We currently have an MPLS connection from our Hub site to all branches.
Connectivitry is via BGP from CE routers. Hub site we are distributing BGP into OSPF and the core is all OSPF
HQ and DR are connected via OSPF across a Metro-E
The remote site gateways have BGP in the CE router and just default routes in the switches.
We are going to implement a wireless connection as a backup. The backup most likely will be a GRE tunnel from hub core switch to remote site core switch.
I can really use OSPF for the backup routing protocol because the Primary link is distributing BGP into OSPF and the secondary would be intra-area routes.
I am thinking I can either do a complete reconfigure on the HQ core and HQ to DR site, migrating to EIGRP, or
Leave the core as is and use RIP as the backup site routing protocol, I have used RIP and OSPF like this before and it worked pretty well.
Anyone have any thoughts on this?
That should say "I can't really use OSPF"
Thanks Edison, but I am not sure I follow, If I use BGP, my AD on the core switchws would be 20, unless you are talking about using iBGP.
Is that what you are talking about?
Can you provide us with a network diagram?
You can configure BGP on the device using the wireless backup connection and iBGP with your current CE routers.
With BGP, you have the ability to choose the best path by using AS_PATH, Local_Pref among others.
Not sure how this would affect the Core since these devices should be part of the WAN bubble and the Core will simply received the routes as OSPF from the edge BGP devices doing redistribution.
Shown here are the existing and existing with wireless added. There are no routing protocols thru the wireless, only thru an enclosed tunnel.
The wireless would be on the edge of the existing MPLS infrastructure. OSPF is already running on the core switches with routes from the branch which have been distributed from BGP. The OSPF routes are configured to be E1 routes.
If I use OSPF for the tunnel, those routes would be intra-area routes, vs E1. I could advertise 16 bit subnets masks from the Branch, but not from Data Center (HQ) site, as I am using 16 bit for failover between HQ and DR sites, (If HQ is lost to MPLS, DR advertises 16 bit HQ subnets).
My thought was to use a different protocol to be safe. Unless I go with EIGRP in the core, RIP seems to be the easiest choice.
Can't you run BGP on the tunnel?
How many sites and tunnels are you planning to implement?
If you run BGP on the wireless edge device and from this device iBGP to your current MPLS routers, the ingress/egress traffic management will be a lot simpler.
Same design one would use with a dual router - multi-ISP connection.
That is what I was originally hoping to do, and it would have been simple and a good way to go.
The wireless devidces do not do any routing, they are passthough only. I was hoping to go in another direction on the wireless devices, but we are locked into these.
Where do they terminate? Can you connect this wireless devices to a LAN port of a router/switch then assign an IP address to it make it a point-to-point L3 connection?
I still don't undestand how can you run other protocols via this connection but BGP seems to be a problem.
Sorry if I confused the issue. It looks like we will be using BGP to establish the connection from the wireless gateway into our MPLS cloud.
I am getting back into this project and was hoping for some more input.
Attached is a another drawing that shows the existing router and the wireless backup router addition.
Verizonwireless will add their gateway into the Verizon Business MPLS cloud. They will advertise the branch subnet into BGP from their gateway, and the gateway will advertise a default route into the branch.
The existing routing for the main link is BGP with HQ distributing into OSPF. The branch router is getting all routes from BGP. The branch switch currently has a default route to the branch router.
Since we have customer transactions going across the link, some of the branch traffic is encrypted normally in a VPN tunnel. If we are in failover mode, we will pretty much want to have all traffic going through a VPN tunnel.
That is where the sticking point is, the easiest thing I guess would be to just use static routing inside the VPN tunnel.
What are your thoughts on this?
I don't know if I fully understand your question, but if your problem is that the CE routers are preferring the backup path because the backup routes are being presented as intra-area (more preferred) routes, and the prefixes from the PE routers for your MPLS cloud are presenting the prefixes as inter-area routes (less preferred), then a common solution is using OSPF Sham-Links. It does require a reconfiguration of the PE routers which may not be an option. In that case, a routing protocol with a higher admin distance like RIP is a valid option.
Posted by WebUser Atle Ørn Hardarson