Wan,VPN, Multiple Routes

Unanswered Question
Oct 25th, 2009
User Badges:

This, I guess, is a basic design question. I have a T1 between my main location and a remote location. I also have Internet connections at both locations with firewalls. Both locations have routers behind the firewalls that interface the T1 and the Internet (via the firewalls).


My question is: what is the best way to send all traffic over the VPN connection until that is not available and then switch to the T1? Will OSPF make those descisions, should I be testing the connection with something like RTR, should I be using MPLS?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (3 ratings)
Loading.
Edison Ortiz Sun, 10/25/2009 - 16:22
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

James,


I recommend using a dynamic routing protocol such as OSPF. You will need a GRE tunnel to carry the OSPF and on the tunnel you can apply an OSPF cost lower than the T1's, so it can be preferred.


Regards


Edison.

jgadbois Sun, 10/25/2009 - 16:30
User Badges:

Edison,


Great post! You wouldn't know of a config example for me to look at, would you? I'm currently using OSPF in the network. Would this work if the Internet goes down?

Edison Ortiz Sun, 10/25/2009 - 17:10
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

James,


if you build the GRE tunnel at each end with the source and destination being the IP address used for the internet, then the GRE tunnel will go down hence the OSPF adjancency.


Once the OSPF adjancency via the tunnel goes down, the router will only have one path left - the T1.


Here is a sample config with GRE protected tunnel with OSPF.


The T1 is not part of this sample but having the T1 interface with a higher OSPF cost - it's all you need.



Regards,


Edison.




jgadbois Sun, 10/25/2009 - 18:33
User Badges:

Edison,


Thanks for your reply. I didn't get the sample. Can you resend?

jgadbois Mon, 10/26/2009 - 08:58
User Badges:

Edison,


Thanks again for your help! I going to start working on this right now. Again, thanks!

Amin Shaikh Mon, 10/26/2009 - 09:26
User Badges:

Hi Edison, I have question on the same topic but with some addition.


I have gone through the link but still get how to overcome on this scenario.


Site_A-----------Site_B


I have IPSEC over GRE between Site_A and Site_B, in all there are 3 Tunnels between them.


Site_A has only one Service Provider

Site_B has Three Service Provider, each Tunnel going to Site_A is with different Service Provider.


Tunnel #1 works great when other tunnels are manually shutdown and it has static entry pointing to remote public IP.


Tunnel #2 doesnt work even if other tunnels are down ; same with Tunnel#3


I wanted to make all tunnels workings and have load balancing or let tunnel work in redunduncy scenario.

Actions

This Discussion