Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1548
Views
0
Helpful
4
Replies

Best way to deploy MPLS with separate ISP for internet

Go to solution
willy moronta
Level 1
Level 1

‎08-20-2013 11:49 AM - last edited on ‎03-25-2019 03:39 PM by Community Manager

Hello all, I've looked around lots for deploying MPLS using VRF where a single router is used at the CE location and how to go about accomplishing this.

I'm trying to achieve something slightly different and I'm trying to figure out if a route map or VRF is the way to go to accomplish this.

The end result I want is that all users at a remote site that sit on internal network 192.168.20.0/24 be able to contact all MPLS peers to network 192.168.0.0/16 (this is already the case)

Now I want all internal clients on 192.168.20.0/24 that are attempting to reach anything EXCEPT 192.168.0.0/16 to instead send the traffic to a second router connected to the same internal 2900 switch the second router is a separate DIA circuit that will provide internet access.  At this time its not needed that any other MPLS sites are able to reach this second ISP.

Because all domain devices live on 192.168.0.0/16 in this case the DC and DHCP services etc all come over the MPLS.  The internal interface of the MPLS router is 192.168.20.1 and the internal interface of the ISP2 router is 192.168.20.2

Would a route map to allow traffic from 192.168.20.0/24 to route to 192.168.20.1 and all other traffic than sent back to 192.168.20.2 - essentially having 2 gateways.

Or is it better in this case to use a VRF - though I don't need this route advertised to others on the MPLS as each site has its own internet access (or doesnt).

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Harold Ritter
Level 12
Level 12
In response to willy moronta

‎08-20-2013 03:52 PM

Hi Willy,

I might be missing something obvious but I think just normal routing would do. As I suggested in my last message, you could just configure two routes on the CE as follow:

172.16.0.0/16 next hop = PE router ip address

0/0 next hop = IR ip address

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Harold Ritter
Level 12
Level 12

‎08-20-2013 03:21 PM

Hi Willy,

So if I understand correctly, you do have two routers at the remote localtion (one CE and one Internet router). The easiest thing would be to get the user workstations to use the CE as their default gateway and to connect the Internet router to the CE and let the CE do the routing (route 172.16.0.0/16 -> MPLS cloud and route 0/0 -> Internet router).

regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful

Go to solution
willy moronta
Level 1
Level 1
In response to Harold Ritter

‎08-20-2013 03:48 PM

Hello Harold, first thanks for your reply.

I'm on board with setting up the CE router as the DG for work stations, my question is how would I tell it to send all traffic that isnt for the MPLS to go out the internet router?  Would a Route Map be the best way to accomplish this?

I was thinking of setting the DG on the CE to be its normal Peer and a route map to point to the internet router, though Im having a bit of trouble with the logic of the statement as I want all traffic not destined for MPLS to be out the internet router.

Basically the Policy would permit 172.16.1.0/16 destined to 172.16.0.0/16 to have next hop of the MPLS peer, but how do I than tell all other traffic to gateway to the IR?  I can do port 80 traffic to map over to the IR but I want to make sure that all traffic not just specific port 80 (basically anything NOT destined for 172.16.0.0) to go to the IR

**By the way I m using 172.16.0.0 instead of my original post which had 192.168.0.0 just to be consistant with your answer, the numbers dont much matter.*

0 Helpful

Go to solution
Harold Ritter
Level 12
Level 12
In response to willy moronta

‎08-20-2013 03:52 PM

Hi Willy,

I might be missing something obvious but I think just normal routing would do. As I suggested in my last message, you could just configure two routes on the CE as follow:

172.16.0.0/16 next hop = PE router ip address

0/0 next hop = IR ip address

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful

Go to solution
willy moronta
Level 1
Level 1
In response to Harold Ritter

‎08-20-2013 03:54 PM

Hi Harold,

I'm the one missing the obvious and making the problem way more complicated than it needed to be.

Thanks for your reply!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card