Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
299
Views
0
Helpful
0
Replies

BGP & VRF design between 6500 switch - firewall - 7k nexus

Fazal E Rasool Khan
Level 1
Level 1

‎09-07-2016 04:43 AM - edited ‎03-05-2019 04:39 AM

Hello Everyone,

I am working on design which has two 6500 switches configured with VRF for different set of VLAN's.

1.This two PE switches are running HSRP for all VLAN SVI's

2. On one hand its connecting to MPLS routers and at side these are connecting to two firewalls (active/passive mode) then nexus 7k switches.

3. Client asked to run eBGP between nexus 7k and 6500 switches. Is it mandatory to run BGP on firewalls (fortinet) or i can form BGP neighborship just allowing require traffic and adjusting TCP options 19 and TCP Sequence Number Randomization.

4.I check some forums and there i found that its recommended to run a IGP ex: ospf/eigrp along with MP-BGP. Each vrf will have its own instance of IGP and BGP. But here my question is i can run ospf and MPBGP on both 6500 and exchange routes between different VRF's. Same i can do on Nexus switches using OSPF and BGP. But how routes will be exchanged between Nexus and 6500 switches for different VRF's. Is IGP required here or eBGP will do the task. How firewall is going to handle this traffic.

5. For MPLS router shall i used L3 interface or just put the link connecting to ISP MPLS router in ISP VRF and then connectivity will be up between 6500 and ISP routers. This ISP routers for sure form the BGP neighborship with outside ISP routers but what should be done at router to 6500 side.

Help in the above regard will be highly appreciated.

Thanks.

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card