Bob, I think one way to go about it is to have both ISP advertise your address (if you can talk the one that didn't issue the address into it - it adds a route in the internet). Here is a great resource for BGP load sharing (although I'm not certain that it addresses your issue specifically):
http://www.cisco.com/warp/public/459/40.html Bob Timmons wrote: > > Hey all, got a question, but first, the situation... > > We've got 2 T1's in our NYC location that go to 2 different > ISPs. We've > moved these Ts off of their respective Cisco 2500's and onto a > single Cisco > 7206vxr. This is now our 'outside internet' router. The > ethernet interface > goes to the Checkpoint unix box and the other side of the unix > box goes to > the internal network. The internal network is using a > 10.x.x.x/22 range > (2000 addresses). We'd like to perform some load-sharing using > BGP. We've > obtained an AS number and are getting full routes from both > providers. > Outbound BGP seems to work fine. Depending on site, it takes > differnet > paths. Inbound, however, is dominated by one T only. We're > using PAT at > the firewall to perform address translation. The firewall only > has 1 valid > 'Internet' IP address. It's my understanding that this is why > all inbound > traffic is using only 1 provider, as opposed to both. I'd like > to either > have 2 valid internet IP addresses at the firewall (which I'm > not sure is > even possible) or perform the PAT at the router and maybe use > access-lists > to split up the traffic. I guess the question is, what is the > best practice > when doing this? I'm sure that we're not the only company that > wants to do > something like this. Do either of my solutions sound feasible? > > thanks > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=32985&t=32983 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
