If you go with two ISPs, aggregation by the ISP you received the
addresses from might cause some traffic-related issues you need to be
aware of. Let's say you have a /24 from Bill's ISP and you then add an
additional connection to Ted's ISP. You are running BGP with both and
advertise your /24 from your own AS into Bill's AS and Ted's AS, both of
whom will announce your prefix to the rest of the world.
Now, let's say that Bill's ISP decides to filter your /24 and simply
announce an aggregate. Ted, meanwhile, is advertising the more-specific
/24. Now, some user out in Dave's ISP tries to reach your network. The
router at that ISP looks into its routing table for your prefix and
finds a /24 available through Ted and a less-specific route through
Bill. The router will choose the more-specific prefix, forcing all
return traffic to your network to come through your second ISP.
So, unless this is acceptable to you, make sure you choose two ISPs
that will advertise your specific prefix.
John
>>> "Richard Chang" 7/6/01 3:57:54 PM >>>
Daniel,
Unless you are going to get your own IPs from ARIN, you don't have to
worry
about getting anything smaller than /24. Just like John said, if you
are
using IPs assigned from ISPs, they should do the aggregation job for
you to
make sure your IPs get global routability.
If you could get two circuits from these two ISPs(make sure that they
don't
use the same carrier if you could...) and run some kind of dynamic
routing
protocols with these two ISPs. That would definitely give you the level
of
redundancy you are looking for.
The only problem I can think of is that you might need to make quite a
few
changes in your network as you would be getting two blocks of IPs from
these
two ISPs. e.g. load-balancing.
Richard
"Daniel Wilson" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Thank you for the response, John.
>
> Accessibility from just about anywhere, especially in the US, keeps
me
happy
> too. But our ISPs have a tendency to mess up routing table entries
or
> otherwise shut us off. We have outgrown a single T1, and want to add
some
> redundancy.
>
> I need a solution that will mean that a *single* mistake outside of
our
> control doesn't shut us down. There's an ISP in town that's willing
to
run
> BGP with us -- and they want us to get both lines from them. But
would
that
> put us back into the position of being vulnerable to a single mistake
at
> their location? If *both* our ISPs mess up at the same time --
well,
that's
> exceptionally bad luck. I realize we have to accept some risk for
things
> that are so unlikely. But yesterday morning, one ISP was down for
45
> minutes, taking down most of our sites. This afternoon the other one
is
> down, taking down one of our newest clients.
>
> You're right we don't quite need a /24 ... /25 or probably even /26
would
> work. And the ISP in town wants to set us up on one of their
private
ASN's.
> They're also trying to talk us out of running BGP, though they'll do
it if
> we insist.
>
> If an ISP -- either our current one or another one -- can provide us
> circuits that follow different paths, would that give us the level
of
> redundancy we're looking for?
>
> Thanks again!
>
> --
> Daniel Wilson
>
> ""John Neiberger"" wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Keep in mind what is actually occurring when using BGP. You are
> > advertising prefixes from your AS into your provider's AS. They in
turn
> > either include your specific prefix in their announcements to
other
> > providers, or they aggregate your smaller prefix into larger
> > advertisements. It is at this stage that you need to worry about
what
> > other providers are doing as far as filtering.
> >
> > If your provider is advertising your specific prefix, a /24 for
> > instance, but the other companies won't accept anything less than a
/22,
> > then you're up a creek. We are advertising a /24 to two separate
> > providers and I haven't seen any reachability problems from
anywhere in
> > the world. As far as I'm concerned, if we can be reached by either
path
> > from just about anywhere, especially in the US, then I'm happy.
> >
> > I've been following your posts and I'm curious about your
motivation
> > for adding a second provider. This adds a measure of complexity
that
> > might not be necessary, depending on your goals. Can your current
> > provider give you a circuit that follows a separate path then your
first
> > circuit? If so, that would eliminate a couple of issues.
> >
> > First, you wouldn't even necessarily need to run BGP, although I
would
> > prefer to do so. But instead of getting full routes, you could
accept
> > defaults-only from your provider and advertise your addresses on
both
> > links.
> >
> > Second, you wouldn't worry about getting an entire /24--or
> > larger--block of addresses. In this scenario, your provider will
> > aggregate your prefix into their larger announcements, but when
traffic
> > destined for your network arrives in their network, internally
they'll
> > see two available paths. This has the additional benefit of not
wasting
> > registered addresses since you probably don't really need an
entire
> > /24.
> >
> > Third, you won't have to apply for your own AS number from Arin.
If
> > you run BGP over two links to the same provider, they will either
let
> > you use their ASN or let you use a private ASN that will only be
seen by
> > their network.
> >
> > Would a solution like this work for you?
> >
> > Regards,
> > John
> >
> > ----------------------------------------------------------
> > John Neiberger
> > Firstbank Data Corporation
> > 12345 W. Colfax Ave.
> > Lakewood, CO 80215
> > (303) 235-1093
> >
> >
> > >>> "Daniel Wilson" 7/6/01 12:23:46 PM >>>
> > We are looking into multi-homing our network and running BGP on
our
> > router.
> >
> > I was told by some of you before that some ISPs won't advertise a
block
> > of
> > IP's smaller than /22 and many won't do any smaller than /24.
That
> > leads to
> > this question.
> >
> > Are our ISPs the only ones that need to advertise our block? Or
does
> > everybody out there need to advertise the block?
> >
> > Thanks!
> >
> > --
> > Daniel Wilson
> > CompuSoft Solutions and The Worthwhile Company
> > http://www.worthwhile.com
> > Your complete e-business solution partners.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=11211&t=11191
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
