I ran into some issues with ripe(european variant of ARIN) getting a /20 IPv4 Assignment. The only way I can get the assignment is to include more offices in our request. The more offices are in there the more valid public IP addresses we can use immidiately. anyhow
I want to create one bgp as domain. On four locations in different continents we want to peer with some prividers using this bgp domain. Those offices are connected by an MPLS cloud. Two of the 4 offices however are only connected to the cloud bij a 512 link. the other two offices have a 8 mb link.
If we now announce the same /20 at all locations, all traffic wil be arbitrarily sent to either one of the four peering routers. If it is sent to one of the low bandwidth offices and the destination is another location the 512 link will be congested. Now I can make the low bandwidth routers less appealing by setting some communities, but this does not solve my problem. Because anytime the lowbandwidth offices make a request for an IP address outside our own /20 it will be sent out the lowbandwidth router but the return traffic will come in at either one of the more appealing routers and be sent again over the internal 512 link to its destination.
This any clear? Probably not ... :(
here is an ascii picture. (o = router)
ISP 1 ISP2 ISP3 ISP4
| | | /
---------------MY AS NUMBER-------------
| | | /
1024 | 4mb | 4mb | 1mb / <- Internet connection
o o o o
512 \ 8mb | 8mb / 512 / <- MPLS Connection
\ | / /
Now all four location advertize the same /20 prefix. I want only internal traffic over the MPLS cloud. Yet I want to be able to utilise the internet traffic of all offices and their DMZ's.
Ist there anything possible to tweak and tune here?
The only thing I could come up with is the advertize four times a /22 instead of one /20. I do not know how all global TIER 1 providers handle such small prefixes though.
Let me see if I have this correct. You have remote offices, all adressed in the same /20, and all connected to an ISP's MPLS network. You want intra office traffic to only traverse the MPLS network. You do not want to internet traffic coming into your AS to enter the 512K circuit. So, if I have this right you can do several things that might get you the behavior you desire.
Most ISP's, might have a problem with you advertising /22's and if they don't they would most surely aggregate this address space when they advertise it out, if possible. If you could do this /22 out each office this might be the best thing but give no redundancy for your inbound internet traffic (i.e. If office 1's internet connection went down office 2 would not get this and be able to send this over the MPLS network.
What might be the best thing is if you could advertise the /20 out of your offices that have the 8Mb link and advertise the /22 (specific to the office with the 512) out the office with the slower circuit, you could also advertise the /20 out of the office with the 512 but prepend a couple AS paths to make it a very unpreferred path for the rest of this address space.
Your ISP might also be able to walk you into implementing/using communities that they may use to enforce certain rules that might help you as well.
Your provider will hopefully allow you to announce your /22s to them with the no-export community. You then MED (set the metric) these prefixes depending on what the speed of that 'office' is. You also continue to announce your /20 with no communities or MEDs on it at all. This is what the rest of the world will hear., the /22s will only exist inside your directly connected ebgp peers/upstream(s). Once the traffic gets to your upstream, if everything is configured properly if should be forwarded in their backbone by way of the /22 routes, and be delivered to the correct 'office'.
Introduction This article will help you understand the steps on how to
download the UCS licenses from the Cisco Systems website and then
installing it on the UCS. The redacted (blue lines) just covers up
certain numbers for privacy please do not take them...
Introduction This article will help you understand and educate the
customer on how to clear their "expired licenses"
(license-graceperiod-expired) from their UCS-M. If a customer just
purchased a license and needs a step by step guide on how to download
==================== VIC FNIC driver does not support Virtual Volumes (
second level LUN ID ) An enhancement request has been created to track
this feature - CSCux64473 UPDATE - 12-14-2016 We made some traction on
the enhancement request - The Fix is in t...