Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
602
Views
5
Helpful
6
Replies

preferred path using EIGRP/other

jburk
Level 1
Level 1

‎02-08-2016 12:21 PM - edited ‎03-08-2019 04:31 AM

I have attached a design diagram - I have 2 HQ locations with internet connections, 4500-x each advertise (into BGP) half of my /20 as a /21 but also advertise the /20 in case either side fails.

I have Palo Alto between these in Active/Active

I have some larger branches which I would like to prefer traffic towards HQ2 (600MB internet) with HQ1 as failover

My smaller branches I would like to prefer routing to HQ1 (300MB internet)

entire inside LAN is EIGRP over ASE network - currently on a single AS

I would like some peer review to recommend if I should use 2 EIGRP AS - or use static with SLA and EIGRP, or use BGP and EIGRP

Any input would be much appreciated

Labels:
Preview file
93 KB
0 Helpful
6 Replies 6

Jon Marshall
Hall of Fame
Hall of Fame

‎02-08-2016 01:18 PM

Not familiar with the ASE setup but do the branches see the HQ 4500s as the next hop routers or are there other L3 devices within the ASE network ?

Presumably you are sending default routes to the branches for internet ?

Is it just for internet you want to direct traffic ?

Jon

0 Helpful

jburk
Level 1
Level 1
In response to Jon Marshall

‎02-08-2016 01:41 PM

ASE is straight point-to-point layer 3 no devices in the middle

this is really just internet routing

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to jburk

‎02-08-2016 01:52 PM

Are you sending default routes from both HQ sites to the branch sites ?

Jon

0 Helpful

jburk
Level 1
Level 1
In response to Jon Marshall

‎02-08-2016 02:18 PM

yes, though HQ1-B 4500x is distributing with higher metric

this way HQ1-A and HQ2-A are equal cost

however now they will need to be unequal cost for different sites.

this is why I was leaning towards multiple AS

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to jburk

‎02-08-2016 03:00 PM

Unfortunately I don't have access to the lab I usually test with so here are some suggestions for doing it with EIGRP.

You can't use an offset list because you cannot do it by neighbor (although I could have sworn I got this working once !).

I can think of two possible ways neither of which I have used in production and in no particular order -

1) modify the AD of the route you do not want to use and you can specify the source IP of the update.

See this link for details -

http://www.cisco.com/c/en/us/support/docs/ip/enhanced-interior-gateway-routing-protocol-eigrp/13673-14.html#changedistR2

2) use a distribute list where you can specify the source IP of the update and simply filter out the default route from the HQ site you don't want to use.

Then add a floating static route pointing to that neighbor with an AD higher than the EIGRP default you want to use.

No need for IP SLA because the floating static will only be used if the router is no longer receiving EIGRP routes.

Not entirely sure about using two AS's but that may well work as well.

Others may well have alternatives that could be used.

Jon

Jon Marshall
Hall of Fame
Hall of Fame
In response to jburk

‎02-08-2016 05:42 PM

Edited - not keen on that idea :)

Jon

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card