Multihomed Network on MPLS cloud

Unanswered Question
Jun 7th, 2007

Hi,

We have a Hub and Spoke MPLS network with SAP and Email application hosted in IDC.

At remote site we have dual links from different service provider.

Aim is to access the SAP traffic from one link with backup on the other link in case of primary link failure.

Also Email should run from other service provider with backup on the first service provider in case second service provider fails.

How can we achieve this using BGP between CE-PE.

Secondly at few locations we have only few network users approx -10 Nos and we want some users to go out from service provider 1 and the rest on the other service provider with backup on service provider available on given point of time in case either service provider link fails at the remote site.

Pls suggest.

Rgds

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
laurie.pershall Thu, 07/05/2007 - 10:36

Hi,

If your applications reside on granularly-scoped subnets (eg, /24 for email, /24 for SAP), you can use BGP metrics to influence routing policy at the edge and core locations, resulting in your desired traffic engineering situation, as well as allowing for fault tolerance of one provider.

If your applications reside on a single mixed subnet, you can still do the above, but you'll have to do some less than desirable things like announcing specific /32s relative to each individual server to acomplish the desired functionality.

For the BGP metrics influencing, you will most likely want to use a transitive metric that will be preserved all the way to the edge sites for each BGP announcement; eg, communities. By using a community based structure, you can "tag" a NLRI with a specific community that will result in a desired action via a route-map clause (local preference, as path prepend, etc).

Something you will want to consider is the return path from the datacenter back to the clients that will be accessing the SAP and email server resources. Your routers at your datacenter that interface into your MPLS providers will only know of clients from an IP prefix perspective, with no discrimination of whether they are using SAP or email resources. You COULD use PBR (policy based routing) to achieve symmetrical routing, however I do not recommend that.

joshgluck Mon, 02/04/2008 - 06:08

Hi Laurie,

Great reply. Caused me to have a few questions of my own:

What is your suggestion for handling the return traffic if not PBR to assure symetric data paths for each application? Put another way, does it really matter? Since they are running an MPLS environment my assumption would be that the traffic taking either provider would be the same AS distance away from PE-CE routers and that the only possible cause for issue would be the underlying provider network maintaining similar latency, especially during times of maintenance or disruptive incident.

Is ensuring symmetrical routing on a per site basis required or desired when both paths "look" the same even if they are different providers? Of course you would want to ensure that you are not using all of one provider and none of the other for all of the outbound traffic from the IDC but would it be better to load share the return traffic by dividing the addressable space in two and sending half out one and half out the other?

Also, could you allow BGP to accept more than one route to a destination allowing for load sharing?

thanks!

Actions

This Discussion