implement a second DS3 to DR for replication traffic only

Unanswered Question
Jun 28th, 2008

I have a DS3 circuit to our DR site that currently carries our Voice and data traffic to DR along with our replication traffic.

The voice is bridged to DR, but the data and replication is routed via BGP, then distributed into OSPF locally at each site.

I would like to add a second DS3 to give the replication traffic it's own link to the DR site.

This would mean I would have two seperate routed connections to DR.

What would be the best way to ensure the replication traffic uses the new DS3 and everything else uses the other DS3?

Since I am distributing BGP into OSPF, would it be best to use PBR, or utilize BGP to make these decisions?

Also, I would like to have everything use one link or the other if one of them fails.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Giuseppe Larosa Sun, 06/29/2008 - 01:31

Hello Wilson,

PBR is a good choice to achieve what you want.

Using an extended ACL in the PBR route-map you can define exactly the replication traffic as the only streams that will be sent over the second DS3.

In order to be sure that all other traffic will use the first link you can use two BGP sessions using the physical ip addresses of the two DS3. You will provide a non zero weight to the primary link with the neighbor x.x.x.x weight 500 command so that you have all prefixes installed from neighbor x.x.x.x and backup advertisements via y.y.y.y in the BGP table ready to be used if primary link fails.

If the replication traffic can be characterized as between subnet A1 on site 1 and subnet A2 on DR site you can play with BGP to have these two prefixes installed via the second bgp session via the second DS3 circuit.

You can use a route-map where you selectively increase the weight of prefix A1 to 1000.

access-list 22 permit

route-map replication-traffic permit 10

match ip address 22

set weight 1000

route-map replication-traffic permit 20

the empty second block is to avoid to filter all other prefixes for redundancy purposes

in the router bgp process

neighbor x.x.x.x weight 500

neighbor y.y.y.y route-map replication-traffic in

these must be done on both sides with the correct definition of the A1 prefix(es).

In this way you don't use PBR but every traffic between the subnets is sent via the second DS3.

hope to help



This Discussion