Re: Routing - general question (dynamic routing)

louis0001 · ‎02-04-2020

Hi,

this question isn't strickly Cisco related as there is another make of router in the mix as well as Cisco.

We have a network (99% Cisco) which uses MPLS and BGP routing for our remote sites. All is well.

We have vehicles that are assigned to these remote sites (60 sites in total)

The vehicles have a 4G router on them which has a primary connection to our wireless and then when the vehicle leaves the premise (and loses the primary connection to the wireless, it switches to 4G)

The 4G connection is via a private APN which assigns a dynamic IP to the 4G router from a private range (172.17.100.0/24 or 172.17.101.0/24) and this is routed back to our network over an MPLS connection.

So the router gets a dynamic IP from our network when connected wirelessly (10.1.*.*/24) or a dynamic IP when connected via 4G (172.17.100.0/23)

What I need to do is to be able to get to the LAN side of the router 192.168.127.1/24 and the devices behind it. So it needs dynamic routing like "ip route 192.168.127.0/24 via THE DYNAMIC IP"

Is there a way to do this?

** We're familiar with setting up BGP between routers etc but these are normally fixed IP's for the router and not dynamicly assigned. **

Muhammad Awais Khan · ‎02-04-2020

Hi,

Your 4G devices always gets Dynamic IPS right ?

To run the dynamic protocol we need to have interfaces between your offices and remote sites in same subnet so they can become neighbor. I am not sure which vendor your remote vehicle 4G router is, if it is Cisco then you can create DMVPN with your headoffice router as DMVPN hub and remote sites as spoke. Then you can run protocol like ospf or eigrp. Advantage of running DMVPN is that it does not require spoke sites to have fixed or static IP. Further it is point to multipoint VPN tunnel.

louis0001 · ‎02-04-2020

We were hoping to avoid the overhead with a VPN seeing as our network is MPLS and our 4G connection is a private APN also with no breakouts.

The router on the vehicle does do DMVPN though...

Muhammad Awais Khan · ‎02-04-2020

Hi,

I understand but creating overlay VPN's will be the way only to run protocol between your 4G sites and your network. I believe DMVPN will not create much overheads, its the dynamic protocols that can add some overheads by periodic updates which requires fine tuning.

Further, since your IP's are dynamic you will not have option for the static Routes and static routes will not be scalable for you as you have 60 sites already.

My experience with similar situation went fine with DMVPN and Routing protocol. Good design with some fine tuning with protocols can yeild some good results for you.

If you see SDWAN solutions like viptella, Meraki or APIC-EM, from configuration perspective they are doing almost similar thing like creating a secure overlay tunnels over WAN/Internet links and run protocols over it.

louis0001 · ‎02-04-2020

Yes, that would make sense seeing as they are running over insecure links. As ours is secure, we did hope to avoid this but I can see your point which was why I've been racking my brains for a solution but couldn't think of one other than a VPN solution. I was leaning towards BGP dynamic groups but never progressed it.

paul driver · ‎02-04-2020

Hello

@louis0001 wrote:
The 4G connection is via a private APN which assigns a dynamic IP to the 4G router from a private range (172.17.100.0/24 or 172.17.101.0/24) and this is routed back to our network over an MPLS connection.

If your already running private APNs into your main site from the 4g celluar connections, Wouldnt this then just be a case of getting those private lans to be allowed to cross the ipsec vpn of your Main site/APN's mobile operator vpn gateways, Or maybe even nat those lans subnets to the routers APNs assigned ip address?

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

louis0001 · ‎02-04-2020

Yes, they do NAT already and are connected. But we want to be able to route to the various lans eg 192.168.100.0/24, 192.168.101.0/24 on each 4G router (so we can access all devices behind the router (no port forwarding etc).

As the outside interface is a dynamic private IP on 4G, we're trying to find a way to route the to the various lan's behind it.

The 4G router has a dynamic IP on 4G (while on the road) and a dynamic IP via wireless (when within a premise as it travels to multiple sites within our wireless network)

We just need to be able to dynamically route to the routers lan(s) wherever that may be eg on the road (4G) or on premise (wireless) at SITE A, SITE B, SITE C

paul driver · ‎02-04-2020

Hello

so would flexible static routing combined with ip sla tracking work for you or even some simple eem scripting monitoring the active wan interface so when that interface changes it is seen by the tracking and the routes would be removed or installed in the routers rib

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

louis0001 · ‎02-05-2020

Yes, that might work. Basically, we're after being able to route to lan subnets behind a dynamically changing wan interface.

Never heard of flexible static routing??