cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
677
Views
0
Helpful
2
Replies

Moving from static to dynamic Routing Protocol for internal DC Infrastructure

dseth
Level 1
Level 1

Currently we have static based routing in our internal setup however on exiting we have MPLS router acting as HUB point and more than 200 spoke sites on which we are running EIGRP to get routers from there and redistribute static routes from HUB to spokes with dual MPLS provider from redundancy aspects and through same MPLS providers we have similar DR setup as well. We have anther connectivity with customers in our TPZ connected through Firewall wherein we running static based connectivity between the customers and same as above setup three more international MPLS cloud setup extended in TPZ through Firewall that includes more thane 400 remote routers based connectivity from there routes are getting exchanged. In this case if our DC fails major change we face for TPZ customers connectivity as there are multiple static routes changes involved from our side and customers side.


Hence to achieve auto-failover and business continuity purpose we are planing to move all dynamic based setup. We are bit confused which protocol we can choose here to replace static routing.


Should we have to use single dynamic protocol and can we use multiple dynamic protocol.

Request you to help to us on this, which dynamic protocol we should got for and what will be best option in our case.

Thank you.

2 Replies 2

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello @dseth ,

your network environment is quite complex and a network diagram could be helpful.

 

You have two WAN / Edge sectons one of them is already using EIGRP over dual MPLS service providers with 200 remote site routers.

Then you have the main DC and a DR site.

In addition you have 400 remote routers reached via a Firewall.

 

>> three more international MPLS cloud setup extended in TPZ through Firewall that includes more thane 400 remote routers based connectivity from there routes are getting exchanged. In this case if our DC fails major change we face for TPZ customers connectivity as there are multiple static routes changes involved from our side and customers side.

 

Can you explain what do you mean with TPZ is the name of a provider or what else ?

 

If there is a firewall on the path and the firewall is acting at OSI layer3 and above to be able to run a routing protocol must be one supported by the FW if any.

Can you provide the vendor, model and version of the involved firewall ?

 

Because extending EIGRP everywhere might be possible if the firewall is a Cisco ASA in routed mode, but unlikely with other vendors.

 

In addition there are some possible issues at DNS and application level: if the DR site is using different IP subnets then the main DC how are you going to trigger the change in DNS resolution of servers URLs?

 

Hope to help

Giuseppe

 

Thank you for quick response Giuseppe.!!

You have two WAN / Edge sectons one of them is already using EIGRP over dual MPLS service providers with 200 remote site routers.

Then you have the main DC and a DR site.

-->Yes

In addition you have 400 remote routers reached via a Firewall.

-->Yes

 

>> three more international MPLS cloud setup extended in TPZ through Firewall that includes more thane 400 remote routers based connectivity from there routes are getting exchanged. In this case if our DC fails major change we face for TPZ customers connectivity as there are multiple static routes changes involved from our side and customers side.

 

Can you explain what do you mean with TPZ is the name of a provider or what else ?

-->Third Party Zone segmented on main Firewall.

 

If there is a firewall on the path and the firewall is acting at OSI layer3 and above to be able to run a routing protocol must be one supported by the FW if any.

Can you provide the vendor, model and version of the involved firewall ?

--> Yes, Firewall is acting as L3 and it is ASA 5555-X and version 9.6(4)30.

 

Because extending EIGRP everywhere might be possible if the firewall is a Cisco ASA in routed mode, but unlikely with other vendors.

--> can we achieve better routing controls using EIGRP in complete setup in large setup as like us.

 

In addition there are some possible issues at DNS and application level: if the DR site is using different IP subnets then the main DC how are you going to trigger the change in DNS resolution of servers URLs?

--> In some cases we are using DNS and for some apps we are using same subnets in DR we just have down on DC and make up on on DR during drill time.

Have attached the diagram, it is difficult to cover compete network setup in single page diagram however have just draw connectivity structure.

Thank you.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco