>I have a class B network subnetted using a 21 bit mask. This network has 2 >connections to the internet, 1 is by a T3 the other is a 512K T1. Each >connection to the internet comes out of a subnet, goes through a firewall, >and then through a Cisco 7200 router. We have static routes in place to >assure that the returning packets go to the proper firewall. I don't know >for sure if the routers connecting to the internet are running BGP or some >thing else. We have seen packets go out one interface and return on the >other. I suspect that something is not right with the border routers. Any >thoughts or suggestions?
They're probably using BGP and they're both advertising the same prefixes. This is actually pretty normal behavior. You don't have a large degree of control of return traffic back to your network. There are a number of things that you can try to influence the path other providers use but they key word there is "influence". It's very difficult--if not impossible--to enforce your routing policies on other providers. If one of them chooses one path over another to get back to your network, the best you can do is attempt to determine why that traffic is behaving that way and try to come up with a way to alleviate the problem. That's assuming it's really a problem. In your case, it could be a problem because your links are so imbalanced. I'd be tempted to leave the 512K T1 shutdown until it was needed. If you get too much traffic coming back down that link you'll create pinhole congestion. The rest of the world doesn't know that you have a T3 and a 512K fractional T1. They just see two paths back to your network. If your links were on the same router I think you could configure a conditional advertisement with BGP. This allow you not to advertise your network from the 512K T1 unless you stopped seeing BGP routes from the provider on the T3. There are other things that can be tried, such as AS path prepends, tweaking the MED, etc., but there is no rule that any other provider has to pay any attention to that information whatsoever so your results may vary. HTH, John Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=62901&t=62863 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
