Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
475
Views
0
Helpful
1
Replies

Design question

pronin_sergey
Level 1
Level 1

‎07-03-2015 02:07 AM - edited ‎03-05-2019 01:47 AM

Hello guys,

 

our company has the following design.

 

  • Three datacenters in different countries.
  • In each DC there is a core. It is usually stacked 3750X switches.
  • OSPF runs on the cores to exchange internal routes
  • Two borders in each DC. It might be Cisco, Juniper or even Linux. Borders run multimode BGP with various providers. 
  • Each DC announces its own /24 network.
  • There is a full mesh iBGP between borders on virtual interfaces, that are built over internal OSPF.

 

Question is:

 

Is it a good design or not?

1) I would like to move iBGP to cores and configure route reflectors on them. Is it a good idea?

2) We have a public prefix /21. Instead of announcing /24 in each DC I would like to announce /21 in all DCs + /24 in each. But I don't know what to do with the firewalls in each DC. They are stateful.

 

--

Regards,

Sergey

 

Labels:
0 Helpful
1 Reply 1

Vasilii Mikhailovskii
Level 7
Level 7

‎07-05-2015 01:49 AM

Hello.

If run full-table BGP, I would say it might be a bad idea to run BGP inside your network.

If you learn only 0.0.0.0/0 via BGP, then it's easier to redistribute it into IGP per DC.

Regarding public prefixes - /21 vs specific /24s might be a good idea; if you have DMZ, then the challenge is to route traffic to proper DMZ (you may try it with different VRF).

PS: it's hard to say if it's good design or not, we need to know what are the original business requirements and where different services will be located.

0 Helpful
Customers Also Viewed These Support Documents