Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Internet Consolidation architecture

We have a Network on MPLS backbone with dual service provider.

There are 50 spoke location.

DC and DR location

Topology is hub and spoke with all sites accessing data hosted at primary DC.

ALso in case of disaster all the spoke sites will connect to DR site.

Servers at DR site are on unique IP and failover from DC to DR is taken care by BGP routing intelligence.

Aim is to give controlled internet access to all the spoke sites from DC and incase of failure internet should be available from DR site.

As per our design architecture we are planning to upgrade the last mile bandwidth and MPLS port of all spoke sites and central site MPLS port bandwidth to give integrated access on the same last mile for all the locations.

Both types of traffic private and public will ride on the same MPLS bancbone and come to the primary DC site CE router.

At CE router we will segreggate the traffic meant for datacentre and internet cloud.

We will also deploy firewall and separate internet router and proxy server for the proposed internet connectivity to control the spoke sites traffic.

Is this a good design.

Pls suggest with configuration on how are we going to achiecve this

Also currently we are using BGP between CE-PE --- it should take care of the global routing meant for Internet traffic by flooding default route across all the spoke sites

Pls find the existing architecute attahced.

Any inputs on the same will be appreciated.


New Member

Re: Internet Consolidation architecture

Hi All,

Any suggestions.


New Member

Re: Internet Consolidation architecture

The design looks ok. Some concerns I would recommend you address:

- How exactly is the failover going to work for multiple default gateways in the BGP cloud? Are you going to be able to weight them correctly?

- If you use a proxy server for Internet traffic, how are you going to enable automatic failover to the DR site if the DC site is down?

- If you are going to failover Internet access to the DR site, how are you going to handle failover for inbound service access as different ISP will provide different IP blocks.

Basically most of the problems I see would stem from a design that was trying to failover internet access to 2 sites with seperate ISPs. There can be quite a few issues to deal with when you try that....

New Member

Re: Internet Consolidation architecture


What is the best option for such a scenario.