cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
646
Views
0
Helpful
5
Replies

Two Routers and One ISP link Issue

dan_track
Level 1
Level 1

Hi

I've got a config issue I'm trying to find a solution for. Currently I've got one ISP link connected to one 2851 router.

What I need to do is remove the single router and replace it with two routers. The ISP has said they will only neighbour with one IP so I'm thinking of running HSRP on the ISP facing interfaces with the IP that the ISP will BGP neighbour with being the vitual IP x.x.x.x.

Can I please get any feedback on if this is the best way? And whether this will work?

I appreciate that the obvious weakest point is the ISP link, but its something I can't change at the moment and need to put this second router in.

Thanks in advance

Dan

5 Replies 5

Richard Burts
Hall of Fame
Hall of Fame

Dan

Perhaps we can clarify what kind of link you have to the ISP? It sounds like Ethernet but it is not clear in your post.

I believe that what you are suggesting is problematic. If you run HSRP you create the possibility that the ISP will create a BGP session to the first router (perhaps routerA) and then the HSRP fails over to routerB. But routerB does not have a BGP session to the ISP and it has no BGP routes in its routing table.

HTH

Rick

HTH

Rick

Hi Rick,

Thanks for the reply. I've got an ethernet link presented via RJ45.

I don't mind if there's a brief loss of connectivity while the router B builds it's BGP routing table. To be honest the only route being advertised by the ISP is a default route, which we pick up viua bgp.

The only concern to me is how bgp will work with a floating IP? Will there be issues?

Thanks

Dan

Dan

I believe that there is a major issue with trying to use the HSRP address as your BGP address. The router will use its configured interface address as the source address of BGP packets to the ISP. So the ISP will have configured its BGP neighbor statements to specify your HSRP address and the packets arriving at the ISP will not have that address as the source address. Therefore the ISP will regard them as invalid.

HTH

Rick

HTH

Rick

Hi,

I thought something like that might happen. Any thoughts on another way around this?

Thanks

Dan

Dan

I find that in situations like this it is frequently good to think about and prepare a good answer to the question: "what problem are you trying to solve here?"

If you are trying to implement a second router then it would seem that the problem you are trying to solve is the potential failure of the Internet facing router. Is that really what you are aiming for? Is failure of the router your main risk?

If it is then there are a couple of things that you might consider. Perhaps you could put some kind of load balancer into the link between the routers and the ISP and the balancer could send to one router or the other depending on whether it had detected failure in one router.

Or perhaps you could put some device in between your BGP routers and the ISP (perhaps another router). The extra router could connect to one of your BGP routers on Fast0/0 and to the other BGP router on Fast0/1. It could route traffic from the ISP out one interface or the other and do address translation on each of the interfaces. So the 1 ISP address would be translated into some address out Fast0/0 and translated into some other address out Fast0/1. This would allow both routers to look like the same address to the ISP while actually having separate addresses on their interfaces.

HTH

Rick

HTH

Rick