05-22-2010 01:33 AM - edited 03-06-2019 11:13 AM
Hi All,
I have to enable dynamic routing protocol (pref EIGRP) on my network whcih is working with static routing now. I am attaching the Network Diagram and the details of the requirement.
At each sites I have 2x6509E Core switches, 2 routers and 3 WAN links (Pleaes find the attachment)
Router 1 - Link 1 - MPLS Link from Telco 4Mb
Core Switch01- Link 2 - Private Link on Tunnel Interface
Router 2 - Link 3 - 2 Mb DLL Link from Telco
Now i need to run Dynamic routing protocol (pref EIGRP) from Core Switches. I want to make the Link 1 as the primary route for user range and Link 2 as the back up. Link 1 as the backup for the server ip range and Link 2 as the Primary.
Link 3 as the back up for both servers and users.
Before I start i would like mention one thing that, i have a doubt about the WAN Link 2 (Private Link), that the parent organisation, who is the owner of the private link, is using Eigrp at their huge backbone. If they use Eigrp and they are not willing to perr with my EIGRP, then i may have to change my protocol to some thing other right?
I need to check with them and I will update about this ASAP.
I am breaking down my task in to multiple steps.
Kindly find some time to reveiw this and correct me if i am wrong or i am missing some thing, also help with your inputs.
Task 1) Running EIGRP / OSPF in the Core Switch-1 and 2 at site-1 and then site-2. (All are under same AS or Area 0)
Task 2) Running EIGRP / OSPF in the WAN Router-1 and 2 at site-1 and site-2
Task 3) Redistribute EIGRP / OSPF route in to Telco BGP and Redistribute BGP in to EIGRP / OSPF at WAN Router-1 (4Mb MPLS Link Router) at site-1 and site-2.
(need some help on the redistribution part)
Task 4) I want to give first preference to the 4 Mb MPLS Link, any traffic originating from my user LAN at site-1 going to any where in Site-2 should take the 4 Mb MPLS Link first. And if this fails all traffic should pass to Link2 on Core Switch-1 (Private Link on Tunnel Interface). (need clarity on how to do this task)
(I guess, since it is a redistributed route this will be an external route for the EIGRP / OSPF domain. WAN Link-3 at Router-2 (2Mb DLL Link) is a point-to-point link and chances are there to get prefernce for this route)
Task 5) The WAN Link-2, which is terminated at Core Switch-1 at Site-1 and Core Switch1- at Site-2. As of now, I am using a PBR on the Core switch-1 and pushing all traffic originating from my server ip range (192.168.50.x/24) at site-1 going to server ip range (192.168.100.x/24) at site 2 to this Link.
After implementing the routing I want this link remians as the primary for the server to server communication between site-1 and site-2. Also should work as a backup link incase Link-1 (4Mb MPLS Link) failed. All traffic at that point should flow through this link.
(need clarity on how to do this task)
Task 6) In worst case if both Link 1 (4 Mb MPLS Link in Router-1) and Link-2 (Private Link on Tunnel interface in Core Switch-1) are failed the whole traffic should go to the 3rd Link in WAN Router-2 (2 Mb DLL Link).
(need clarity on how to do this task)
Dear friends, I know that it is a huge list of task and is not easy too, i need your kind help in this, kindly find some time to work with me on this, i need your kind support please.
Apreciate your valuable inputs.
Thanks and regards
Sunny
Message was edited by: Sunny Sam
Message was edited by: Sunny Sam
05-24-2010 05:07 AM
Hi Friends,
I need your kind input on the below-
I have to enable routing from my core switches. Attaching the network setup. The dynamic routing protocol which i would be runnig is EIGRP. I have a 2 Mb dedicated link and 4 Mb link over MPLS. Want to do load balance between the total 6Mb. As of now static routing is conifugred on the core switch and on the router where MPLS is terminated is running static routing only, but in 2 Mb LL router i can see some ospf instance running same time with some static routes also.
Core are configured with HSRP and Routers are also in HSRP to provide redunancy. Config as follows-
MPLS Router-
interface GigabitEthernet0/0
description *** MPLS VPN Link ***
!
interface GigabitEthernet0/0.752
encapsulation dot1Q 752
ip address 172.31.209.110 255.255.255.252
!
interface GigabitEthernet0/1
ip address 192.168.62.1 255.255.255.240
duplex auto
speed auto
media-type rj45
standby 0 ip 192.168.62.3
standby 0 priority 110
standby 0 preempt
standby 0 track GigabitEthernet0/0.752 20
!
router bgp 64730
no synchronization
bgp log-neighbor-changes
network 192.168.0.0 mask 255.255.192.0
network 201.200.200.0
neighbor 172.31.209.109 remote-as 65000
no auto-summary
!
ip forward-protocol nd
ip route 192.168.0.0 255.255.192.0 192.168.62.4
ip route 201.200.200.0 255.255.255.0 192.168.62.4
2Mb LLD Router
interface Multilink1
ip address 192.168.1.33 255.255.255.252
ppp multilink
ppp multilink group 1
!
interface GigabitEthernet0/0
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/1
description *** Link to Core Network ***
ip address 192.168.62.2 255.255.255.240
duplex auto
speed auto
standby 2 ip 192.168.62.3
standby 2 track Serial0/0/0:0 20
!
interface Serial0/0/0:0
no ip address
encapsulation ppp
no fair-queue
ppp multilink
ppp multilink group 1
Hi Sunny,
Check out the policy based routing in cisco switches to use both the links with configuring acl and mapping route maps in switches to select the traffic to whihc link needs to select.
http://www.itsyourip.com/cisco/how-to-setup-ip-policy-based-routing-in-cisco-routerios/
http://www.petri.co.il/how-to-use-cisco-ios-policy-based-routing-features.htm
Hope to Help !!
Ganesh.H
Remember to rate the helpful post
05-24-2010 07:33 AM
If you're going to be using EIGRP, you can use the variance command to load balance between unequal cost links...
http://www.cisco.com/en/US/tech/tk365/technologies_white_paper09186a0080094cb7.shtml#loadbalancing
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a008009437d.shtml
HTH,
John
05-30-2010 01:12 AM
Hi Friends,
Thanks for the update. I have made some changes in the post regarding enabling EIGRP (ignore reading the lines marked in Red, i have decided to postpone this activity for some time).
Before enabling EIGRP I would like to know as per my current configuration (which is there in the post and diagram attached), can i acheive Redundancy?
Kindly need your valuable input.
regards
Sunny
05-30-2010 10:43 PM
Hi Friends,
Thanks for the update. I have made some changes in the post regarding enabling EIGRP (ignore reading the lines marked in Red, i have decided to postpone this activity for some time).
Before enabling EIGRP I would like to know as per my current configuration (which is there in the post and diagram attached), can i acheive Redundancy?
Kindly need your valuable input.
regards
Sunny
Hi Sunny,
Redundacy at which level as you have two core switch with FWSM module and two switches and two different isp routers,so if we conclude we have hardware redudncacy at each leavel now comes the part for logical flow redundancy.
You can achive if the traffic comes from lan to other site first at firewall level making cluster configuration in active/passive mode with inter chassis failover configuration and then traffic will be going two one of the isp router that can be achive by policy based routing configuration for which i have given the link in my previous post.
Check out the below link for active/standby failover configuration in FWSM
http://www.cisco.com/en/US/docs/security/fwsm/fwsm32/configuration/guide/fail_f.html
Hope to Help !!
Ganesh.H
Remember to rate the helpful post
06-06-2010 02:36 AM
Hi Friends,
There is chagne from the customer requirement, so that i changed the content in the main thread.
Kindly have a look at the the main thread please.
Appreciate your valuable input
Thakns and regards
Sunny
06-08-2010 07:40 AM
Hi Friends,
Can any one help in this pleaes?
regards
Sunny
06-15-2010 11:51 AM
Hello Sunny,
if you use eBGP over the primary link as you have noted you will get external routes from the primary link.
OSPF has a strict hierarchy of routes that is built-in. EIGRP uses an higher admin distance (170) for external routes.
if using the same IGP (same protocol same AS number) on the MPLS L3 VPN link is not an option the only way is to have external routes on all links.
To achieve this you can:
use a different EIGRP AS number (this answers also the question of not mixing your EIGRP with that of parent company)
or a different OSPF process-id.
There is also another difficulty to deal with:
the links are connected to different devices of the two sites, specially the third link in red the VPN looks like to be on the opposite side of the FWSMs
Are the blades in use?
All the links should be on the same side or the firewall, if I understand correctly the VPN tunnel is for creating a point to point link over the BIG company intranet.
So all routes have to be external with a clear hiearchy
EIGRP requires 5 values for the seed metric. BGP can use network command instead of mutual redistribution (recommended)
default-metric
on primary link
AS 100 is EIGRP domain in site, AS 200 is used between sites on links #2 (vpn), links#3 (2 Mbps)
router eigrp 100
red bgp 65000 route-map site2_routes
default-metric 100000 10 255 1 1500
! network commands for internal subnets
second link on VPN
two EIGRP processes
router eigrp 100
red eigrp 200 route-map site2_routes
default-metric 5000 500 255 1 1500
router eigrp 200
red eigrp 100 route-map site1_to_site2
default-metric 5000 500 255 1 1500
third link:
router eigrp 100
red eigrp 200 route-map site2_routes
default-metric 500 5000 255 1 1500
router eigrp 200
red eigrp 100 route-map site1_to_site2
default-metric 500 5000 255 1 1500
note:
values may need to be tuned in order to have the correct hierarchy of paths (for the different nodes where the links are connected)
In my opinion with OSPF you could get more control over the links because metric is simpler to calculate
primary link
router ospf 100
red bgp 65000 subnets route-map site2_routes type 1
default-metric 10
secondary link
router ospf 100
red ospf 200 subnets route-map site2_routes type 1
default-metric 1000
tertiary link
router ospf 100
red ospf 200 subnets route-map site2_routes type 1
default-metric 2000
this is easier to understand then EIGRP but the idea is the same
you will still need the PBR to divert server traffic where you want
Hope to help
Giuseppe
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: