Here is a basic diagram of their network.  Their edge routers are connected to their provider with BGP.  The interfaces that connect into the edge switch have an IP address in their public IP block.  The FW's outside interface also has an IP address in this IP block as well.  Right now, their FW is only sending traffic to one of the edge routers and their 100 meg connection is saturated.  They want to be able to use both 100 megs circuits at the same time.  The routers are physically in different buildings. 

Let me know if you need anymore information.

TIA,

Dan

What kind of fire wall is that? If it supports routing protocols, you cloud just setup a small OSPF network and have both routers originate default information.

It's a Palo Alto (cringe).  I know it supports BGP and I would think OSPF, but I would have to contact the engineer that is configuring that part. 

I will check if the FW can support OSPF, but in the mean time how would the routers need to be configured?

TIA,

Dan

The FW does support OSPF, so that solution would work.

Yes, the routers are running IBGP between them.  Would I put the FW in the same AS number as the routers?  If so, what do I need to use for the neighbors and networks?

BGP isn't one of my strong points, so I appreciate the help.

Dan

You should not need to touch the BGP. You are just going to configure OSPF. As I think about this, with only two peers in the IBGP this could have been statically routed between the routers to allow the IBGP to talk and so you should not just assume there is an existing OSPF session, check it out.

Your end goal here is going to be a single area (area 0) OSPF network running between the three devices. If you are not familiar with OSPF configuration, please consult the guide I posted above as it explains it better then I can. Once you have OSPF up and running you are just going to go under the OSPF process on both routers and enter the "default-information originate" command. That should be it.

Thanks for the information.  I am going to try to set this up in GNS3 before I present it to the client as a possible solution.  I will let you know if I have other questions.

Dan

I used GNS3 to simulate this.  However, the only way that I could get the default routes from the two edge routers to the other router was to use the 'always' option.  I thought that had to do with GNS3 only being able to emulate older routers.  I tried the same thing on three 2811 routers I have laying around with the same result.  The 2811's are running advanced ip services. 

Any ideas as to why I have to use the 'always' option to get the default routes out to the other router?

TIA,

Dan

Ok, I figured out why the 'default-information originate' command would only work with the 'always' option.  It was because I didn't have a default route on the routers with that command. 

I think I should be good to go.  I appreciate your help on this.

Dan