, but need to add additional redundancy on our end in terms of routers... normally i'd throw in VRRP but as we're already using BFD to detect static route failure if you were to add another router in to the mix would you use VRRP or just add another static route...

eg.. going from...

CPE ------------Eth-----------Our Router A (BFD for detection of circuit down)

       \------------Dsl----------DSL Provider

/* Ethernet - Router A */

set routing-options static route 0.0.0.0/0 qualified-next-hop 1.1.1.1 preference 100 
set routing-options static route 0.0.0.0/0 qualified-next-hop 1.1.1.1 bfd-liveness-detection minimum-interval 300
set routing-options static route 0.0.0.0/0 qualified-next-hop 1.1.1.1 bfd-liveness-detection multiplier 3
set routing-options static route 0.0.0.0/0 qualified-next-hop 1.1.1.1 bfd-liveness-detection neighbor 1.1.1.2
set routing-options static route 0.0.0.0/0 qualified-next-hop 1.1.1.1 bfd-liveness-detection local-address 1.1.1.3

/* DSL */
set routing-options static route 0.0.0.0/0 qualified-next-hop 2.2.2.2 preference 200 
set routing-options static route 0.0.0.0/0 metric 0

This works well and we fail over to DSL as expected if the ethernet link is down.

...to:

CPE ----------Eth-----------/----Router A

     \                            \----Router B

      \

       \----------Dsl------------DSL Provider

I'm toying with 

/* Ethernet - Router A */

set routing-options static route 0.0.0.0/0 qualified-next-hop 1.1.1.1 preference 100 
set routing-options static route 0.0.0.0/0 qualified-next-hop 1.1.1.1 bfd-liveness-detection minimum-interval 300
set routing-options static route 0.0.0.0/0 qualified-next-hop 1.1.1.1 bfd-liveness-detection multiplier 3
set routing-options static route 0.0.0.0/0 qualified-next-hop 1.1.1.1 bfd-liveness-detection neighbor 1.1.1.1
set routing-options static route 0.0.0.0/0 qualified-next-hop 1.1.1.1 bfd-liveness-detection local-address 1.1.1.3

/* Ethernet - Router B */

set routing-options static route 0.0.0.0/0 qualified-next-hop 1.1.1.2 preference 150 
set routing-options static route 0.0.0.0/0 qualified-next-hop 1.1.1.2 bfd-liveness-detection minimum-interval 300
set routing-options static route 0.0.0.0/0 qualified-next-hop 1.1.1.2 bfd-liveness-detection multiplier 3
set routing-options static route 0.0.0.0/0 qualified-next-hop 1.1.1.2 bfd-liveness-detection neighbor 1.1.1.2
set routing-options static route 0.0.0.0/0 qualified-next-hop 1.1.1.2 bfd-liveness-detection local-address 1.1.1.3

/* DSL */

set routing-options static route 0.0.0.0/0 qualified-next-hop 2.2.2.2 preference 200 
set routing-options static route 0.0.0.0/0 metric 0

Is this the best way of doing it? Or would you use VRRP?  I'm a bit unsure as to how stable this sort of configuration would be.  Thank you in advance.

Hi

BFD is Layer 3 protocol while VRRP uses Layer 2 (virtual MAC, etc.)
Layer 3 is generally preferred so I would go with BFD as you do.

Also, if you include VRRP between Routers A and B you will still

need some mechanism to track the availability of VIP address from
CPE, so you will likely need BFD again.

Hello there.

VRRP through 2 providers won't work for 2 reasons:

1/ VRRP uses link-layer muticast dst.IP 224.0.0.18 which needs inter-AS L2 since inter-AS IPv4 multicast does NOT normally signal multicast group memberhip for link-layer IPv4 multicast 224.0.0.0/24

2/ VRRP packets with TTL < 255 are discarded as per RFC which also implies inter-AS L2

Please use BFD as suggested by yourself.

And You certainly don't want to be involved into provider-owned IPv4 prefix space discussion, trust me 🙂

HTH

Thanks

Alex

Hi All,

We went with BFD for this and it's working as desired.

aarseniev: Thanks for the reply but there was never an intention to use VRRP in that way... the VRRP was simply for two of our routers.. eg so that we could take either down for maintenance / updates etc and the customer wouldn't stay connected.

Thanks for the replies 🙂