Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3181
Views
17
Helpful
16
Replies

BGP: accepting default vs. directly connected

rsamuel708
Level 1
Level 1

‎06-18-2008 06:05 AM - edited ‎03-03-2019 10:24 PM

Guys, can someone give me a clear description as to which works best for a multi-homed environment. Guess I don't understand what accepting directly connected routes buys you over just plain default.

Thanks in advance.

/rls

Labels:
0 Helpful
16 Replies 16

rsamuel708
Level 1
Level 1
In response to hennigan

‎06-19-2008 05:02 AM

Very good information hennigan...just what I was looking for! The goal that's been set for us is load-sharing in whatever form that may take. Both of our circuits will be 100meg and we'd like to take advantage of them both all the time, as opposed to a backup scenario. That introduces a more complicated config, but I can understand a management's view towards the circuit lying idle.

That said, based on the last diagram that I posted that if I accepted anything more than default that I would end up with traffic being pushed to a given router via the firewall load-balancing scheme, then the router determining that the best route is actually out the other path and sending it out the other router...thus increasing my ibgp link traffic. I guess that's not so bad as I would want optimal traffic routing either way but just one of my initial concerns. I do like the L3 switch solution posted above and would appreciate hearing other opinions on this and how it would be set up.

Thanks.

/rls

0 Helpful

hennigan
Level 1
Level 1
In response to rsamuel708

‎06-19-2008 09:40 AM

You're correct, the firewalls and hosts not speaking BGP will have a default pointing to one router, which will route via IGP to the preferred eBGP egress router for that destination.

From your diagram, I'd set up HSRP/VRRP between int-router-2 and int-router-3 with int-router-2 as the primary with pre-empt. Point your firewall defaults to the virtual of the HSRP pair. This will minimize traffic over the DWDM to only that entering/leaving via ISP2. Should int-router-2 fail, you'll still be up via DWDM to int-router-3.

L3 switching could also be used but unless the L3 switches have the full BGP tables of the border routers (usually not practical due to memory constraints) you'll still be hairpinning some traffic through one of the borders. From the information provided, in my opinion L3 switching in this scenario doesn't offer any advantages and may just complicate things.

0 Helpful
Customers Also Viewed These Support Documents