I am on a fact finding mission in regards to becomming dual homed to the internet. I currently have a registered ASN associated with my own Class C address space with my primary provider located at my corporate office. I have a secondary provider at a remote location that we have been using simply for VPN type access but want to expand this to be a redundant link in the event our primary link goes down. The ASN & address space at the remote location is provided by the secondary provider.
The questions I have are regarding two different fronts. The first being what I need to do on the internet side and the second being changes within the core so that traffic can be routed properly when the primary link is down.
In regards to the Internet front, would the best practice be to split my class C and request a second ASN and use that with my registered address space at the secondary location? Do I simply proceed using both my registered ASN / Address and the provider ASN / Address? I posted a note to ARIN inquiring about best practice but they were semi-helpful on that front. I am also thinking that these will basically become load balanced for inbound traffic when I start adding the secondary space into DNS? Is there a way I can load entries so that the secondary paths have a higher cost? My concern here is over subscribing the secondary link as it is smaller than the primary. These are just a few that have come to mind. I am sure there will be more as I work through the design.
In regards to the core, how do I get network status information from my internet router, through my pix and to the core? I use BGP with my ISPs and BGP on my MPLS cloud and EIGRP in the cores of the remote locations for redistribution of my VLANS into the MPLS cloud. I figure can add another EIGRP or RIP to get network status of the internet not sure how to handle the handoff through the pix. Is it simply a pass through or is there more to it? I am thinking that I also need to remove the network 0.0.0.0 that I am injecting into BGP between the MPLS network and the core but at the same time I want to keep all internet traffic going out through corporate unless that path drops and then use the secondary. Once again thinking of some type of high cost mechanism compared to manual changes to handle the internet bound traffic.
I will put together a diagram and attach to hopefully make things clearer. basically I have Internet router connected to pix connected to core 4506. Off the core 4506 are two(2) routers with unique paths to the MPLS cloud. On the remote I have router off the MPLS cloud connected to a 4506. From that 4506 to a pix to the router supporting my secondary internet.
Thanks in advance...