We have two sites that have the same RFC1918 (10.1.1.0/24) address space. See picture below. Site A 188.8.131.52 communicates to SITE B server 10.1.1.1 but since SITE A has a 10.1.1.0/24 network being routed within in it, we had to implement some NATing to allow communications between Site A 184.108.40.206 and the SITE B server 10.1.1.1.
SITE A (172.16.1.0/24) ------> RTR1 -----> WAN1 ----->RTR3 ------> PIX1 ----->RTR5 -----> SITE B (10.1.1.0/24) ----> Server 10.1.1.1
SITE A (172.16.1.0/24) ------> RTR2 -----> WAN2 ----->RTR4 ------> PIX2 ----->RTR6 -----> SITE B (10.1.1.0/24) ----> Server 10.1.1.1
Note: SITE A also has a 10.1.1.0/24 network being routed within it, which conflicts with SITE B. So... here is what we have implemented today:
1. We are running OSPF in SITE A thru to RTR3/RTR4.
2. On RTR3/RTR4 we have a static route for 192.168.1.1 pointing to their respective PIX1/PIX 2 devices and that static route is propagated thru OSPF to SITE A.
3. On PIX1/PIX2 we hide all SITE B 10.1.1.0/24 addressing from SITE A by static NATing the SITE B server (10.1.1.1) to a 192.168.1.1 address on PIX1/PIX2.
4. On RTR5/RTR6 we have a static route for 172.16.1.0/24 pointing to their respective PIX1/PIX2 devices back to Site A, which the PIXs hide NAT the server address as 220.127.116.11.
We would like to implement EBGP between RTR3-RTR5 and RTR4-RTR6 thru the PIXs so that if we lose WAN1 or WAN2, traffic would be re-routed over the available WAN link versus black-holing today with static routes.
1. The proposal is to EBGP peer between RTR3-RTR5 and RTR4-RTR6, and IBGP between RTR3-RTR4 and RTR5-RTR6
2. We announce SITE A 172.16.1.0/24 via EBGP from RTR3-RTR5 to RTR4/RTR6 respectively thru the PIX firewalls and we do not announce anything from SITE B into SITE A via EBGP. This will allow SITE B to re-route automatically if WAN1 or WAN2 fails when the SITE B server is communicating with a 172.16.1.0/24 address at SITE A
3. In order for a 172.16.1.0/24 address at SITE A to communicate with the 10.1.1.1 server at SITE B, we would continue to route the SITE B server address of 10.1.1.1 as 192.168.1.1 via static routing on RTR3/RTR4 and static NAT via PIXs (mapping 192.168.1.1 to 10.1.1.1). SITE A would re-route if WAN1 or WAN2 failed and the static route for 18.104.22.168 would not be propagated via OSPF to SITE A since a WAN link would be down.
My question: Will this work and is there a better way to do this?