Currently the default is Zayo.  The Comcast circuit was just installed and hasn't been setup yet.  Yes, we use NAT.

For bgp

Neighbor <ISP1> route-map ISP1 in 

!

Route-map ISP1 permit 10

Set weight 5000 <- the highest weight prefix will prefer 

MHM

For NAT dynamic 

Route-map ISP1-NAT permit 10

Match interface <ISP1>

!

Route-map ISP2-NAT permit 10

Match interface <ISP2>

!

Ip nat inside source route-map ISP1-NAT interface <ISP1> 

Ip nat inside source route-map ISP2-NaT interface <ISP2>

MHM

For NAT static 

Ip nat inside source static <private IP> <public IP ISP1> route-map ISP1-NAT

Ip nat inside source static <private IP> <public IP ISP2> route-map ISP2-NAT

MHM

When we ordered the circuit from Zayo, we also ordered from them a /24 IP block for NATting users and online services.  Then we decided to have a backup internet circuit in case Zayo goes down. 

We then contacted Comcast about our plan for a backup internet circuit, they suggested BGP peering, as long as Zayo allows Comcast to route their /24.  So, we asked Zayo if they would let Comcast route the /24.  Zayo said yes and there will be forms to fill out and setup cost.  They also advised that we get our own ASN from ARIN, which we did.

Also, enable for the BGP peering to work, both internet circuits need to be BGP enabled by both ISP.

So, it sounds like once both ISP have enabled BGP on the circuit, it's just a matter of setting up BGP routing on our router using our ASN and adding both Zayo and Comcast as neighbors using their ASN and advertising the /24.  It sounds pretty straight forward but I wanted to check here if there are other configurations that need to be setup and don't want to miss anything that could cause an outage when we're ready to implement.

Okay, so it sounds like you get to use the one's ISP /24 as if it were your /24.  (Since IPv4 IPs were depleted, guess that's now about the only way to obtain a public /24.)

In that case, also appears you understand eBGP multi peering.

Again, the two big considerations are do you use both ISPs concurrently or primary/backup, and what Internet routes you take from your ISPs.

If you do use both ISPs, concurrently, then you also can consider how to load balance the two ISPs.

You're on the right path.

If your device is actually a L3 switch, unless it's one of the top of the line models, it may be unable to take a full Internet route table, let alone two of them.  (Since you only want to use one ISP at a time, just taking the default route from your ISPs is all you need to do.)

Outbound, you might use local preference to prefer the Zayo connection.

For inbound, to preclude outbound traffic on Zayo not coming back on Comcast, you might try the (some what traditional) prefixing your ASN, multiple times, when you send your /24 or Comcast, or as I mentioned before, if supported, use BGP conditional advertisement.

Thanks Joseph.  I'm thinking partial route to minimize resource usage.  I will definitely look at the possible recommended solutions and do some testing in lab before doing it in production.  Will let you know how it goes.

Richard

Can you elaborate more about prefix 67.x.x.x ?

MHM

Yes, so 67.x.x.x /24 is the IP range assigned to us by Zayo.  We use it for NATting internet access by users and online services at the firewall. 

For example:
67.x.x.250 - 254 is NATted for internet access
67.x.x.10 is NATted for public web server 1
67.x.x.11 is NATted for pubic web server app 1
67.x.x.12 is NATted for public web server app 2 
etc.

if it assign by Zayo then only Zayo can forward this traffic, Comcast can not handle traffic to this ports 
so the best solution here is push these IP to interface connect to Zayo

MHM