Solved: Dynamic or Static: Resilient Connections to a Third Party Network

andy roles · ‎02-06-2015

Hi there,

I haven't had the need to configure routing between different routing domains for for several years and wondered if anyone could advise regarding the following:

Our organisation is about to absorb another company 'A' (from parent company 'B') and we will be connecting by two (redundant) Ethernet circuits for about a year while we migrate the staff and services over to our estate. The primary link will run between our primary data centre and theirs, and our secondary link will run between our DR data centre and theirs.

The network guy from company 'B' said that they don't use our IP range so we can just route between the two networks.

We use EIGRP as our routing protocol. I think company 'B' uses OSPF and as I understand it we will be required to terminate into VRF Lite instances at each of their two data centres.

I just wonder if anyone could advise regarding the best way to go about this.

Use of static routing:

- Would using static routes with a higher metric for the DR circuit be a suitable solution? *

* If the primary circuit went offline I assume we would have to manually remove the primary static so traffic would go via the DR link?

Use of dynamic routing:

- Alternatively i.e. redistributing between EIGRP and OSPF, I've been asked by company 'B' that I run their routing protocol over the two links. (They said that VRF Lite doesn't work well with EGIRP which I found odd but that's fine!). For this scenario, should each of the links run it's own OSPF area? e.g. if company 'B' has OSPF area '0' as it's core should each of the interconnecting links (between us and them) have it's own area configured e.g. say primary link being area '1' and DR link being area '2'? I guess this would just leave redistribution in both directions to be done on our core routers at both our primary and DR sites?

Thinking about the above, and the potential for manual intervention in using statics, I'm guessing the recommendation would be to use dynamic routing!?

Many Thanks,

Andy

Jon Marshall · ‎02-06-2015

Andy

Firstly you could run IP SLA with your statics which means there is no need to manually switch over the links if the primary fails.

IP SLA would do this for you.

So static routes could do the job for you but obviously the other company will also need to implement this and they may or may not want to.

If you chose to run OSPF on the link then,as you say, all the redistribution could be done at one end and you are probably better to do that ie. on your end redistribute OSPF into your EIGRP and at the same time redistribute EIGRP into OSPF.

In terms of areas, it makes sense to use a different area but you would need to discuss that with the other company as to what they want to do.

All you are trying to do is achieve basic connectivity so I can't see the point of extending their existing area to you as you have no need to receive the type 1 and type 2 LSAs from within their DCs.

I would have another chat with their network guy to see which he prefers in terms of -

1) static vs dynamic

2) if dynamic then assuming OSPF over the link who is going to do the redistribution because you don't both need to do it

3) if it is OSPF would they be happy to use a different areas on the links

Jon

View solution in original post

Jon Marshall · ‎02-06-2015

Andy

Firstly you could run IP SLA with your statics which means there is no need to manually switch over the links if the primary fails.

IP SLA would do this for you.

So static routes could do the job for you but obviously the other company will also need to implement this and they may or may not want to.

If you chose to run OSPF on the link then,as you say, all the redistribution could be done at one end and you are probably better to do that ie. on your end redistribute OSPF into your EIGRP and at the same time redistribute EIGRP into OSPF.

In terms of areas, it makes sense to use a different area but you would need to discuss that with the other company as to what they want to do.

All you are trying to do is achieve basic connectivity so I can't see the point of extending their existing area to you as you have no need to receive the type 1 and type 2 LSAs from within their DCs.

I would have another chat with their network guy to see which he prefers in terms of -

1) static vs dynamic

2) if dynamic then assuming OSPF over the link who is going to do the redistribution because you don't both need to do it

3) if it is OSPF would they be happy to use a different areas on the links

Jon

Jon Marshall · ‎02-06-2015

Edited -

ignore that last post, you are not running EIGRP across the links.

My mistake :-)

Jon

andy roles · ‎02-06-2015

Hi Jon,

Thank you for your response.

I won't have contact with the other party until next week.

Working on the basis that they have for example five OSPF areas in place, would that mean it would make sense to create areas 6 and 7 on the respective links?

Also, as you said, as we won't be interested in LSAs etc, is there a particular configuration that needs to be applied to achieve this along the lines of summary routes and NSSA types commands...?

Thanks again,

Andy

Jon Marshall · ‎02-06-2015

Andy

It depends.

I was assuming they had area 0 at both DCs as you mentioned that.

You should really use two areas and then they would need to filter your routes because you would be injecting them into one area on one link and then they would be sending them to you on the other link.

The problem arises if each of their DCs is using different areas.

So say the main DC is area 0 and the backup DC is area 1.

All OSPF areas need to be directly connected to area 0 and obviously this wouldn't happen on the link to the area 1 DC if you use your own area.

You can use virtual links but you should avoid these if possible.

If you simply use their existing areas at your end then that means you are going to receive type 1 and type 2 LSAs as well.

I don't think I can give you a definitive answer because there are too many variable in terms of OSPF areas, summarisation etc.

Are the subnets within your main and backup DC different and the same question for their DCs ?

Depending on the answers to the above it may make more sense to run EIGRP across those links using summary addresses at your end for the subnets and let them do the redistribution because EIGRP does not have the same issues with areas.

I cannot see how that would affect their VRFs and even if it did they can always create a non VRF interface for the exchange of routes

I'm happy to help out further when you get more information but I think you need to talk with the other network guy especially about how the OSPF connections are going to work.

Jon

andy roles · ‎02-06-2015

Hi Jon,

Thanks for taking time out to answer all my points so thoroughly. I've not done anything routing related for a while and that was mainly out of text books so the guidance is much appreciated. I'm starting to get my head around this stuff again now.

I'll contact the network guy from the other party next week and get the info you suggested. As it is, I'm not certain they use OSPF anyway but it's been helpful to start considering how this might work.

Thanks for you offer to assist once I have more info.

Cheers,

Have a good weekend :o)

Andy

Jon Marshall · ‎02-06-2015

Andy

No problem, glad to help.

Once you have all the info by all means come back if you want to work through all the options and implications.

Jon