Network Design

RS19 · ‎11-18-2019

I have the below diagram.

- 4 L3 switches running OSPF (L3#1,L3#2,L3#3,L3#4)

- There will be 2 internet links with 2 ISP

- Each ISP will be terminated in its Router

I want to use ISP 1 as primary for internet & ISP2 as secondary

How to design it?

If R1 fails traffic should flow through ISP2

If ISP1 fails traffic should flow through ISP2

How to achieve it?

Georg Pauwen · ‎11-19-2019

Hello,

are (and if, how) both of your routers connected to each other ?

RS19 · ‎11-19-2019

I have not decided it. If required I can consider it .

What is the right & recommend design I would like to follow it.

All the L3 switches are already in place . Only the routers & ISP links will be newly setup.

Georg Pauwen · ‎11-19-2019

Hello,

running iBGP between both routers and then setting the local preference would be an option then. If you want to avoid the overhead or complexity involved with that, you can also configure static routes in combination with IP SLAs and EEM scripts. I'll send over a sample config...

RS19 · ‎11-19-2019

Hi Thanks.

I prefer to use Static routes instead of BGP.

Static route pointing to Routers & redistribute static routes to OSPF.

As mentioned will wait for your sample config

Georg Pauwen · ‎11-20-2019

Hello,

here is what I am thinking of. You need a link between both routers. IP addresses and interfaces in the script are arbitrary, yours are probably different:

R1

track 1 ip sla 1 reachability
!
interface GigabitEthernet0/0
description Link to ISP_1
ip address 1.1.1.1 255.255.255.252
ip nat outside
!
interface GigabitEthernet0/1
description Link to R2
ip address 192.168.1.1 255.255.255.252
!
ip route 0.0.0.0 0.0.0.0 1.1.1.2 track 1
ip route 0.0.0.0 0.0.0.0 192.168.1.2 200
!
ip sla 1
icmp-echo 8.8.8.8 source-interface GigabitEthernet0/0
frequency 5
!
ip sla schedulde 1 start-time now life forever
!
event manager applet CLEAR_NAT
event track 1 state any
action 1.0 cli command “enable”
action 2.0 cli command “clear ip nat translation *”
action 3.0 cli command "end"

R2

track 1 ip sla 1 reachability
!
interface GigabitEthernet0/0
description Link to ISP_2
ip address 2.2.2.1 255.255.255.252
ip nat outside
!
interface GigabitEthernet0/1
description Link to R2
ip address 192.168.1.2 255.255.255.252
!
ip route 0.0.0.0 0.0.0.0 192.168.1.1 track 1
ip route 0.0.0.0 0.0.0.0 2.2.2.2 200
!
ip sla 1
icmp-echo 8.8.8.8 source-interface GigabitEthernet0/1
frequency 5
!
ip sla schedulde 1 start-time now life forever
!
event manager applet CLEAR_NAT
event track 1 state any
action 1.0 cli command “enable”
action 2.0 cli command “clear ip nat translation *”
action 3.0 cli command "end"

RS19 · ‎11-20-2019

Thanks I understand how it works

But I have the below questions.

1) How will the traffic reach R1 (Which is the primary) from L3#3 & L3#4 switches to go to internet.

2) Since OSPF is running what needs to be configured in L3#3 & L3#4 so that for internet it goes via R1

(I was thinking to add default route in L3#3 & point to R1, Similarly add default route in L3#4 & point to R2)

Redistribute default route into OSPF.

3) Also in your configuration what will happen when R1 router is down. How will my traffic from L3 switches goes through R2

Georg Pauwen · ‎11-20-2019

Hello,

it doesn't matter what your internal confguration looks like. All traffic reaching R1 will go out to ISP1, and all traffic reaching R2 will go to R1 and the out to ISP1. If ISP1 is not reachable, it will go the other way towards R2.

The design only accounts for ISP failures. If you want redundancy in case the entire R1 or R2 are down, you need to implement something like HSRP.

RS19 · ‎11-20-2019

Thanks.

Yes I am looking for hardware failure as well for R1 & R2.

I understand that It can be achieved via HSRP. Can it also be achieved using OSPF ?

paul driver · ‎11-20-2019

Hello

@RS19 wrote:
But I have the below questions.

1) How will the traffic reach R1 (Which is the primary) from L3#3 & L3#4 switches to go to internet.

You could run ospf between the wan rtrs and the core switches

2) Since OSPF is running what needs to be configured in L3#3 & L3#4 so that for internet it goes via R1

(I was thinking to add default route in L3#3 & point to R1, Similarly add default route in L3#4 & point to R2)

Redistribute default route into OSPF.

You could redistribute the default static routes from each wan rtrs into ospf for the cores switches assigning ospf metric type 1 for the preferred default route and default metric type 2 for the backup plus at the same time advertise the lan subnets to the wan rtrs from the core switches.

3) Also in your configuration what will happen when R1 router is down. How will my traffic from L3 switches goes through R2

The default route on the primary wan rtr will be a conditional route meaning it will be tracked with ip sla object tracking so then if the track initiates the default will be removed and the secondary default advertised by the secondary wan rtr to the lan core will take precedence.

Lastly if you running NAT on the WAN rtrs, depending on the IOS version you could either use Stateful or Box to Box NAT for dynamic nat failover.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

RS19 · ‎11-21-2019

Thanks.

Can you please share me high level configurations to achieve this ?