Hello folks,
I am looking for some ideas on the best way to provide redundant outbound
internet connections.
We currently have 2 separate Internet connections. We run PIX's at both
locations. Inside both PIX's are a set
Of 72xx series routers that run OSPF and BGP process's.
Do to the nature of our WAN's, the routers are not members of Area 0 for the
OSPF network, and they are running EBGP between them on the BGP WAN network.
One WAN vendor is Area 0, and the other WAN Vendor is our BGP peering
partner. The Internet Vendor for both connections is the same however.
I would like to implement redundant, dynamic Outbound connectivity that
would use 1 connection as primary, and in case that goes down, failover to
the second. I have come up with some Idea's, but I keep running into a snag
with the PIX's setting between the Internet Router and the Internal router.
EXTRTRA EXTRTRB
| |
PIXA PIXB
| |
INTRTRA INTRTRB
|\ /|
| \ / |
| \ / |
WAN1 WAN2 WAN2 WAN1
| \ / |
| \- OSPF Network - / |
| |
|--- WAN EBGP PEER --- |
( All internal networks use Private name space )
WAN 2 is the OSPF WAN vendor and we are not in Area 0, WAN2 routers form
Area 0 on their backside.
WAN 1 is the EBGP network. IE Each location is a separate AS( private AS )
and the WAN EBGP peer is 1 AS number.
The EBGP network is used as a failover network between datacenters only ,and
currently no traffic is flowing via BGP.
All other WAN locations ( 100+) form a fully meshed cloud via OSPF.
Our current setup is to have INTRTRA with a static route to PIXA that is
redistributed into OSPF. The problem with this is that if EXTRTRA fails, the
only way we know is from the phone ringing. We can swing to the secondary
Internet connection by injecting the default route to PIXB at INTRTRB , but
this is a manual and slow process.
I am checking with our Internet Vendor to see if they can peer with us and
supply a default route, however, I keep running into a stumbling block on
how
To inject this into the OSPF network. I have thought about setting up a BGP
peer from the inside to the outside, but I think that the route that would
be supplied would point to the external routers interface, not the PIX,
which should be the next hop.
I want/would like to inject the default routes with different costs such
that connection A is always used unless it is down.
Anybody else doing this, or have ideas or suggestions on the best practice.
I am sure I am missing something obvious here, I just am going brain dead
and cannot see what it is.
Let me know if you need more information or if I have managed to totally
confuse you.
Thanks
Larry
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=37908&t=37908
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
