I want to introduce internet circuit redundancy on my customer edge internet routers only.
I'm not interested in receiving all routes on my internet edge routers just the default route.
I would like to make one of the Internet circuits as the primary and the other as the secondary.
I host email, web, and some other internet facing applications.
I would like to know what kind of configuration is required to utilize ISP A as the primary and ISP B as the secondary and roll the public IP addresses of ISP A to ISP B so the firewall IP addresses, email, web, and other internet facing applications failover and continue to run on ISP B.
The physical layout is as such
RouterA connected to ISP A
Router B connected to ISP B
Switch A connecting Router A Gigabit Ethernet0/1
Switch A connecting Gigabit Ethernet0/0 for ASA A
Switch B connecting Router B Gigabit Ethernet0/1
Switch B connecting Gigabit Ethernet0/0 for ASA B
The Cisco ASA firewalls configured as HA Primary and Standby
Dual DMZ switches and Dual internal switches that lead into the inside of the network.
I would like some documentation or links that discusses the Dual Internet circuit redundancy. I believe this is called BGP Multihoming but on the document I was reading I did not see the example that the public IP addresses roll over between ISP A and ISP B.
Do you have public IP space that is routable between both ISPs? That will have to be your first step. The failover between the two is pretty easy. There are multiple ways to do it. For example with AS-Path prepend.
You could also utilize BGP communities assuming your ISPs support them - on the backup link you could send them a community (again, if they offer it) so that advertisements over ISP B is less preferred or not announced to certain peers, etc. I don't think you need to prepend the AS that many times either - wouldn't 3 prepends be enough?
You could also run HSRP/GLBP on the edge routers w/ IBGP so that you have 1 default gateway provided to your ASAs.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...