1 of 1 people found this helpful
For question 1 you really want to set up two BGP sessions and peer with the physical addresses of both routers. No need to even run VRRP on that link, just peer with both. Your update-source command only allows you to specify an interface, not an IP. Even if you could somehow configure things to peer with the virtual IP, on failover the standby router wouldn't have TCP session or BGP table populated or local routes advertised and there could be a significant delay getting the TCP session up and routes learned/advertised. Set up peering with both, let them both learn the routes advertised from the PE. Use VRRP on the LAN side to protect against a hardware router failure. Both will always be able to reach the PE and know all routes so failover will be snappy. Use localpref or another BGP metric on the WAN side to mirror the priority on the VRRP LAN side if you're doing stateful inspection, or just let them share.
For question 2 you will need at least a /29 on that link. This also allows for the PE end to have a redundant pair and set up four peering sessions if needed.
From a practical standpoint, the MPLS WAN PE-CE connection is probably to be a much weaker link that the hardware in most deployments. I bet your MPLS provider is only going to give you a single physical connection so you'll be adding a switch between your VRRP pair and the provider's interface which is yet another single point of failure. If you really want it robust, get a second link. Put it in a different conduit so the backhoe has to make two trips. :-)