If you don't want the run the IGP on the firewall, then just run something between the 2 gateway routers. iBGP would do the trick, and you are running BGP anyway. You could still use HSRP for your own extra router redundancy, but not for upstream selection.
On Fri, 2002-07-26 at 16:28, sam sneed wrote: > I have a very small network, only 3 networks so i really don;t want to run > an IGP. I especially don't want to run it on my firewall. The ISP suggested > the HSRP solution since we are using static route between our firewall and > these 2 routers. I know there has to be way to do this and am trying to > figure it out. I don't have enough routers to set up a lab so I can't test > it before i put it in production. > > Thanks. > > ""Jay Greenberg"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > If I understand you correctly, I don't think that HRSP is what you > > need. HRSP is good if upstream serial interfaces go down, or something > > like that, or for router redundancy, but in your situation I would > > suggest letting your IGP determine which upstream is active, based on > > who is still advertising the default BGP prefix. If you are using OSPF, > > you could use #default-information originate. If the BGP default prefix > > is the only default route on your edge routers, the OSPF default will > > disappear if the BGP default disappears. If you don't use OSPF, just > > redistribute the BGP default into your IGP. > > > > I am assuming that when your ISP goes "down", they stop sending the BGP > > default. > > > > This will allow 1 of 2 things to happen. If your downstream devices are > > IGP routers, they will already know the best to the good BGP upstream. > > If they are hosts with static default routes, then their default gateway > > could always relay the packet, or suggest an ICMP redirect to the host. > > > > Let me know if this helps! > > > > Jay Greenberg > > > > On Fri, 2002-07-26 at 14:50, sam sneed wrote: > > > I have a pair of 2621's and 2 reduandant ethernet handoffs to my ISP. 1 > is > > a > > > primary and the other is a backup which should only be used if the > primary > > > fails. On my side i am running HSRP for fault tolerance RA is configured > > > asprimary in my HSRP group. I will be doing BGP peering with my > provider. I > > > only want to receive default routes. I almost have the full config but > am > > > confused on 1point. If ISPA goes loses connectivity a couple hops > upstream > > > HSRP will not fail over becasue my link is physically up so all my > internal > > > hosts will still go through RA eth0. How do I get them to go through RA > > eth0 > > > then to RB eth0 and then eventually through the backup ISP link, ISP B. > > Keep > > > in mind its the same ISP, AS#, just a different connection. Its a huge > ISP. > > > Is there some kind of peering needed between RA and RB, maybe some > special > > > commands? > > > Am I at least on the right track? > > > My configs are posted below. > > > > > > If the ascii art gets confusing I have posted good a diagram as a gif at > : > > > > > > http://sbnet.freeservers.com/bgp.gif > > > > > > virtual router > > > All routers use AS100 > > > ____________________ > > > __________________ > > > 172.16.20.0 ---> | 172.16.10.2--->RA | > > > 192.168.133.1------->|ISPA 192.168.133.2 | ----->internet > > > 172.16.30.0 --> | ------------------------| (RA eth1) > > > |__________________| > > > 172..16.10.0 ---> | 172.16.10.1-->HSRP | > > > | ----------------------- | > > > | 172.16.10.3---->RB | > > > _________________ > > > |___________________| > > > 192.168.100.1--------->|ISPB 192.168.100.2|------>internet > > > > > > (RB eth1) |________________| > > > > > > > > > Router A > > > ----------------------------------- > > > ------------------------------------ > > > interface FastEthernet0/0 > > > ip address 172.16.10.2 255.255.255.0 > > > standby priority 105 > > > standby 244 ip 172.16.10.1 > > > standby 244 preempt > > > standby 244 track FastEthernet0/1 > > > ! > > > interface FastEthernet0/1 > > > ip address ip address 192.168.100.1 255.255.255.252 > > > > > > > > > router bgp 100 > > > no synchronization > > > network 172.16.10.0 > > > network 172.16.20.0 > > > network 172.16.30.0 > > > neighbor 192.168.133.2 remote-as 100 > > > neighbor 192.168.133.2 prefix-list ABC in > > > neighbor 172.16.10.3 remote-as 100 > > > no auto-summary > > > ! > > > > > > ip prefix-list ABC seq 5 permit 0.0.0.0/0 > > > > > > end > > > > > > > > > > > > > > > Router B > > > ------------------------------------ > > > interface FastEthernet0/0 > > > ip address 172.16.10.3 255.255.255.0 > > > standby priority 100 > > > standby 244 ip 172.16.10.1 > > > standby 244 preempt > > > standby 244 track FastEthernet0/1 > > > ! > > > interface FastEthernet0/1 > > > ip address ip address 192.168.100.1 255.255.255.252 > > > > > > router bgp 100 > > > no synchronization > > > network 172.16.10.0 > > > network 172.16.20.0 > > > network 172.16.30.0 > > > neighbor 192.168.100.2 remote-as 100 > > > neighbor 192.168.100.2 prefix-list ABC in > > > neighbor 172.16.10.2 remote-as 100 > > > no auto-summary > > > ! > > > ip prefix-list ABC seq 5 permit 0.0.0.0/0 > > > > > > end Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=49831&t=49807 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
