Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
2020
Views
10
Helpful
4
Replies

layer 3 switch

Ibrahim Jamil
Level 6
Level 6

‎04-23-2011 07:40 AM - edited ‎03-04-2019 12:09 PM

Hi Folks

can i use normal  two L3 Switch(3560) for BGP Multihoming with 2 different isp

Labels:
0 Helpful
4 Replies 4

Roman Rodichev
Level 7
Level 7

‎04-23-2011 07:52 AM

Hi

Even though 3560/3750 switch supports BGP with IP Services featureset, it's not a fully functional BGP router. First of all, it has little memory (128MB) so it can't hold the entire Internet routing tabel (around 350K routes these days), which normally needs at least 512MB of RAM, but preferrably 1GB of RAM. Therefore, you can't receive full routing table from your ISPs, maybe just a part of ISPs routes + default routes. Furthermore, there are some limitations on BGP configuration on these switches. For example, you can't use some of the set commands for neighbor route-maps. I would strongly recommend to go with at least a 2800 or 2900 router that has at least 512MB of RAM, but preferrably 1GB. 3560/3750 switch BGP support is really meant for an MPLS CE switch/router.

Regards,

Roman

Ibrahim Jamil
Level 6
Level 6
In response to Roman Rodichev

‎04-23-2011 10:43 AM

Thanks roman,can i terminate both links (Internet and MPLS Link )(ISP-1)in the same 2900 router as primary and running (2nd Internet and MPLS link)ISP-2) as standby?

0 Helpful

Roman Rodichev
Level 7
Level 7
In response to Ibrahim Jamil

‎04-23-2011 11:03 AM

Ibrahim, you could do it, but keep in mind a couple of things:

1. You can only configure one BGP AS# on the router. Once ARIN assigns you AS# you must use that AS#. In order to peer up with your MPLS provider, you must still use the same public AS#, and your MPLS provider might not allow you to use it and ask you to use a different private AS#. But there is a way to hide local AS and appear as a different AS to your MPLS provider with the "neighbor x.x.x.x local-as X" command.

2. Security. Running Internet and private MPLS connectivity on the same devices is a bad idea for various reasons. One workaround is to configure couple of VRFs, one for Internet and one for MPLS service. You can configure both BGP peerings under two separate address-family IPV4 VRF X and Y. You will then need two internal interface (or subinterfaces) in two VRFs, one for Internet and one for MPLS.

Ibrahim Jamil
Level 6
Level 6
In response to Roman Rodichev

‎04-23-2011 11:28 AM

Hi Roman,why i m thinking to do that,because i want to get benefits for the current asa and aip-ssm module , thus avoid to install 2nd firewall and ips for the enterprise edge,so termination mpls and Internet link on the same device gives me the benefits of cost saving in term of hardware at the enterprise edge  while maintain the security modules

0 Helpful
Customers Also Viewed These Support Documents
Top