lost on WAN setup

Unanswered Question
Feb 5th, 2008
User Badges:

Hi guys,


I have some changes on my network and i am trying to figure out a way to get it work. but I must say i am a bit lost.


I was given this requirements:


1) connect to 2 MPLS providers

2) Traffic that doesnt require to be NATed is send out the MPLS router, those required to be NATed is send via NAT router.

3) when one MPLS provider down, the traffic should be automatically routed to the second MPLS provider.

4) load sharing on both MPLS link.

5) all traffic must pass through the Riverbed optimizer.


The MPLS router will run BGP. All sites are isolated network, SiteA will link to mpls1, siteB will link to mpls2. The GRE tunnel is meant to connect sites that are using conflicting IP addresses with the rest of the sites but not among themselves.


I have done some reading but I am not sure if this is going to work. Attached is the diagram of the setup. I would appreciate any comments and if possible, pointing me to the right info to get this network running.


Thank you,

ryghnes





  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
paolo bevilacqua Wed, 02/06/2008 - 14:35
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

Hi,


Honestly the task you've been given is at level of a CCIE routing, or someone with equivalent experience. Both figures would probably need a fair amount of studying and testing to get it right in all aspects.


I would consider hiring a reputable professional for your design.


RAJINDER UPPAL Wed, 02/06/2008 - 14:50
User Badges:

1. Looks like you are already connected to the two MPLS providers.

2. You need to configure a policy map to match an acl for interesting traffic for NAT. This means configure an access list that matches traffic that is to be natted. Then apply this to a policy to a route map that point that traffic to the NAT router with a cost of 10.

3. If you are running an IGP between Site A and Site B 3845 routers, ensure that the "default information originate" is configured on both routers.

4. You cant load share across two routers as in this design. You would need a device that has a physical connection to router A and B and can use dCEF to load share on links. You can use technologies such as dCEF, dMLPP to load share, but you can only load share acorss links on the same physical box.

5. If you have your default route is pointing to the river bed devices above your 3845's you should be fine.


Also I would need the configuration of the 3845's to be able to give you more info.


Dr. Rajinder Uppal


Actions

This Discussion