Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

BGP Multipath Failover Design

In our proposed design, we will be hosting VM's at our DC, and using our Corp office as the redundant path.  We are peering to the same ISP and splitting the /24 into two /25's.  The two offices are connected via 100MB Metro Ethernet.  I am unsure of how to utilize that 100MB Metro link.  What is the best way to route traffic back and forth in case of a failure?  Attached is a rough design.

Thank you all in advance.DR.jpg

Hall of Fame Super Silver

Re: BGP Multipath Failover Design

Hello Jason,

I would suggest to go on on an existing thread rather then opening a new thread for each new question.

Said this, the use of the link is decided by the iBGP session and/ or the IGP protocol you are using.

To be noted one link may be not enough for all fault scenarios you would need a path from Corp to hosting also if the hosting router fails totally.

So I would add cross links for this.

But I see also there are ASA before the two campuses

you would need two ASA failover pairs one in Corp and one in hosting

the secondary ASA should have its outside interface cross connected to the other border router (Corp ASA standby to Hosting router, Hosting ASA standby to corp router)

Hope to help


New Member

Re: BGP Multipath Failover Design


Since we are using the ASA security contexts, I will most likely use 1 5540 at the DR and 1 5540 at the Corp.  I will not use the 5510 as we won't have enough security contexts.  The ASA configuration will have to mirror, correct?



Hall of Fame Super Silver

Re: BGP Multipath Failover Design

Hello Jason,

in any case each ASA can have only one outside interface.

a failover pair needs a connection between the two ASA.

So you would need two links between the two campuses:

one for iBGP session between edge routers

one link for failover and stateful between ASA

Hope to help


CreatePlease to create content