I have two separate Internet connections through two different providers connected via two separate routers. My Internet mail and Web IP addresses are provided by provider A. I want to ensure that redundant access to my email and Website are provided via provider B in the event that my WAN connection to provider A goes offline. I am using HSRP to provide redundancy for outbound traffic from my LAN. I assume I must apply for a public AS#. Or, can I borrow/lease one from one of my providers? Also, can anyone help me with the bgp configuration on my (C2611/2620) border routers? Do I want default routes only from my service providers? Do I need to set local preferences on my border routers given that I am using HSRP internally? Lots of questions. Any assistance would be greatly appreciated. And any reference materials you could suggest would also be greatly appreciated.
Solve the HSRP (inside users finding the gateway to the internet) challenge independent of the BGP (gateway routers finding a path to the ISP) challenge. Also make sure you solve the BGP routing challenge in both directions (from the Internet and to the Internet).
Yes you will need BGP for web services (mail could be handled by multiple MX records in DNS). Note that even with BGP, your site can go down for over a minute any time a link goes down as it can take time for link problems to get detected and new routes propagated.
Defaults routes will do the job. If your ISPs support them, I prefer conditional default routes so I can route around problems inside the ISP. Keep in mind that using redundancy to improve availability can be at odds with using redundancy for higher bandwidth. There is more on this topic (and others) in chapter 8 of my book, High Availability Networking with Cisco. See my web site for more on the book and example listings from the book.
As I said, I am trying to provide redundancy to my network from two separate ISP's on two separate routers. The HSRP config is not really an issue, but I'm a relative novice to bgp. I think I understand the basic bgp configuration tasks, but I'm grappling with some of the more subtle configuration issues.
These are Cisco 2600 routers and I don't want to burden them too much with BGP-related tasks. I want to limit the bgp routing updates to only those necessary to provide the redundancy I need. I want to be able to force the primary path for inbound traffic through ISP-A (who owns my email and web server IP addresses) and reroute through ISP-B if needed. I also want to prevent my network from being used as a transit network for other Internet traffic.
Below is a copy of my bgp configs. I need to confirm my configurations for route filtering. etc. Router A and Router B share a common Ethernet segment (18.104.22.168/27) internally.
If you are using 2600's I may be tempted (heavily) to only accept default routes from the providers and set a higher preference on the link you want to use for outbound traffic (or leave preference equal and let HSRP or MHSRP decide).
You can't force another AS to use one link over another, you can only influence them (their policy will override what you try to do, so it pays to cooperate and be friendly). Also, with prepending I would add more than one instance of your AS.
You should add default static routes with lowest admin weight towards ISP1 and higher on ISP2 as well. or Talk to your ISP to advertise default static routes to you and than apply preference to select the one through ISP1.
HSRP is just fine and have to do nothing with external world . moreover you can tag serial interface to some value in HSRP , when the link will be down decrement the priority by some value for the primary .
I guess you don't need public AS , Talk to your ISPs they will provide you a solution . they can strip private AS while advertising your networks to NAP or other ISPs.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...