Looking for redundant access to corp location from the Internet. Have ordered seperate circuit from seperate ISP. Have full class C subnet. Have recieved AS number. Need a little help with the BGP setup. We previously have not used any dynamic routing protocol. Both ISP's have our AS number and we basically want to only recieve static routers to use from each ISP. Here is what I have for the config so far:
enable bgp with AS #
router bgp (AS number)
neightbor (ISP1 address) remote-as (ISP1 AS number)
neighbor (ISP2 address) remote-as (ISP2 AS number)
If I only want to be accessible from either ISP do I need to add more to the config? Possible entries controlling what type of routers I could recieve? If I could be pointed in the right direction with some configuration examples I would appreciate it. In the mean time I will be reading as much as possible about the functions of BGP.
I strongly recommend adding access-lists and other security measures to prevent your router(s) from being turned into hackers' toys. Beyond that, there is not enough background information to provide any solid recommendations. For example, you may need to use prefix limits in case you have a small router and one of the ISPs dumps full routing tables onto you. You need to decide what routes you will accept from each ISP and how you will determine which links are useful and which are not. Static routes may work, but that depends upon the type of links in use and how they are configured.
Keep in mind that for communications to work, there must be a working path in both directions (to your corporate site from the Internet and to the Internet from your corporate site). Both directions must work and mechanisms must be configured to provide alternate routes any time a failure occurs.
In addition to the wealth of information here on www.cisco.com, there is a brief white paper on my web site describing the range of options for redundant ISP connectivity (see " Multi-Homing--Connecting to Two ISPs", also reprinted in the comp.dcom.sys.cisco FAQ). Chapter 8 of my book will walk you through both the security and the BGP aspects of setting up a dual-homed corporate site, although you will want to change the exact configuration to match your firewall and other options.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...