Network Design:

Unanswered Question
Apr 30th, 2009
User Badges:

How should i configure the following network so that all traffic uses the primary router (2821-A). The backup

router (2821-B) should be only used if the primary router or circuit is down.





Network requirements:


Two 6509 core switches running HSRP for all SVI on the customer LAN.


All WAN traffic to use the primary BGP router (2821-A).


All devices need to have a management IP address on the 2.153.83.0/24 subnet.




6509-A


interface Vlan83

description "Server Side Network Vlan 83"

ip address 2.153.83.2 255.255.255.0

ip helper-address 2.153.20.25

no ip redirects

no ip proxy-arp

standby 83 ip 2.153.83.1

standby 83 priority 105

standby 83 preempt

standby 83 authentication C1sc0




6509-B


interface Vlan83

description "Server Side Network Vlan 83"

ip address 2.153.83.3 255.255.255.0

ip helper-address 2.153.20.25

no ip redirects

no ip proxy-arp

standby 83 ip 2.153.83.1

standby 83 priority 105

standby 83 preempt

standby 83 authentication C1sc0



Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Giuseppe Larosa Fri, 05/01/2009 - 04:10
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Colm,

I hope you are well.


Looking at your network diagram:


this customer wants to use eBGP multihoming.


the two routers are connected to different ISPs as I see different AS numbers.


First of all, I would use an IGP among the two C6509 and the two 2821.

I would use OSPF because it is possible to use a route-map to conditionate the generation of a default route.


in normal conditions RA generates a default route of type O E1 with a lower metric so that both 6500 agree on using it as exit point.


RA


router ospf 10

! or other network used between the 4

network 2.153.83.0 0.0.0.255 area 0

! point to point with 6509-A if used

network x.x.x.y 0.0.0.0 area 0

default-information originate type 1 route-map check-bgp


prefix-list only-default permit 0.0.0.0/0

access-list 11 permit host primary-ebgp-peer-address


route-map check-bgp permit 10

! check the presence of a BGP default

match ip address prefix only-default

! check default route BGP next-hop

match ip next-hop 11

set metric 50



on RB everything similar but with a bigger seed metric like 100 so that to compensate for OSPF cost of links between the two 6500.


I've used this design successfully and it is effective: if the eBGP 0.0.0.0/0 disappears the router RA stops to send 0.0.0.0/0 in OSPF.


the two C6500 can use HSRP with object tracking to track ebgp peer reachability on C6500-A.



About BGP:


being two different ISPs you can try to use AS path prepending on the secondary as a way to influence return path.


Other possible approach if your customer owns a /23 prefix:

advertise a /24 (or two /24) out primary link

advertise a single /23 out secondary link

this can be combined with AS path prepending.


most specific route is used.


if the whole block is a /24 this approach is not viable most ISPs filter prefixes more specific then /24.


Hope to help

Giuseppe


colmgrier Thu, 08/06/2009 - 11:51
User Badges:

Hi Giuseppe,


Thanks for the detailed reply.


As the customer is running eigrp between the two router and core switches, is it possible to increase the delay on core SW2 so the primary routers has a lower metric.

Actions

This Discussion