03-09-2011 06:48 PM - edited 03-04-2019 11:42 AM
Hi everyone,
Here is my scenario. I am setting up BGP multihoming between two ISP's using the following equipment but have some questions.
Diagram Attached (IP addresses are made up for the scenario)
I would like to somehow choose the best path between the two connections or "load balance" if possible. Here are my questions:
1. In the past, when I had only one ISP, so I just used a "default route" which was easy. On my ASA and 2811 ISR I would just type in the default route command and that was that. Now that I have two ISP's and two 2911 routers, I am not sure what to do. Being I want the traffic to utilize the best path, how do I do this?
2. I have read that I can request the ISP send me a default route, a full BGP table, or a partial BGP table. I have no idea which to ask for.
P.S. (If I need to run an IGP, I would prefer EIGRP as I am more familiar with it than OSPF)
Thanks Everyone!
Solved! Go to Solution.
03-09-2011 07:33 PM
Hi Joshua,
1. I can think of two options.
a. You can run HSRP / GLBP on the edge routers and track the WAN / BGP route for failover. Default routes on all the internal devices can point to the virtual ip address of the group.
b. You can run IGP and inject a default route from both the edge routers, based on the availability of the BGP default route locally. So every device will have two equal cost default routes pointing to the edge routers.
2. It depends on memory and CPU capacity of the routers.
Unless there are some strict restrictions on traffic engineering/ load balancing, or have a need for serious separation , multihoming to different ISPs would just work fine with partial routing. You'll get the "customer routes" for that particular ISP and a default.
Most routing would likely be the default route and would balance out. Full internal routing table with 350K routes could be troublesome sometimes.
HTH,
Mani
03-09-2011 07:33 PM
Hi Joshua,
1. I can think of two options.
a. You can run HSRP / GLBP on the edge routers and track the WAN / BGP route for failover. Default routes on all the internal devices can point to the virtual ip address of the group.
b. You can run IGP and inject a default route from both the edge routers, based on the availability of the BGP default route locally. So every device will have two equal cost default routes pointing to the edge routers.
2. It depends on memory and CPU capacity of the routers.
Unless there are some strict restrictions on traffic engineering/ load balancing, or have a need for serious separation , multihoming to different ISPs would just work fine with partial routing. You'll get the "customer routes" for that particular ISP and a default.
Most routing would likely be the default route and would balance out. Full internal routing table with 350K routes could be troublesome sometimes.
HTH,
Mani
04-27-2011 09:36 AM
Went with GLBP for load balancing and default route to the Virtual IP. Also just went default route from ISP's due to hardware constraints but i think this will be fine.
03-09-2011 09:36 PM
Hi Joshua,
I would like to somehow choose the best path between the two connections or "load balance" if possible. Here are my questions:
1. In the past, when I had only one ISP, so I just used a "default route" which was easy. On my ASA and 2811 ISR I would just type in the default route command and that was that. Now that I have two ISP's and two 2911 routers, I am not sure what to do. Being I want the traffic to utilize the best path, how do I do this?
A. You can either choose a Primary/Secondary setup or a Active/Active(Load balance) the links for BGP. For the primay/secondary setup. you can just increase the local-pref of the prefixes coming from the ISP on Router1 (For eg) and the local-pref would be propagated to the other Router 2 n the same AS and it would prefer Router1 as well as best path and all the traffic will go via Router1
In case of Active/Active (load balancing) as Mani has suggested , you can redis the default route into IGP( you are comfy with EIGRP so you can use that). and the other IGP speakers will get this with 2 equal paths and load balance between the links
2. I have read that I can request the ISP send me a default route, a full BGP table, or a partial BGP table. I have no idea which to ask for.
You are using low end routers which might not have enough CPU and memory to hold the size of internet routes and they will crash.
Hence, it might be recommended to use a default route. Most small to medium enterprise business use default route as its easy on the router( no looks ups etc) and also doesnt make things complex. You can have parital tables as well if you like ..but just the routes from your other branches or under the same customer.
HTH,
Regards
Kishore
Please rate if helpful
02-19-2014 12:08 PM
hi All
I know this has been discussed multiple times but still wanted to renew this discussion- I for one can definitely use your valuable suggestions and clarifications.
Scenario :-
Here is the resources I have - 2*2900 + 2*ASA5510 + 1*/24-IPV4 Scope + 1*AS-BGP_PUBLIC I need to set up a BGP multihome to my single /24 using 2*2900 {4GB RAM } only defaults in.
Suggestions Needed :-
Setting up iBGP + OSPF0 between 2*2900's is simple and pretty straight forward.Infact I was also thinking of setting up AS_PATH Prepend on one of the ISP's to prefer that ISP and then of course local_pref for a prefered way out of my AS. Running static Ebgp to the peer ISPs A and B for the same /24 . Thing to note here is that there is only one /24 and 1 link per a 2900 router to 1 ISP. {ISPA---1link--routerA & ISPb---1link---routerB }
The issue arises with the ASA's though would you suggest i run a different OSPF area on them like say OSPF1 or HSRP to connect them to the 2900. { Note :- All devices need to be behind the firewall stack and the firewalls are behind the 2900's }.Keeping in mind that at a later date i will like to add more Firewall stacks and running HSRP would just make everything too messy.So would you suggest running a separate ospf process on the ASA and then redistribute defaults to the backbone OSPF0 Routers or just running HSRP with defaults to the routers.please suggest .
thanks ,
02-20-2014 10:46 AM
Hi Varun,
Could you eloborate more on the issue that arises with the ASA's ?
Just to understand, what is the limitation with running the same OSPF process between the routers and the FW ?
Thanks,
Mani
02-26-2014 05:31 AM
Mani ,
The issue arises when there ASA5520s already sheild existing network. I mean they have a different DMZ's behind them and our goal is to build this new core and start moving the existing DMZ behind the new core - without major interuptions.
Also note the ASA's are deployed in active/Standby state and there are atleast 2 pairs. Both pairs sheild different networks . Attached is a quick visio scribble to put things in prespective.
really appriciate all the help i can get on this . I will soon be posting my router configurations too. for both core1 and core2 after a cleanup .
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide