Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Need Help on Multihoming & redundancy configuration

Single Site:

1. Two internet routers :

Router1 : 10Meg Internet line-->

router managed by ISP1. BGP neighbor

configured for upstream ISP1 rtr.

Router2 : 2Meg Internet linee --->

Router managed by cleint. BGP

neighbor with upstream ISP2. But

using default route to go to internet

(not advertising ISP2s own /27 Ips

assigned to client via BGP using

network statement)

2. RTR1 and RTR2 inside interface (assigned with public ips) connects to a

public switch(3560) to two

different VLAN ports (vlan2 & vlan3).

3. No routing configured between VLAN2 &

VLAN3.

4. The 'traceroute ' from RTR2--->RTR1

goes via Internet.

5. There is NO bgp relation existing

between RTR1 & RTR2

6. Another 2 ports on the same public switch connects to a PIX external & ASA external interface and PIX port is vlan2 & ASA port in Vlan3.

7. PIX is using RTR2 inside interface as gateway and ASA using RTR1 inside interface.

8. Inside interfaces for PIX & ASA connects to 3750 inside cleint Network on the default Vlan (#1).

9.To the Internal 3750 switch connects Internal core router (2811) whose default gateway is: Inside Interface for the ASA. ( users will hit ASA to go online).

10. Both PIX & ASA also have VPN tunnel to remote location.

Now, is there any way I can configure automatic failover between 2ISPs..? No need for load sharing. Primary/back is fine.

And if possible is there a way to make VPN also works during one link fails..?

Please suggest.

Thank you in advance.

MS

1 REPLY
Silver

Re: Need Help on Multihoming & redundancy configuration

The most preferred method for BGP redundancy is the AS-Path prepend. You are correct in stating that ISP's can strip off the prepemds, but that is also part of the gamble. From what I have seen, most do not.

Another option is MED, which advertised a specific metric for the prefix to the ISP. In order to use MED, the ISP has to be willing to accept that metric. The following link will explain more:

http://www.cisco.com/warp/public/459/37.html

http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a008009456d.shtml

104
Views
0
Helpful
1
Replies