Please refer to the drawings. I currently have 2 ISP providing MPLS Data connectivity. ISP 1 Provides connectivity to SITE A, B & C whereas ISP2 provides connectivity to site D, E, F. The central site has routes for both sites so all sites are being routed through the ISP1 and ISP2 routers. there is single point of failure between the sites. I want to add an ISP to provide me links to these sites. Please help me design this infrastructure by identifying if i can use the same routers at the individual sites and also what routing should be added so that during a link failure or i can apply load balancing for the secondary links.
Do you need 3rd ISP only to connect all the sites? If so, still if ISP3 down no redundancy value here.
I would choose the following for the redundancy and loadsharing purposes:
1- I would ask ISP1 to connect all sites including sites connected by ISP2, if possible.
2- I would ask ISP2 to connect all sites including sites connected by ISP1 , if possible.
In this manner, all sites are dual homed to two different service providers , this provides redundancy as well as loadharing capability for all the sites.
with a routing protocol like Eigrp, its vital that you could have un equal cost load sharing as well as redundancy.
What about this scenario?
Currently there Eigrp is not in place for routing in our network. we use static routing and for wan routing BGP is being used. Can I apply equal cost load sharing with static routing?
Since it appears all the sites have Internet connections provided by ISP 3, another option would be to connect them with VPN. For this purpose, you might not want to concern yourself with load balancing, just with backup. If you do, almost any dynamic routing protocol should be usable.
I am proposing ISP3 so as to remove the single point of failure. I want to know how to configure VPN and I didnt quite understand what you mean by saying that i dont have to concern with loadbalancing becasue any dynamic routing can do this easy.
With site-to-site VPN, you normally make virtual links between sites, across which you can run routing protocols. If you run the same routing protocol that you use with your MPLS providers, your routing domain sees the VPN as another path between sites. Then the issue arises, when routing with multiple paths, which path is preferred or whether you attempt to load balance across them. Since, I'm assuming, your Internet connections are currently being used for Internet access, and since Internet generally does not offer any service guarantees (like your MPLS might), and since your primary goal is to avoid a single point of failure (on the WAN), I expect you don't need to load balance between MPLS and VPN, just insure that VPN provides an alternative more expensive (from routing metric perspective) path between sites.
The primary link is actually a MPLS VPN over microwave. I will not load balance as you advice but I want to have a point to point vpn connection to our HQ as provided by the MPLS VPN from this remote site in case the primary link fails. your solution is very close. Please elaborate on how to configure site to site vpn and create an alternative more expensive path. Thanks for the reply
There are several methods of constructing VPN across the Internet, but for site-to-site VPN, what you normally end up with is what appears to be a point-to-point link between sites (much as if you installed a physical point-to-point link). You can then route across the VPN link, again much as you would do with physical links. If you have existing WAN routing, then you need to consider how these new VPN links will be incorporated into you routing topology. From what you describe, you would want to cost them higher so traffic would only choose them if the primary path fails.
For additional information about VPN, you might browse the Cisco site on this subject and/or post to the VPN forum on these boards.
yes, I think the router installs up to six equal cost paths for particular destination, so you dont have to worry about that.
The Only point is that, for un-equal cost, you will have redundancy only and you cant do loadsharing.
If for example, SiteA has two different paths to SiteC with different cost, you could only have asingle path and a redundanct path with normal static routing , while if EIGRP is used, you can use both paths.