Our Internal WAN is all OSPF. We have the option of BGP between datacenters
only.
We don't control area 0. Area 0 consists of about 12-15 peering points, or
concentration routers.
The actual box's our provider uses are Nortel Shastas. All our locations for
Pt. 2 Pt. connections back
To the 12-15 different Shastas. Our equipment form 1 area off the each
shasta (12-15 separate areas), while the connection between shasta's
Across the Providers backbone is Area 0. I don't particularly care for it
myself, but under our circumstances it
Was the best and easiest way of doing things.
My concern isn't about propagating the default through OSPF, but rather how
I can have the default route
Received through the PIX , and how I can have it dynamically change if one
provider connection goes down.
I guess I don't see how I can have the Internal router know the status of
the externally received default route if that makes sense..
My thought process is that the next hop that will flow from the extrtr to
the intrtr will have the next hop specified
As the PIX facing interface on the extrtr. Unfortunately the next hop for
the internal router is in fact the PIX internal interface itself.
Upon further review I think that a static route for the PIX facing interface
of the external router that is directed to the
Firewall on the internal router would allow this to happen.
Extrtr recieves default route from ISP.
extrtr
(F0)
|
|
(EO)
PIX
(E1)
|
|
(F1)
intrtr
How do I propogate the default route from the outside to the inside ? I
would most likely form BGP peers , but wouldn't the next hop received for
the default route be to (F0). What I need is the next hop to be the Inside
interface of the PIX (E1) correct ?
Could I put a static route for (F0) pointing to (E1) on intrtr >? Would that
work ?
I still think that I am making to much out of this. I should have my lab PIX
back this weekend so I will build this up and test it then, but Im sure
someone is is doing this and I am curious how they have choosen to solve the
problem.
Thanks
Larry
-----Original Message-----
From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED]]
Sent: Monday, March 11, 2002 9:20 PM
To: [EMAIL PROTECTED]
Subject: Re: Redundant Internet Connection Questions [7:37908]
If I understand what you are trying to do -- it's a little unclear if
you are running all the OSPF or someone else is -- inject OSPF
defaults with metric type 2, and the metric on Connection A lower
than Connection B.
If the management of the OSPF system is under different
organizations, I'm afraid. I'm very afraid.
>Hello folks,
>
>I am looking for some ideas on the best way to provide redundant
>outbound internet connections. We currently have 2 separate Internet
>connections. We run PIX's at both locations. Inside both PIX's are a
>set Of 72xx series routers that run OSPF and BGP process's.
>
>Do to the nature of our WAN's, the routers are not members of Area 0
>for the OSPF network, and they are running EBGP between them on the BGP
>WAN network. One WAN vendor is Area 0, and the other WAN Vendor is our
>BGP peering partner. The Internet Vendor for both connections is the
>same however.
>
>I would like to implement redundant, dynamic Outbound connectivity that
>would use 1 connection as primary, and in case that goes down, failover
>to the second. I have come up with some Idea's, but I keep running into
>a snag with the PIX's setting between the Internet Router and the
>Internal router.
>
>
>
> EXTRTRA EXTRTRB
> | |
> PIXA PIXB
> | |
> INTRTRA INTRTRB
> |\ /|
> | \ / |
> | \ / |
> WAN1 WAN2 WAN2 WAN1
> | \ / |
> | \- OSPF Network - / |
> | |
> |--- WAN EBGP PEER --- |
>
>
>( All internal networks use Private name space )
>
>WAN 2 is the OSPF WAN vendor and we are not in Area 0, WAN2 routers
>form Area 0 on their backside.
>
>WAN 1 is the EBGP network. IE Each location is a separate AS( private
>AS ) and the WAN EBGP peer is 1 AS number. The EBGP network is used as
>a failover network between datacenters only ,and currently no traffic
>is flowing via BGP.
>
>All other WAN locations ( 100+) form a fully meshed cloud via OSPF.
>
>Our current setup is to have INTRTRA with a static route to PIXA that
>is redistributed into OSPF. The problem with this is that if EXTRTRA
>fails, the only way we know is from the phone ringing. We can swing to
>the secondary Internet connection by injecting the default route to
>PIXB at INTRTRB , but this is a manual and slow process.
>
>I am checking with our Internet Vendor to see if they can peer with us
>and supply a default route, however, I keep running into a stumbling
>block on how To inject this into the OSPF network. I have thought about
>setting up a BGP peer from the inside to the outside, but I think that
>the route that would be supplied would point to the external routers
>interface, not the PIX, which should be the next hop.
>
>I want/would like to inject the default routes with different costs
>such that connection A is always used unless it is down.
>
>Anybody else doing this, or have ideas or suggestions on the best
>practice. I am sure I am missing something obvious here, I just am
>going brain dead and cannot see what it is.
>
>Let me know if you need more information or if I have managed to
>totally confuse you.
>
>Thanks
>
>Larry
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=37931&t=37908
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
