Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
8634
Views
5
Helpful
16
Replies

BGP Multi-home at different Data Centers

pepechingon
Level 1
Level 1

‎01-02-2014 05:08 PM - edited ‎03-04-2019 09:59 PM

I am working on a multi-home design accross two datacenters. We have an ARIN assigned /24 public space and a single AS#. We would like to carve up the /24 to be used in both DCs. Of course our ISPs will only accept a /24 as a minimum advertisement. Is there are way acomplish BGP redundancy and still split the /24 into two /25 to be used at each DC? From what I am reading we can use AS prepend, but will that work if I only prepend a /25? It hasn't worked on the lab.

Thanks in advance.

     ISP1                    ISP2

          |                         |

          |                         |

          |          BGP        |

          |                         |

      DC1<------------------>DC2

     /25                          /25

          |                         |

          |                         |

          |                         |

          |                         |

PAT-->FW                 FW<--PAT

          |                         |

          |                         |

          |                         |

          |                         |

     CORE                  CORE

Labels:
0 Helpful
16 Replies 16

pepechingon
Level 1
Level 1

‎01-06-2014 07:53 AM

Thanks everyone for all the input. We've decided to go back to ARIN and request a /22 in order to make this work.

Thanks for your time!

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to pepechingon

‎01-06-2014 08:11 AM

Jose

The only thing i would add is that your interconnect is a single point of failure that even with a /22 could still isolate a DC depending on how the actual physical topology looks like.

If the devices that the interconnect is terminated on are in the direct path between the ISP and your firewalls then a failure of the device in say DC2 will make DC2 unreachable ie.

1) you cannot connect direct into DC2 because the device has failed and there is no path to the firewalls

and

2) you cannot connect via DC1 because the interconnect is down

The above may not relevant if the interconnect devices are not in the path from the ISPs to the firewalls. If they are though you can either -

1) add another interconnect. If L2 terminate on switch stacks/VSS pair etc. If L3 terminate on separate L3 devices or again a VSS pair. Obviously this could get expensive.

2) move the devices that are used for the interconnect out of the direct path so that the firewalls can still get to the internet even if the interconnect device is down. That way if the interconnect or one of the devices used for the innterconnect fails the DCs are isolated from each via the interconnect but both your DCs are still accessible from the internet.

If they are not in the direct path then please feel free to ignore all of the above

Jon

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card