HSRP with 2 routers and 4 ISPs (and possibly VPN)

Unanswered Question
May 12th, 2010
User Badges:

Hi there,


Here it comes a difficult one. We have 4 dedicated links at each site, each link with different ISP. All ISP routers are under their management so we don't have access. What we were thinking to install 2 additional routers configured with HSRP and each one connected to 2 ISPs, how would that work? The active router would track routes through each ISP connected to it and should both ISPs be down the standaby router would take over with another 2 ISPs? Would each HSRP router be able to load sharing between 2 ISPs connected to it?


To be honest it seems a little bit complicated. Are there any other solutions then that? How about one big router with 4 WAN adn 1 LAN links? I guess with one router apart from WAN redundancy we could also do load-sharing correct? But here we have single point of failure...


Now most difficult part, what VPN technology we could go for to configure VPN resiliency on all 4 ISP links? Would DMVPN or GETVPN work here?


Thanks a lot for any thoughts on that.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
andrew.prince@m... Wed, 05/12/2010 - 08:49
User Badges:
  • Green, 3000 points or more

You are not 100% clear you state


"We have 4 dedicated links at each site, each link with different ISP" This indicates 4 seperate sites?


"What we were thinking to install 2 additional routers configured with  HSRP and each one connected to 2 ISPs, how would that work?" Why 2 routers, if all you want is ISP redundancy - install 1 router?


"Would each HSRP router be able to load sharing between 2 ISPs connected  to it?" HSRP is a dynamic failover protocol - not load balancing. GLBP is better suited


" How about one big router with 4 WAN adn 1 LAN  links? I guess with one router apart from WAN redundancy we could also  do load-sharing correct? But here we have single point of failure"  Install 4 seperate routers - however that breeds it's own problems!


"Now most difficult part, what VPN technology we could go for to  configure VPN resiliency on all 4 ISP links? Would DMVPN or GETVPN work  here" Is DMVPN for remote site VPN connectivity? GETVPN - is this for Client Remote access?

remi-reszka Wed, 05/12/2010 - 09:16
User Badges:

Hi Andrew and thanks for response.


We have several sites and 4 ISPs at each site. I know it sounds crazy but the owner wants to accomplish 99.999. One router is an option but again a risk of single point of failure arises. 4 routers to much expense and more complicated setup, 2 routers still an option. VPN will be site-to-site only, I mean sites to HQ, in the future could be inter-site like DMVPN.


Say we go for one router with 4 WAN connections and 1 LAN, what VPN technology could we employ here with use of all 4 ISPs at each site to provide VPN redundancy?

andrew.prince@m... Thu, 05/13/2010 - 02:05
User Badges:
  • Green, 3000 points or more

The biggest issue with whatever you decied is going to be IP addressing. Failover, L2L & RVPN's etc all depend on src/dst

What is the current IP scheme with the providers? Do you have a ASN? A dedicated IP range say class C ??

Actions

This Discussion