Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ISP redundancy

Looking for redundant access to corp location from the Internet. Have ordered seperate circuit from seperate ISP. Have full class C subnet. Have recieved AS number. Need a little help with the BGP setup. We previously have not used any dynamic routing protocol. Both ISP's have our AS number and we basically want to only recieve static routers to use from each ISP. Here is what I have for the config so far:

enable bgp with AS #

router bgp (AS number)

neightbor (ISP1 address) remote-as (ISP1 AS number)

neighbor (ISP2 address) remote-as (ISP2 AS number)

If I only want to be accessible from either ISP do I need to add more to the config? Possible entries controlling what type of routers I could recieve? If I could be pointed in the right direction with some configuration examples I would appreciate it. In the mean time I will be reading as much as possible about the functions of BGP.



Re: ISP redundancy

I strongly recommend adding access-lists and other security measures to prevent your router(s) from being turned into hackers' toys. Beyond that, there is not enough background information to provide any solid recommendations. For example, you may need to use prefix limits in case you have a small router and one of the ISPs dumps full routing tables onto you. You need to decide what routes you will accept from each ISP and how you will determine which links are useful and which are not. Static routes may work, but that depends upon the type of links in use and how they are configured.

Keep in mind that for communications to work, there must be a working path in both directions (to your corporate site from the Internet and to the Internet from your corporate site). Both directions must work and mechanisms must be configured to provide alternate routes any time a failure occurs.

In addition to the wealth of information here on, there is a brief white paper on my web site describing the range of options for redundant ISP connectivity (see " Multi-Homing--Connecting to Two ISPs", also reprinted in the FAQ). Chapter 8 of my book will walk you through both the security and the BGP aspects of setting up a dual-homed corporate site, although you will want to change the exact configuration to match your firewall and other options.

Good luck and have fun!

Vincent C Jones

CreatePlease login to create content