Internet Gateway design issue

Unanswered Question
Apr 16th, 2009

i have two internet gatways, 7600 router , i want to add two GSR 12410 Gatways ,but i want to utilize the existing two 7600,please find attached and let me know how i can utilise the four gateways instead of replacing the 7600 with GSR and not utilizing then 7600.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
saeedbakh Thu, 04/16/2009 - 07:11

please find attached,please advise the best design to utilise the the current two 7600 and the new GSR 12410 as the Internet Gateways routers.

Giuseppe Larosa Thu, 04/16/2009 - 12:16

Hello Ahmed,

your after.doc design looks like fine

Moving WAN links and eBGP sessions to the two GSRs allow space to grow: you will be able to add more upstream providers in the future.

We have a similar design with only one difference:

we use a full mesh of iBGP sessions without any Route Reflector Server.

The iBGP sessions are terminated on loopbacks and an IGP is used (IS-IS) to advertise them.

Hope to help


saeedbakh Thu, 04/16/2009 - 20:12

Thank you very much,

so we can use four routers as IGW here,

can you provide me with more information about the setup you have, how the BGP connectivity between the four routers and how is the physical connectivity between them.


saeedbakh Fri, 04/17/2009 - 00:18

Can you show me how they are connected to the Core and caches and to the Internet ,and how the BGP been configured between them and the physical connectivity between them,please

Giuseppe Larosa Fri, 04/17/2009 - 07:35

Hello Ahmed,

we have two GSRs and one CRS used as border routers.

each GSR is connected with a point-to-point L3 link to each C7600.

the two C7600 are connected between them with a port-channel.

On all these links we use IS-IS iBGP sessions use loopback addresses as end-points.

We have a full mesh of iBGP sessions: each device has a direct iBGP session with the other four.

All eBGP sessions are on the three border routers.

On the "inside" of the two C7600 there are the FWSM of other multilayer switches.

We haven't web caches but if you need to place them you can put them on a "third leg" of the two C7600 using WCCPv2 this is possible.

Hope to help


saeedbakh Fri, 04/17/2009 - 08:31

Hi ,

what we need to deploy is 4 border routers (2 GSR and 2 7600)running EBGP and IBGP.

in your senario i do not understand how is the three border routers is connected and what is the used from 7600.

can you send me diagram for your setp explaining the physical connectivity and the IBGP and EBGP.Thank you in advance

saeedbakh Sat, 04/18/2009 - 01:59

Hi ,

can you explain more about your senario, you said you have 3 routers as borders routers(two GSR and one CRS) what is the role so of the two 7600.



Giuseppe Larosa Sat, 04/18/2009 - 02:06

Hello Ahmed,

my customer is a broadcasting company the two C7600 act as routers / gateways for the Webfarms connected to different DMZ public networks.

The attempt is to provide optimal routing for return traffic from servers to internet users.

So the two C7600 receive from each GSR the BGP full table (from the point of view of the GSR node) and makes a best path decision.

Your scenario can be different and you may think of removing BGP on your C7600 nodes if you have a direct link between the two GSRs as in picture after.doc

In that case the two GSRs need to inject a default route towards the two C7600.

Hope to help


saeedbakh Sat, 04/18/2009 - 02:10

Hi ,

the customer is ISP in telecom company

there are many uplinks that we want to distribute them on the foure routers (two GSR and two 7600),so i want to know the best way to utilize the four.



Giuseppe Larosa Sun, 04/19/2009 - 03:58

Hello Ahmed,

there are multiple possible solutions.

You want to have eBGP sessions on all 4 devices.

Let's suppose you are going to connect to the internal network via the two C7600.

I would use two backbone vlans

bbone1 defined on C7600_1 only and used to interconnect C7600_1 and GSR1 and GSR2.

bbone2 defined on C7600_2 only and used to interconnect C7600_2, GSR1 and GSR2.

on these vlans ip subnets you can run OSPF or IS-IS to propagate knowledge of loopback addresses.

a full mesh of iBGP is configured using the loopback addresses.

Each device knows the best paths of each other one (only the best path is propagated in BGP advertisements).

The two C7600 have one additional vlan in common where they connect to the internal network.

You can use local-preference to select the preferred exit point towards a destination route this info is propagated to all 4 devices on iBGP updates.

Hope to help



This Discussion