Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

L2 or L3 interlink and BGP

Hi - In diagram below would you use or not use IBGP between links from R1-R2 and from R3-R4 and should the link between R1-R2 or R3-R4 be L2 trunk link with VLAN on it for firewall failover and-or using IBGP between SVI. Tx

3 REPLIES
New Member

L2 or L3 interlink and BGP

I would use iBGP between R1 and R2 and between R3 and R4. Make sure you do not use MD5 password for your eBGP as firewall clears TCP options which is the way MD5 password are sent between eBGP speakers. Whether it should be L2 and L3 between the routers to talk iBGP, depends on how you want, if R1/R2 or R3/R4 are acting as core switches (hint: 6500 devices) then use L2 and run iBGP over a VLAN if they are pure routers, then use L3.

New Member

L2 or L3 interlink and BGP

Tx. Can u give details on why you would use IBGP and the reason for it. What is advantage or disadvantage. With regards to L2/L3 if firewall is active/backup than would it not be requirement to use L2 for interlink and SVI for link to firewall.

New Member

L2 or L3 interlink and BGP

I am sorry, I do not understand the question. Are you asking as to why you would run iBGP? You need to run iBGP along with eBGP to use BGP effectivily, redistributing BGP into IGP (inlcuding static) is something you don't know unless you really really know what you are doing and is generally frowned up. How do you plan to advertise any network to other eBGP speakers, redistributing again from IGP to BGP, generally redistribution between BGP and IGP is frowned unless there is network brokenness or MPLS. Running BGP between routers that are in same AS and not running iBGP is something I have never seen anybody do. WRT to firewalls If I were you, I would redesign the network with R1 - R4 in one single IGP and firewall at the access/distribution level not on the edge, unless either R1, R2 combo or R3,R4 combo is a provider. If you use Firewall between eBGP speakers, firewalls will KILL connections if there is assymetric routing involved which is common on the Internet and on any provider networks for that matter any network that runs BGP. Understand the ramifications of having edge firewall between BGP speakers be in iBGP or eBGP.

436
Views
0
Helpful
3
Replies