My name is Deepthi and i work as a network admin. I am sorry if am troubling you with my message. I am working on MPLS, VPN and IPSLA.
I am new to the MPLS setups and everything and so this is getting super confused for me. Please do not mind my long mail.
I am currently working on 2 projects.
1. Building a S2S vpn tunnel towards a AWS cloud network.
2. Building a S2S vpn as a back up when my BGP peer dies. ( planning to use IPSLA)
So, here, i had to build a S2S tunnel from the fortigate towards the AWS cloud and then do the IPSLA from the ISR. So, it was hard and so, i decided to move my internet termination link to the ISR.
So, once moved, i need to build both the S2S tunnel (1. Towards AWS cloud, 2. Towards different IP when BGP peer is down).
So, My setup is like this..
core Switch --> Fortigate --> Internet cloud
<< Need a S2S tunnel here for AWS>>
Core Switch --> Fortigate ---> MPLS Router --> MPLS Cloud.
<< Need a S2S tunnel here for monitoring the BGP peer and using the back up link >>
Core Switch --> Fortigate --> MPLS Router ---> Internet & MPLS termination
<< Need 2 S2S tunnels built >> So, do i need to build them both from MPLS router or can i build one from Fortigate also.
I would like you to suggest how i should do these. Please let me know if there is any document i need to refer or any suggestion would do me a great help.
Thanks a lot. And am really sorry for troubling you.
couple of questions.
BGP - you have your own AS number or you peering with iBGP with Service provider.
how is your connection with AWS ?
it is good practice to learn by making some simple network diagram and understand the flows.
So, here is the requirment exactly.
We have our own AS number with Century link ISP. We are running BGP with the ISP Peer. ( this is on the ISR).
So, now am planning to migrate the Internet link to ISR. So, both MPLS and INTERNET are on the same router.
Once, this migration happens, i need to build a S2S tunnel towards the different BGP Peer or some ISP IP which they will provide me and make the MPLS as primary and the S2S as secondary link. So, i was thinking of using IPSLA between the MPLS and S2S VPN.
Thats my thought. i never implemented it or tried it. So, am super confused on how to do all these.
Hope you can help me with suggestions.
You need start writing implementation plan and dependencies, Also Service outage.
Steps to follow and roll back if any issue.