yes, what u said is correct. but already we have a VPN as backup which needs manual intervention(have to make tunnel up) whenever MPLS goes down. suggest me a automatic backup for MPLS....is there any technology for automatic VPN backup?

Main problem raises during non-business hours and frequent MPLS fiber cuts at service provider.

Is it possible for you to keep the tunnel in always up/up state and have a static route with higher AD point to the tunnel?. This should forward the traffic through the tunnel when you dont have any routes learnt through the MPLS VPN, and again switch back to MPLSVPN when its back again.

HTH-Cheers,

Swaroop

what u said is correct.However we have an edge switch to which MPLS router ethernet and VPN router ethernet are connected.we have assigned routes in both the routers individually but not in edge switch, as there are some servers connected to the edge switch.

can you be more specific basing on the info given?

good one. we have connected MPLS router & VPN router to an edge switch. we have assigend routes individually in router but not in egde switch. we manually shut down the interface whenever MPLS link goes down and make VPN interface up & vice-versa. can u be more specific?

From what I can undersatnd form your topology description, its much better that the VPN and MPLS CE routers are 2 different router.

You can keep both the interfaces on the edge switch in up state and form IGP adjacency with both the routers from the edge switch.

Assign a lower metric or cost to the routes learnt via MPLS CE interface, and a higher cost to the routes learnt from you other VPN interface.

When routes are lost through the MPLS CE, it should switch to the other VPN, and switch back when MPLS CE has routes again.

HTH-Cheers,

Swaroop

It looks good solution. However, we have OSPF & BGP configured in MPLS router & redistributed them. And OSPF configured in VPN router. We have no routes in edge switch. Also some imp servers are connected to the same edge switch.

will these servers get effected by adding routes?

can you send me a sample configuration for the same topology?

On your edge switch run OSPF single instance and peering with both VPN routers in single area. Assign a higher cost to the link connecting to non preferred VPN router.

For the servers they will be pointing to the edge switch as its default gateway (vlan interface). Advertise this vlan interface in the same ospf area as well.

HTH-Cheers,

Swaroop

can you please give a sample configuration for the same topology? Assume the necessary subnets.

This is to give a fair idea.

Pls modify the conifg to suit your setup.

!

router ospf x

router-id x.x.x.x

network 192.168.1.0 0.0.0.255 area 1

network 192.168.2.0 0.0.0.255 area 1

network 192.168.3.0 0.0.0.255 area 1

!

Assumption that you have Area 0 at your MPLS CE for upwards and other VPN router upwards.

!

interface fa1/0

Description Connection ot MPLS CE

ip add 192.168.1.1 255.255.255.0

ip ospf cost 10

!

interface fa1/1

Description Connection to Backup VPN CE

ip add 192.168.2.1 255.255.255.0

ip ospf cost 100

!

interface vlan 10

Description Connection to Servers Subnet

ip add 192.168.3.1 255.255.255.0

!

HTH-Cheers,

Swaroop

Thanks! we have analysed this and concluded to lookout another best possible solution for auto backup. can u suggest me any more solution(not bothered abt the budget but need auto backup(mesh topology) for MPLS - globally)?

Globally - Headoffice to Branch offices located globally.

Instead of VPN, and if budget isn't an issue, you could connect to a second MPLS provider at each site.

What are the features of a auto-backup you would be desiring. (for eg no routing manipualtion based backup, or something like that) Depending on that probably we can come close to it somewhat.

HTH-Cheers,

Swaroop