cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
720
Views
0
Helpful
11
Replies

Do I need 4507 or 3750 is OK? iBGP question.

news2010a
Level 3
Level 3

Hi, can you help me with this? Please see attached diagram.

Imagine I need to provide Internet Service Provider redundancy. I have two questions:

1) Is running iBGP and using local preference to determine the preferred route is through ISP1 (and then picking ISP2 in case of ISP1 failure) the best way to address redundancy for this?

2) If the answer for question above is yes, given the number of BGP prefixes on routers, am OK with 3750 switches, or should I be looking into 4507's for this (Given the additional memory capabilities)?

I have the impression that the 4507 is an overkiller, but let me know.

Please advise.

1 Accepted Solution

Accepted Solutions

What I'm suggesting, if you don't already do so, is each 3745 shares it Internet routes with the other. So, if a route is not provided by one provider, that connected router will send to the other router (as it would if the AS path is shorter).

This would work whether you use HSRP or GLBP, the advantage of the latter is in case of tied AS paths. With HSRP, all traffic will exit off the gateway router unless there's a shorter path via the other. With GLBP, you start with a split but only transit via the peer if the path is shorter (or missing).

Besides the "normal" situation of a HSRP/GLBP taking all traffic if the other router fails completely, what you can do if the router is up but the WAN link fails on one, is track it. (You might even be able to track a peering failure of some type with the latest embedded monitor - unsure.) However, even without any tracking, if the router stays up but has no path out via its WAN link, it would redirect all its traffic to the other. (Tracking just tries to avoid this needless hop.)

View solution in original post

11 Replies 11

Edison Ortiz
Hall of Fame
Hall of Fame

Are you taking full routes from the ISP or partial routes?

Full Routes won't work with a 3750 switch, I suggest going with a 7200 Router or a 6500 switch.

HTH,

__

Edison.

Do I need to worry getting full routes on such perimeter switch indicate in the diagram in order to accomplish what I want?

I don't think so, but someone suggested that in order to accomplish such ISP redundancy, I would need at least a 4507. I think that is an overkiller.

If I am not clear in my explanation please let me know.

No, you don't have to take full routes but that's something you need to discuss with the providers.

If you want to implement the 3750, I recommend asking only for the default route from each ISP.

The 3750 was not designed as an edge switch, it was designed to be a wiring closet switch where workstations connect to. That's the reason I'm hesitant to recommend such device.

__

Edison.

That's correct. I understand that the 3750 is designed to be an access layer switch. I want to make sure that I do a proper design on this. The only interesting point is that the 4507, which could be used as an edge switch for this would remain with so many ports unused.

Have you seen how other people have handled such design? I am sure what I am trying to accomplish is pretty common these days. Are folks using 4507's for this?

What I usually see is a router as the WAN Edge device 7200 or a 65xx/76xx Switch device. I'm not familiar with the size of your network so I can't recommend the device that you will trust to be the gateway for all your internal traffic.

You are concerned about routes coming from the internet but you should also be concerned about the traffic leaving your network, which can be huge if you have many sites and devices.

__

Edison.

Joseph W. Doherty
Hall of Fame
Hall of Fame

Who controls the 3745s?

My own network team. It is not a managed service at this point.

Ok, reason I asked, if you control the 3745s, and assuming they do or will have Internet tables, wondering whether you really need to pull Internet routes further.

I realize, BGP routing before that pair would allow the most optimal path selection, but you can come very close to the same by making both 3745s default gateways (could be done within an IGP or via GLBP) and exchange their routes via iBGP. Initially traffic will split (statically) 50/50, but if the one ISP has a shorter path, the traffic will flow from one 3745 to the other. (Same AS hops, traffic will exit the 3745 it initially started with.)

One negative is the traffic now jumps between the two 3745s, when using a better path, but the inside LAN bandwidth isn't usually a limiter compared to the WAN bandwidth.

Using this approach precludes the need for running iBGP, with Internet tables, beyond your WAN routers.

PS:

Also, not sure about all the differences, but if you still want to use a 3750 series with BGP, you might investigate the metro series.

I thought about HSRP between the two 3745s. The problem is that in the case some routes were missing (problem caused at the Internet service provider, for example) the respective router may continue to work as a the active router, right? HSRP probably would work fine if one of the routers completely die (what is rare).

How about GLBP? Let's imagine problems on the Internet or Internet Service provider caused one of the 500K routes to be missing from RouterA (which is the preferred path). Is GBLP going to detect that and let the path failover to RouterB?

If I what I am saying makes no sense let me know.

I played with GLBP in the past but I can't remembber.

What I'm suggesting, if you don't already do so, is each 3745 shares it Internet routes with the other. So, if a route is not provided by one provider, that connected router will send to the other router (as it would if the AS path is shorter).

This would work whether you use HSRP or GLBP, the advantage of the latter is in case of tied AS paths. With HSRP, all traffic will exit off the gateway router unless there's a shorter path via the other. With GLBP, you start with a split but only transit via the peer if the path is shorter (or missing).

Besides the "normal" situation of a HSRP/GLBP taking all traffic if the other router fails completely, what you can do if the router is up but the WAN link fails on one, is track it. (You might even be able to track a peering failure of some type with the latest embedded monitor - unsure.) However, even without any tracking, if the router stays up but has no path out via its WAN link, it would redirect all its traffic to the other. (Tracking just tries to avoid this needless hop.)

Wilson Samuel
Level 7
Level 7

Hi,

After going through your initial diagram and the questions, I would be requesting you to check on the following points:-

1. 4500 are required only when you need to cater different kind of interfaces and or different levels of bandwidth options at the SErvice Line Cards.

2. 3750s are great switches if you need resilience and scalabality because of their Cisco StackWise Technology

I belive that 3560 is a perfecft switch in the case described above.

Hope that helps:

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco