Do I need 4507 or 3750 is OK? iBGP question.

Answered Question
Feb 6th, 2008

Hi, can you help me with this? Please see attached diagram.

Imagine I need to provide Internet Service Provider redundancy. I have two questions:

1) Is running iBGP and using local preference to determine the preferred route is through ISP1 (and then picking ISP2 in case of ISP1 failure) the best way to address redundancy for this?

2) If the answer for question above is yes, given the number of BGP prefixes on routers, am OK with 3750 switches, or should I be looking into 4507's for this (Given the additional memory capabilities)?

I have the impression that the 4507 is an overkiller, but let me know.

Please advise.

I have this problem too.
0 votes
Correct Answer by Joseph W. Doherty about 8 years 9 months ago

What I'm suggesting, if you don't already do so, is each 3745 shares it Internet routes with the other. So, if a route is not provided by one provider, that connected router will send to the other router (as it would if the AS path is shorter).

This would work whether you use HSRP or GLBP, the advantage of the latter is in case of tied AS paths. With HSRP, all traffic will exit off the gateway router unless there's a shorter path via the other. With GLBP, you start with a split but only transit via the peer if the path is shorter (or missing).

Besides the "normal" situation of a HSRP/GLBP taking all traffic if the other router fails completely, what you can do if the router is up but the WAN link fails on one, is track it. (You might even be able to track a peering failure of some type with the latest embedded monitor - unsure.) However, even without any tracking, if the router stays up but has no path out via its WAN link, it would redirect all its traffic to the other. (Tracking just tries to avoid this needless hop.)

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Edison Ortiz Wed, 02/06/2008 - 12:26

Are you taking full routes from the ISP or partial routes?

Full Routes won't work with a 3750 switch, I suggest going with a 7200 Router or a 6500 switch.

HTH,

__

Edison.

news2010a Wed, 02/06/2008 - 12:44

Do I need to worry getting full routes on such perimeter switch indicate in the diagram in order to accomplish what I want?

I don't think so, but someone suggested that in order to accomplish such ISP redundancy, I would need at least a 4507. I think that is an overkiller.

If I am not clear in my explanation please let me know.

Edison Ortiz Wed, 02/06/2008 - 14:35

No, you don't have to take full routes but that's something you need to discuss with the providers.

If you want to implement the 3750, I recommend asking only for the default route from each ISP.

The 3750 was not designed as an edge switch, it was designed to be a wiring closet switch where workstations connect to. That's the reason I'm hesitant to recommend such device.

__

Edison.

news2010a Wed, 02/06/2008 - 14:58

That's correct. I understand that the 3750 is designed to be an access layer switch. I want to make sure that I do a proper design on this. The only interesting point is that the 4507, which could be used as an edge switch for this would remain with so many ports unused.

Have you seen how other people have handled such design? I am sure what I am trying to accomplish is pretty common these days. Are folks using 4507's for this?

Edison Ortiz Wed, 02/06/2008 - 15:16

What I usually see is a router as the WAN Edge device 7200 or a 65xx/76xx Switch device. I'm not familiar with the size of your network so I can't recommend the device that you will trust to be the gateway for all your internal traffic.

You are concerned about routes coming from the internet but you should also be concerned about the traffic leaving your network, which can be huge if you have many sites and devices.

__

Edison.

news2010a Wed, 02/06/2008 - 23:01

My own network team. It is not a managed service at this point.

Joseph W. Doherty Thu, 02/07/2008 - 05:46

Ok, reason I asked, if you control the 3745s, and assuming they do or will have Internet tables, wondering whether you really need to pull Internet routes further.

I realize, BGP routing before that pair would allow the most optimal path selection, but you can come very close to the same by making both 3745s default gateways (could be done within an IGP or via GLBP) and exchange their routes via iBGP. Initially traffic will split (statically) 50/50, but if the one ISP has a shorter path, the traffic will flow from one 3745 to the other. (Same AS hops, traffic will exit the 3745 it initially started with.)

One negative is the traffic now jumps between the two 3745s, when using a better path, but the inside LAN bandwidth isn't usually a limiter compared to the WAN bandwidth.

Using this approach precludes the need for running iBGP, with Internet tables, beyond your WAN routers.

PS:

Also, not sure about all the differences, but if you still want to use a 3750 series with BGP, you might investigate the metro series.

news2010a Thu, 02/07/2008 - 07:52

I thought about HSRP between the two 3745s. The problem is that in the case some routes were missing (problem caused at the Internet service provider, for example) the respective router may continue to work as a the active router, right? HSRP probably would work fine if one of the routers completely die (what is rare).

How about GLBP? Let's imagine problems on the Internet or Internet Service provider caused one of the 500K routes to be missing from RouterA (which is the preferred path). Is GBLP going to detect that and let the path failover to RouterB?

If I what I am saying makes no sense let me know.

I played with GLBP in the past but I can't remembber.

Correct Answer
Joseph W. Doherty Thu, 02/07/2008 - 08:35

What I'm suggesting, if you don't already do so, is each 3745 shares it Internet routes with the other. So, if a route is not provided by one provider, that connected router will send to the other router (as it would if the AS path is shorter).

This would work whether you use HSRP or GLBP, the advantage of the latter is in case of tied AS paths. With HSRP, all traffic will exit off the gateway router unless there's a shorter path via the other. With GLBP, you start with a split but only transit via the peer if the path is shorter (or missing).

Besides the "normal" situation of a HSRP/GLBP taking all traffic if the other router fails completely, what you can do if the router is up but the WAN link fails on one, is track it. (You might even be able to track a peering failure of some type with the latest embedded monitor - unsure.) However, even without any tracking, if the router stays up but has no path out via its WAN link, it would redirect all its traffic to the other. (Tracking just tries to avoid this needless hop.)

Wilson Samuel Thu, 02/07/2008 - 06:23

Hi,

After going through your initial diagram and the questions, I would be requesting you to check on the following points:-

1. 4500 are required only when you need to cater different kind of interfaces and or different levels of bandwidth options at the SErvice Line Cards.

2. 3750s are great switches if you need resilience and scalabality because of their Cisco StackWise Technology

I belive that 3560 is a perfecft switch in the case described above.

Hope that helps:

Actions

This Discussion