Need Help on Multihoming & redundancy configuration

Unanswered Question
Jan 18th, 2008
User Badges:

Single Site:


1. Two internet routers :

Router1 : 10Meg Internet line-->

router managed by ISP1. BGP neighbor

configured for upstream ISP1 rtr.

Router2 : 2Meg Internet linee --->

Router managed by cleint. BGP

neighbor with upstream ISP2. But

using default route to go to internet

(not advertising ISP2s own /27 Ips

assigned to client via BGP using

network statement)


2. RTR1 and RTR2 inside interface (assigned with public ips) connects to a

public switch(3560) to two

different VLAN ports (vlan2 & vlan3).


3. No routing configured between VLAN2 &

VLAN3.


4. The 'traceroute ' from RTR2--->RTR1

goes via Internet.

5. There is NO bgp relation existing

between RTR1 & RTR2

6. Another 2 ports on the same public switch connects to a PIX external & ASA external interface and PIX port is vlan2 & ASA port in Vlan3.


7. PIX is using RTR2 inside interface as gateway and ASA using RTR1 inside interface.


8. Inside interfaces for PIX & ASA connects to 3750 inside cleint Network on the default Vlan (#1).


9.To the Internal 3750 switch connects Internal core router (2811) whose default gateway is: Inside Interface for the ASA. ( users will hit ASA to go online).


10. Both PIX & ASA also have VPN tunnel to remote location.


Now, is there any way I can configure automatic failover between 2ISPs..? No need for load sharing. Primary/back is fine.

And if possible is there a way to make VPN also works during one link fails..?


Please suggest.

Thank you in advance.


MS

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
ebreniz Thu, 01/24/2008 - 11:32
User Badges:
  • Silver, 250 points or more

The most preferred method for BGP redundancy is the AS-Path prepend. You are correct in stating that ISP's can strip off the prepemds, but that is also part of the gamble. From what I have seen, most do not.


Another option is MED, which advertised a specific metric for the prefix to the ISP. In order to use MED, the ISP has to be willing to accept that metric. The following link will explain more:


http://www.cisco.com/warp/public/459/37.html


http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a008009456d.shtml


Actions

This Discussion