one isp two routers

mateomateo1 · ‎10-08-2012

I have to replace cisco equipmenet and looking for an advise

my current network layout:

my destination layout want to something like that:

I have a couple questions:

1) is that new network layout would be a good solution or is it better to do also 3750 redundancy,

2) we have only 1 isp, for now to access internet we use 1 static route, if we want to do the redundancy, do we have to ask our isp to do BGP for us? Is there any other way to accomplish that?

Marwan ALshawi · ‎10-08-2012

in this design you adding a second redundant router, however you still have single point of failure on the LAN switch level

it is better if you can make the 3750 as a stack of 2x switches and connect each router to diffrent switch

about the LAN switches try to avoid daisy chaining the 2960 and instead stack them

using BGP can make failover automatic, however you could use static route but you need some IPSLA features for failover

hope this help

if helpful rate

Joseph W. Doherty · ‎10-08-2012

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

I have a couple questions:1) is that new network layout would be a good solution or is it better to do also 3750 redundancy,
2) we have only 1 isp, for now to access internet we use 1 static route, if we want to do the redundancy, do we have to ask our isp to do BGP for us? Is there any other way to accomplish that?

#1 3750 redundancy would be better, as the 3750 appears to be the core of your network. Where possible, dual MEC to your other switches. Believe you might be able to dual MEC to your 2911s too, if so, you don't need the cross link between them, if not, insure each 2911 is connected to a different 3750 stack member.

#2 there are a couple of ways to do this without BGP. You might route between the 2911s and the 3750 using an IGP that can pass a default route. You might static route to both 2911s, using mHSRP for redundancy.

You'll need to have your ISP route to both your 2911s too.

mateomateo1 · ‎10-09-2012

Thank you for your answers guys. I reviewed my drawing according to marwanshawi remarks. Would that be ok? Would that be connected properly?

Questions:

1.) What if I only have one fibre link connecting my 3750 to left and right wing of 2960 stacks (and there is no way to run extra fibre line - too far)

2.) My ISP is giving me a range of ip addresses and gateway at the minute (they left cat5e cable in my room), if i go with hsrp between 2911 and static route to isp on both routers, how can I go about it? I mean do I have them to run another cat5e cable and connect it to the redundant router or use some sort of switch and split current cat5e cable to both routers?

shillings · ‎10-10-2012

I would have thought you'd need a switchport WIC installed in each 2911 in order to run HSRP nicely. You might be able to bridge instead, but never done that myself and it might have CPU impact.

Alternatively, you could remove the link between 2911s and use the 3750 stack to control outbound routing. The stack could tie a primary default route to an IPSLA ping into the ISP link A edge. If the ping fails, then the route will be removed and then follow a second floating static default route out via link B. This would also negate BGP outbound, but if you want to remove BGP altogether, then the ISP needs an alternative for your inbound traffic.

Ref your fibre link to 2960s, maybe it is multicore fibre and there are some un-used fibres within the cable run? Worth checking so you can get some redundancy. If there are spares, then you may need a cabling contractor to terminate the un-used fibres onto your optical distribution frame.

Where are your firewall/s?

mateomateo1 · ‎10-10-2012

I would have firewalls on the routers,

Do I have to contact provider to get another cat5 cable to my comms room or can I just use a switch to split it?

shillings · ‎10-10-2012

What's the cable for? If it's to connect the two 2911s, then are the 2911s yours or the ISPs?

mateomateo1 · ‎10-10-2012

My ISP is giving me a range of ip addresses and gateway address (they left cat5e cable in my room). 2911 are mine.

If I want to do router redundancy do I have to tell them to put another cat5e cable? or can I just use a switch and split the connection and then connect to both 2911?

shillings · ‎10-10-2012

Normally you'd use two routers when you have two dedicated ISP links.