09-09-2010 04:02 AM - edited 03-04-2019 09:42 AM
I would like to use both IP VPN and Ethernet VPN in active/active scenario and i am trying to figure out the best method of utilizing both circuits while providing resilience, i.e. both provide backup to one another.
I realize that there are probably many ways to achieve this type of setup.
So the setup would be:
Customer has multiple sites connected to each other via both IP VPN and EtherVPN. Both IP VPN and EtherVPN are all in OSPF AREA 0.... SHAM links are enabled across SP so routes from both IP And EtherVPN are seen as O or O IA type routes.
Based on this what would be the best method of achieving active/active scenario and what are benefits or issues with each option?
- PBR routing?
- Adjusting distance for certain learned routes so they are less or more preferred?
- Adjusting COST on OSPF interfaces?
- running another routing protocol for so that lower AD protocol uses one VPN and the higher AD protocol uses the other...
I realize a lot depends on what the customer's requirements are. For example, he may need L2 connectivity for some application/DR functions, which would mean using EtherVPN...
Any other options??
It would be great to hear from anyone who has experience of this type of setup.
rays
Solved! Go to Solution.
09-09-2010 07:34 AM
Hello Rays,
I've answered in your previous thread
for easy reference I report here the text
Hello Rays,
>> Based on this what would be the best method of achieving active/active scenario and what are benefits or issues with each option?
- PBR routing?
- Adjusting distance for certain learned routes so they are less or more preferred?
- Adjusting COST on OSPF interfaces?
- running another routing protocol for so that lower AD protocol uses one VPN and the higher AD protocol uses the other..
I would use PBR in order to decide what IP flows go on the L2VPN link.
I would also use higher OSPF cost on the L2VPN link
in this way the L2VPN link will be used by:
L2 replication traffic and selected IP flows that you can control.
>> - Adjusting distance for certain learned routes so they are less or more preferred?
I would stay away from this as it is not easy to manage and troubleshoot, playing with AD should be considered last hope
making the two links equally preferred may not work as well.
And even if it works you miss control on what goes over L2VPN and what over L3VPN I would not recommend this.
Using two different routing protocols is safer as it gives you an additional level of control.
because most specific route is used first you could be able to have selected traffic over the L2VPN by allowing some component routes and using aggregate routes (less specific then OSPF routes) for all others.
EIGRP per interface summarization could be handy for this.
Hope to help
Giuseppe
09-09-2010 07:34 AM
Hello Rays,
I've answered in your previous thread
for easy reference I report here the text
Hello Rays,
>> Based on this what would be the best method of achieving active/active scenario and what are benefits or issues with each option?
- PBR routing?
- Adjusting distance for certain learned routes so they are less or more preferred?
- Adjusting COST on OSPF interfaces?
- running another routing protocol for so that lower AD protocol uses one VPN and the higher AD protocol uses the other..
I would use PBR in order to decide what IP flows go on the L2VPN link.
I would also use higher OSPF cost on the L2VPN link
in this way the L2VPN link will be used by:
L2 replication traffic and selected IP flows that you can control.
>> - Adjusting distance for certain learned routes so they are less or more preferred?
I would stay away from this as it is not easy to manage and troubleshoot, playing with AD should be considered last hope
making the two links equally preferred may not work as well.
And even if it works you miss control on what goes over L2VPN and what over L3VPN I would not recommend this.
Using two different routing protocols is safer as it gives you an additional level of control.
because most specific route is used first you could be able to have selected traffic over the L2VPN by allowing some component routes and using aggregate routes (less specific then OSPF routes) for all others.
EIGRP per interface summarization could be handy for this.
Hope to help
Giuseppe
09-09-2010 07:42 AM
Thanks Giuseppe, i wasn't sure that you were
around that why double posted..!
Many thanks for you're answer.
rays
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide