I will be implementing EIGRP on a network shortly and just wanted to clarify a few queries that I have.
The network comprises of three sites, two of which belong to the one company, with the third site being a third party that this company needs to access resources from.
At the head office, there is a 3550-12T switch which acts as the default router for all devices at the head office. There is a 2500 router being used for Internet access for both sites which is located at the head office site.
There is an 801 router which is used for a 64K ISDN connection to the second site of this company and a 64K ISDN connection to the third party organisation for access to required resources.
At the remote site, there is an 801 router with a 64K ISDN connection back to the head office 801 and a 64K ISDN connection to the third party organisation for access to required resources.
Being added to this current setup will be a 2651XM router at the two sites for a 128K ISDN connection from head office to the remote office. This will become the primary link.
The plan is to configure EIGRP on this network. By configuring EIGRP, traffic between head office and the remote office should traverse the 128K ISDN link. I plan to configure static routes on the existing 801 routers to point to the third party organisation and to redistribute these routes into EIGRP. EIGRP will not be configured on the third party organisation's router.
I also plan to configure a gateway of last resort on the 3550-12T pointing to the Internet router which will also be redistributed into EIGRP.
My queries are the following:
Is there any possible negative impact of configuring redistributed static routes on the two 801 routers pointing to the third party router?
Will all traffic between the head office and the remote office traverse the 128K ISDN link once EIGRP is configured or will there be some form of load balancing occurring with the 64K ISDN link?
Static routes are the most secure form of advertising routes. So that should be fine. You can also run EIGRP between the 3rd party site and your HO, but you will have to implement Router Filters at the HO, to filter routes being distributed to the 3rd party site.
If you use EIGRP on the 3rd party link, then its better to have some sort of authentication (md5) enabled between the routers, for additional security.
Since both ISDN links are terminating on different routers, probably the best thing to do would be configure HSRP on the lan, and make the 2651 the Active router and the 801 the standby.
So, you have three routers at the "head office," something like this:
And you adding a link in parallel to the two 801's thorugh another set of routers, a pair of 2651XM's, correct? I would just run routing, EIGRP, on all the routers, and then use a static to reach the other company, with that static being redistributed into your EIGRP process. I would not run EIGRP with this other company, since you then open yourself to all sorts of stuff--you'll have to configure filtering, and do other things, and you could still end up with problems in your network because they flap a link constantly, for instance.
I don't think I'd worry about HSRP at the head office, since you will be setting all of your default gateway's to the 3550, and then routing back to the 801 and 2650 to get out to the remote site, I think (based on what you've described thus far). You might want to put the 801 and 2650 on a different segment, and use unequal cost load sharing across the two links, so that the hosts/servers at the head office and the 801/2650 are not on the same segment, if this makes sense.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...