01-14-2013 10:39 AM - edited 03-04-2019 06:42 PM
I am new to BGP and I've done quite a bit of reading on it lately but still feel a little (maybe a lot) confused. I have a diagram and running config (from my Cisco 3925e router) attached of my partial setup. Here are a few questions:
Your thoughts on this are very much appreciated. Thanks in advance!
01-14-2013 03:16 PM
1) I wouldn't defined the router to be inline but basically is a key component in the WAN bubble.
Your router provides network reachability for the assigned /24 subnet to the rest of the world.
I'm assuming your router is also providing NAT for the internal network?
Overall, your design is sound. I wouldn't change a thing.
2) Your assigned /24 subnet allows your internal network to reach the internet with a valid public IP address.
It also allow you to provide services such as WWW, Email, FTP, VPN to your external customers.
The redundancy comes into effect when both ISPs have network reachability towards your network while learning
this /24 subnet via BGP. At high level, BGP uses an internal path algorithm and chooses a preferred route after
comparing several attributes.
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094431.shtml
In short, customers on Veracity will more than likely reach your network via the Veracity link (preferred metrics)
while customers on Integra would do the same on their own network. Other networks connectivity will be dictated based on how their connection is towards Veracity or Integra.
The redundancy comes into play when you lose one link and it's still known via another link.
This redundancy is provided with BGP and the way is advertised from router to router.
3) Default route is fine. However you are limited on the amount of traffic engineering you can do for traffic leaving your network. For instance, if you receive full or partial routes from both ISPs, BGP would prefer exiting via the Veracity link towards Veracity customers and the same can be said for Integra customers.
With the default route, the only option you have is having one link being primary while the other one as secondary.
You could implement multipath with BGP but I don't recommend it for ISP connectivity.
01-14-2013 03:45 PM
Edison, thanks so much for your response. As of right now I do not have NAT setup on the router. So, I would need to have an interface/subnet on my router configured with the /24 subnet, and have NAT translate from the /24 to my private IP range? Is that correct?
This is how I understand BGP traffic would route through my router:
1.) Traffic destined to my /24 is routed from one of my ISPs to my router which was learned via BGP advertisements.
2.) My router switches the traffic from the directly connected ISP interface to the /24 interface (network I am advertising to my ISPs via BGP)
3.) /24 interface will translate traffic from one of my /24 public IPs to a private IP address on my network
4.) Traffic is then passed on the internal network
Does that sound about right?
Thanks again!
01-14-2013 04:43 PM
You would have an interface with such subnet if you are planning to deploy a DMZ.
Your internal facing interface will hold your private IP subnet range.
1) Correct
2) Correct
3) Correct
4) Correct
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide