Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1514
Views
0
Helpful
5
Replies

iBGP with Public or Private IP's

mn-sysadmin
Level 1
Level 1

‎02-22-2019 04:34 PM - edited ‎02-22-2019 04:37 PM

Working on a new datacenter deployment with 2 eBGP routers, each connected to a separate ISP where both will give us full routes

 

My plan for iBGP and the lateral connections between our routers:

1x10Gb layer 2 connection

2 x 2Gbps LACP port channels using 4 ports on each router

A public /30 on each port channel

 

My question is do I need to use publicly routed /30's on these lateral links or can I use private IP's in the design for B.B.B.X and Y and D.D.D.X and Y?

 

See graphic here

bgp_setup.jpg

 

Labels:
0 Helpful
5 Replies 5

balaji.bandi
Hall of Fame
Hall of Fame

‎02-22-2019 05:04 PM

You can use any one depends on availability of the IP address space(if you have spare public IP you can)

 

Private also works since this is iBGP and reside internall, either case as long as you have ip reachability you can do.

 

Again how is your eBGP configured, in the same Router ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Deepak Kumar
VIP Alumni
VIP Alumni

‎02-22-2019 11:24 PM

Hi,

As mentioned that it depends on your EBGP configuration and IP address availability. But I will go with a Private IP address if really not required. Because those two IP addresses are not going publicly anymore. 

 

Regards,

Deepak Kumar 

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
0 Helpful

paul driver
VIP
VIP

‎02-23-2019 02:17 AM

Hello

If you use public addressing from which isp are you going to use it from?  Also you dont want to be advertising isp addressing from within your internal network possibly incurring transient traffic between through your wan rtr's

 

Go with internal addressing, no need for public - your isps will be aware of your internal network anyway.


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

mn-sysadmin
Level 1
Level 1
In response to paul driver

‎02-25-2019 12:46 PM - edited ‎02-25-2019 01:03 PM

There are 2 ISP's providing the northern link on each router. Per the picture, one ISP is A.A.A.A and the second ISP is C.C.C.C. So I expect that both ISP's are going to give an external public IP to use to terminate each of their links on my routers.

 

My ask to them was going to be to each provide a /30 or /31 that I would use on the lateral links between the routers 1 ISP would provide B.B.B.X and the other ISP would provide D.D.D.X

 

Then I would build a 2 port port channel for each /30 or /31 and put the two IP's on each side of each port channel. Then use OSPF to distribute traffic across both

The ibgp peer on each router would use a loopback private IP, and then OSPF would be configured to route traffic between the two loopback private IP's over the 2 port channels with a public IP on each port channel

Like this:

192.168.183.0/32 is subnetted, 2 subnets
O 192.168.183.66 [110/21] via 200.200.200.18, 7w0d, Port-channel3
[110/21] via 64.64.64.174, 7w0d, Port-channel6

 

All of the above would be using ISP provided IP space.

I have my own provider independent /23 that is separate and will use a public ASN. I would advertise to the first ISP the /23 and 1 /24 that is part of the /23. Then I would advertise the /23 to the second ISP and the other /24 that is part of the /23

I'll be using HSRP on my /23 addresses

both routers would be doing Full Routes from each respective ISP

 

We would receive traffic from the internet inbound from both ISP's and the traffic would travel laterally if the destination is hanging off the adjacent external router or it would just proceed south if the destination is hanging off the router the traffic it came in on. 

 

I don't have the public IP space to do the lateral links, because I don't want to break off 2 x /30's from my /23. I was planning to try to get the /30 or /31 thrown in by each ISP to do this

 

We have a similar setup in another datacenter we have, but I didn't set it up. I guess I am taking for granted that I need to use public ip's for those lateral links as that is how this other datacenter is setup. 

 

In light of this it is still fine to just use private IP's on the lateral links for purposes of routing between the loopback IBGP peers over 2 L3 portchannels with OSPF?

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to mn-sysadmin

‎02-25-2019 01:00 PM

 

You can use private IP addressing. 

 

The destination IP inbound will never be those IPs on the lateral links and the ISPs are peering on public IPs on the northern links so they have no need to know them either ie. they will just be used for IBGP peering and routing across the link if the destination is reachable via the other switch. 

 

I inherited a similar setup where the interconnect is using public IPs and I keep meaning to change them but never get the downtime :) 

 

Jon

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card