Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
504
Views
0
Helpful
3
Replies

Multiple ISPs BGP path selection

jeffreybunch
Level 1
Level 1

‎10-09-2009 07:33 AM - edited ‎03-04-2019 06:18 AM

I currently have two ISPs that serve our corp Inet traffic. We are bringing our website in house and adding a high bandwidth (>200Mb) ISP connection that I want to dedicate to hosting the website only. No Corp traffic should flow through it. We already have separate firewalls for the website. I have plenty of IPs (2 class Bs, sorry everyone... plan to sell one+ back) but I would like to be able to use the two current ISPs as backups to the new one. Attaching diagram of current setup. Will break connectivity from Web FWs to current routers. How do I accomplish this without the Website using the corp ISP links and vice versa (except in case of ISP outage)

Labels:
Preview file
125 KB
0 Helpful
3 Replies 3

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎10-09-2009 08:35 AM

Hello Jeffrey,

the key point is that you have plenty of public IP addresses:

If you can "waste" a /23 IP prefix:

the idea is to dedicate at least a /24 to the web server(s) IP subnet.

To get the desired behaviour:

the /24 subnet is advertised only to the new ISP.

An aggregate address /23 is created and it is advertised with your AS path prepended out current ISPs.

the combination of less specific route (/23 instead of a /24) + a longer AS path )(the result of prepending) should provide what you are looking for.

/24 is the minimum size that can be advertised on the Internet.

You could try to send /24 also out current ISPs with AS path prepending but this doesn't assure that 100% of return traffic will be via the new dedicated ISP.

Hope to help

Giuseppe

0 Helpful

jeffreybunch
Level 1
Level 1
In response to Giuseppe Larosa

‎10-09-2009 10:53 AM

OK, if I understand correctly, you are saying this:

Advertise one /24 for the web servers, and one /24 for the Corp Internet. On the server router, prepend for the corp subnet, and on the corp routers, prepend for the server subnet.

How do I ensure that outbound traffic originating from the Web servers/FWs to the Internet ONLY uses the new ISP and corp uses the old?

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to jeffreybunch

‎10-09-2009 11:16 AM

Hello Jeffrey,

good note:

>> How do I ensure that outbound traffic originating from the Web servers/FWs to the Internet ONLY uses the new ISP and corp uses the old?

I think you should add PBR to the picture to route based on the source if possible traffic coming from the web server.

BGP cannot do this job alone.

Hope to help

Giuseppe

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card