Routing for new WAN design

Mohd Khairul Nizam · ‎04-06-2014

Hi,

We are about to change to a new WAN design for 4 site.

Currently, 4 site is connected using leased line.

We have opted to change WAN to MetroE / IPVPN.

The ISP gave us the information and ask to configure BGP. Currently we are using static route. I'm never configure BGP before so I need advise on how to do so.

The ISP gave the info of AS ID but I'm not sure how to do it.

Please see attached picture for the network diagram.

Julio Carvajal · ‎04-07-2014

Hello Khairul,

Okey so you will be implementing BGP over an IPVPN network.

So first thing would be to enable the BGP process with the command

router bgp 65322

Then add the required neighbors, in this case looks like you will connect to 3 different sites so ur config will look like

neighbor Site_B_Router_IP remote-as 23736

neighbor Site_C_Router_IP remote-as 23736

neighbor Site_D_Router_IP remote-as 23736

And last but not least advertise the networks you want to be accesible from your neighbors

network x.x.x.x mask y.y.y.y

Hope it makes sense,

Remember to rate all of the helpful posts and for more information check my blog

http://laguiadelnetworking.com

jcarvaja@laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Mohd Khairul Nizam · ‎04-08-2014

thanks,

question:

1. I need configure all above command at each Router at each site, correct?

2. network x.x.x.x mask y.y.y.y : let say i in Site A, does this mean i need to be advertise internal IP of site A?

network 172.9.100.254 mask 255.255.255.255?

Aaron Ratcliffe · ‎04-10-2014

Hi ,

Yes please configure a network statement for any networks that need to be advertised into the WAN as Julio said

Mohd Khairul Nizam · ‎04-11-2014

OK,

I will try to configure the BGP config for each router.

By the way, each site router have a secondary line also, does that mean the BGP configuration also applied to the secondary line.??

How to auto failover to secondary line? IP SLA??

Mohd Khairul Nizam · ‎04-15-2014

Hi guys,

Sorry, anyone can confirm this

Jon Marshall · ‎04-10-2014

1) yes

2) you don't advertise the network using a 255.255.255.255 mask.

Your network statements under your BGP config need to match the IP routing table. So if do a "sh ip route" and see an entry for 172.9.100.0 255.255.0.0 then you need to add this to your BGP config -

router bgp 65322

network 172.9.100.0 mask 255.255.0.0

note that the mask used in the network statement under your BGP config must be the same as the subnet mask of the route in the IP routing table or BGP will not advertise it out

You need a network statement for each network you want to advertise out at each site

3) can't tell from your diagram but if you are planning to use the same AS number at all sites ie. 65332 then you will also need to add this to your BGP config -

router bgp 65332

neighbor x.x.x.x allowas-in 1

if you are planning to use a different AS per site you don't need the above.

Jon