Solved: Re: MPLS VPN - CE configuration with static routing - Page 2

Jacob Samuel · ‎01-10-2010

Dear Friends,

Kindly I need your valuable help.

I have to connect 10 branches to my HQ over MPLS-VPN. The Telco has provided the Link and the configuration, now i have to configure and connect the routers at each 10 offices. I am using static routing and the design is hub&spoke method only, all the branches want to connect to the HQ.

Do i need to do anything other than adding the static route and redistributing the staitc routes to the bgp on the routers?

I have some branches with DSL type of connection, some are with MALC and some are with VSAT, Telco has provided their configureation based on that, is there any difference on the configuration which I should do for these different connections? or on all the routers does it require the static route and redistribution only?

I need your valuable input on the same, appreciate your early response.

Thank and Regards

Sunny

Jacob Samuel · ‎01-14-2010

Dear Giusee/Jon/Amer,

Thanks a lot for the updates. Finally am just adding teh configuration with three scenario - with static, with eigrp and eigrp with bgp. please cross check and let me know if am making any mistake in the config.

HQ Config with static route

router bgp 65089

no synchronization

bgp log-neighbor-changes

network 192.168.0.0 mask 255.255.128.0

neighbor 172.31.99.125 remote-as 65000

no auto-summary

!

ip route 192.168.0.0 255.255.128.0 192.168.96.1 (later will change the next-hop to null0)

!

====================

HQ Config with EIGRP without Internet

router eigrp 100
default-metric 10000 1000 255 1 1500
network 192.168.0.0 0.0.127.255
redistribute bgp 65089
no auto-summary
!
router bgp 65089
no synchronization
bgp log-neighbor-changes
network 192.168.0.0 mask 255.255.128.0
neighbor 172.31.99.125 remote-as 65000
no auto-summary
!
ip route 192.168.0.0 255.255.128.0 192.168.96.1 (later will change the next-hop to null0)
　
　
==============
　
HQ Config with EIGRP and Internet
router eigrp 100
default-metric 10000 1000 255 1 1500
network 192.168.0.0 0.0.127.255
redistribute bgp 65089
no auto-summary
!
router bgp 65089
no synchronization
bgp log-neighbor-changes
network 0.0.0.0
neighbor 172.31.99.125 remote-as 65000
no auto-summary
!
ip route 0.0.0.0 0.0.0.0 192.168.96.1

for bgp i have different AS numbers used in some branches (not only 65089 some places 64803 is the AS number) hope no issue.

once again thanks a lotttt...

thanks and regards

Sunny

Giuseppe Larosa · ‎01-14-2010

Hello Sunny,

>> for bgp i have different AS numbers used in some branches (not only 65089 some places 64803 is the AS number) hope no issue.

this is not a problem

your three possible setups look like fine

Hope to help

Giuseppe

Jacob Samuel · ‎01-14-2010

Dear Giusee/Jon/Amer

Thanks a lot for the support... I connected 2 of my branch offices (over VSAT) with the HQ today. Some other sites also i tried to connect but the telco has to activate the line.

As of now i am connecting the sites using static route at HQ, once the basic connectivity is tested i would go for EIGRP at the HQ.

Giusee, i have noticed 2 things today after the testing-

1) if i remove the static route (192.18.0.0 255.255.128.0 192.168.96.1) pointing to my LAN in the HQ router, and put the static route pointing to null 0(192.18.0.0 255.255.128.0 null0) i am not able to reach the LAN of my HQ from Branches.

2) i connected the sites which are using VSAT and the speed of the link 128 Kbps at both site. I tried to ping some servers and even the Lan interface of the HQ, it is pinging but the response time was huge (1600 to 1700 ms).

any clue what could be the isssue???

Thanks a lottt....

Regards

Sunny

Giuseppe Larosa · ‎01-14-2010

Hello Sunny,

thanks for your kind remarks

1) without EIGRP you would need more specific routes using the ip next-hop of 192.168.96.1 or the static to null0 would be a black hole. So the static to null0 is a good companion for EIGRP specific routes. Without EIGRP the use of next-hop 192.168.96.1 or more specific routes using next-hop 192.168.96.1 is a necessary step. Sorry if I have been unclear about this.

2) VSAT: satellite links are high delay. 1700 msec can be appropriate for the technology involved. We have some backups using satellite links and they show similar delays.

Consider 500 msec is propagation delay to reach a geostationary satellite (36000 km far from earth) one way.

However, VSAT may be using satellite that are not geostationary.

According to this link they declare 250 msec one way delay in one direction.

http://www.tgi.gl/uk/Services/VSAT/FAQs/VSATFAQ.htm

Hope to help

Giuseppe