Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2499
Views
0
Helpful
2
Replies

WAN design using Cisco and Juniper SRX

Jigar Dave
Level 3
Level 3

‎01-11-2011 08:41 PM - edited ‎03-04-2019 11:03 AM

Hello Experts,

I need your help, my current scenario is as follows

Local LAN is connected with cisco 2800 router and SRX 210 Firewall, currently all LAN segment will go to my Data Center via ISP A and all internet traffic from LAN segment will go to internet via SRX firewall, there is no relation/connection between cisco router and SRX firewall. I have separate AS no. s for both the ISP

Need your help, I am having attached scenario. based on current one I would like to do following.


1. I need to use PBR at LAN Switch ( its L3 Switch) such that in normal scenario - local VLAN traffic is equally distributed on both ISP.
2. dedicated internet traffic will flow through ISP B only and if WAN link of ISP B goes down, the internet traffic will pass through ISP A. ( in normal

scenario, ISP A will utilized 100 % for LAN traffic to reach it to DC but once ISP B link goes down, the b/w of ISP A will be divided to route 50% traffic for LAN segment to DC and rest 50% traffic of LAN segment to internet)

additionally, one question in my mind that I want to ask

is it possible to divide bandwidth of ISP B such that 70 % link will be utilized for internet traffic and 30 % link will be utilized for Local LAN subnet to reach to DC, what I understand that if ISP B is providing me services on SRX firewall then my all LAN traffic will advertise into MPLS cloud only then how that traffic will reach to internet.

please clarify

Thanks in advance

Jigar

Labels:
Preview file
18 KB
0 Helpful
2 Replies 2

rashidsiddiqui
Level 1
Level 1

‎01-11-2011 09:46 PM

For

point one you can use a PBR with even and odd IP segregation

access-list 100 permit ip 10.1.1.0 0.0.0.254 any

Route-map ABC permit 10

match ip address 100

set next hop ip

Apply the route-map on SVIs (Interface VLANs), using ip policy route-map.

Please rephrase your second question,

0 Helpful

Jigar Dave
Level 3
Level 3
In response to rashidsiddiqui

‎01-11-2011 09:53 PM

Hello Rashid,

Thanks for reply,

2. dedicated internet traffic will flow through ISP B only and if WAN link of ISP B goes down, the internet traffic will pass through ISP A. ( in normal

scenario, ISP A will utilized 100 % for LAN traffic to reach it to DC but once ISP B link goes down, the b/w of ISP A will be divided to route 50% traffic for LAN segment to DC and rest 50% traffic of LAN segment to internet)

more clarification:-

--> I want ISP B dedicated to flow only internet traffic, if B goes down, internet traffic will pass through A ( at this time, 50 % b/w of A is used in internet traffic and rest 50% is used for internal LAN segment to reach to DC).

question of your PBR solution: I know PBR is one of the soluttion, can you give me how PBR is used between cisco and non-cisco device ( because here in my scenario, cisco and SRX both exists)

Thanks in advance

Jigar

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card