08-29-2003 01:40 AM - edited 03-02-2019 09:58 AM
We have a 2650 router connected via Frame Relay to an ISP for Internet access. On the back of this router we have a PIX 515. We would like to have a second ISP connection on the router for a second group of inside users. Is there an easy way to do this, without using BGP?
Any ideas will be greatly appreciated.
Thanks
08-29-2003 02:04 AM
Hi pam,
Why do you want to run BGP for a small subnet range. In this case you can have a default route pointing to the first link and a backup route onto the secondary (just for redundancy).
You can configure route-maps and push a particular subnet onto the second link. (set interface command on the route-maps). In this case, you need to do a seperate NAT for guys sitting on this subnet, and cant use the same PAT/NAT IP which has been configured for general users (since PBR is source based).
cheers !
08-29-2003 05:06 AM
I agree. You need BGP only in the case you want to have a independent backup Internet connection (second ISP) enabling access from Internet to your servers (web, mail, etc.).
Regards,
Milan
08-29-2003 05:29 AM
The simple answer is yes, you can do what you want with out using BGP. You say you have two groups of users, so just remember that group 1 will have to be assigned the IP addresses of ISP 1 and group 2 with the IP addresses of ISP 2. As stated in a previous post you will also have to use a route map on your exterior router if you do not want assymentric routing.
This configuration will work, but you will have no redundancy. If the link to ISP 1 goes down, group 1 will not be able to use ISP 2 because ISP 2 is incapable of routing the IP space of ISP 1 (you would need BGP for that level of redundancy). You could configure some address translation somewhere to overcome this.
Kevin
08-29-2003 05:38 AM
dear kevin
thanks a lot (you and the rest of the people) for the reply and the info.
It really helped a lot.
thanks
08-29-2003 07:29 PM
There are actually a couple of ways you can configure this, since both connections are to the same ISP. A lot will depend upon what your ISP is willing to support, so you should talk to your ISP to determine what options they will support.
If you are working with two different ISPs, or simply don't want to get your ISP involved, you can provide inbound redundancy for email simply by defining two MX records in your DNS. You will find that defining two IPs for each DNS name does not work well, but you can use NAT to allow inside users to continue surfing if an ISP link goes down, providing you can detect the failure at the link level.
There is a brief summary of the various options available for multihoming your ISP connections in a white paper on my web site. Note also that you do not need a big router to run BGP, you only need a big router to run BGP defaultless.
Good luck and have fun!
Vincent C Jones
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide