Results 1 to 11 of 11
  1. #1

    Am I doing this right? Configuration for my 2 provider BGP network

    I'm setting up a network for myself with the goals for performance and availability. If possible I want my network to do ipv4 and ipv6 now so that it's not a concern in the future and setting it up later doesn't cause downtime. Here is my setup

    I have 2 6500s 12.2(33)sxi5 with a sup720-3bxl in each and a 48-port gigabit line card in each. Router A is plugged into ISP A and router B is plugged into ISP B. Both ISP connections are gigabit ethernet (1000baseLH fiber) plugged into an SFP on the sup720s. eBGP is working on both (full routes) and I have a /24 from ISP A advertised over both.

    I setup a trunk port to connect the gigabit line cards together (will make it etherchannel as well) and I plan to then implement iBGP between the routers and VTP v3 to share the vlans across the switches and GLBP to provide active-active routing and create redundancy.

    Now my question: is this a good way to go about doing things? VTP v3 and GLBP? Is that currently best practices? Is there anything else I need to setup to get this to work well?

    Thanks!

  2. #2
    Join Date
    Jun 2001
    Location
    Denver, CO
    Posts
    3,302
    I'd use HSRP over GLBP. VTP, meh, I don't have an opinion either way.
    Jay Sudowski // Handy Networks LLC // Co-Founder & CTO
    AS30475 - Level(3), HE, Telia, XO and Cogent. Noction optimized network.
    Offering Dedicated Server and Colocation Hosting from our SSAE 16 SOC 2, Type 2 Certified Data Center.
    Current specials here. Check them out.

  3. #3
    Why would you use HSRP over GLBP? Isn't HSRP active/standby? Wouldn't it be better to load balance it a bit (even if it's not really necessary if a router dies it only affects half of the servers for the 10 seconds it takes to timeout, providing perhaps nearly negligibly better uptime--I think I'm understanding the difference correctly)? Is there a disadvantage to running GLBP?

  4. #4
    I have to disagree on HSRP over GLBP. Any reason you prefer it HSRP Jay? It is basically GLBP "Lite".

    In my opinion, you have everything spot on (at least that I can think of off the top of my head).

  5. #5
    Join Date
    Jun 2001
    Location
    Denver, CO
    Posts
    3,302
    One reason that GLBP could be problematic for a condensed core/edge layer is that each of your routers will have distinct routing tables, due to how eBGP routes are preferred to iBGP routes. So even if you redistribute your eBGP learned routes through iBGP between your two routers, the eBGP learned routes will take priority. As such, router A will prefer routes learned by provider A, and router B will prefer routes learned by provider B. If you load balance your traffic between your two cores, you could up with hosts in the same subnet/vlan taking very different external routes, causing general confusion and troubleshooting mayhem.
    Jay Sudowski // Handy Networks LLC // Co-Founder & CTO
    AS30475 - Level(3), HE, Telia, XO and Cogent. Noction optimized network.
    Offering Dedicated Server and Colocation Hosting from our SSAE 16 SOC 2, Type 2 Certified Data Center.
    Current specials here. Check them out.

  6. #6
    That issue can be eliminated by either establishing BGP sessions with both peers directly from both routers. Multiple physical connections would not be needed as a /29, a VLAN, and a trunk port would make this possible.

    As a second option (not 100% recommended as I have never tried or tested it, but I think it would work without creating a routing loop with his topology) would be to change the administrative distance on the eBGP sessions to be 200, so that routes learned from iBGP and eBGP would not be preferred over one another strictly because of how the prefix was learned.

  7. #7
    Join Date
    Apr 2003
    Location
    Lebanon, PA
    Posts
    420
    Not knowing what is behind his routers but glbp is arp based and most firewall clusters reply with a specific mac so there is no difference between running hsrp or glbp at the edge if you have a firewall directly behind your routers.

    If you have 2 providers, you can send your traffic to a single router( running hsrp) and if the 2nd router has a better path, it will forward the packet that direction.

  8. #8
    Join Date
    Jan 2011
    Location
    Hong Kong
    Posts
    59
    VRRP should be better for load balance outbound traffic.

    Why use HSRP?

  9. #9
    Join Date
    Apr 2009
    Location
    Romania
    Posts
    473
    Isn't it easier to simply have a single Cisco with dual supervisors, dual PSU and dual fiber cards?
    One ISP in one fiber card and the other ISP in the other card.

    It's a lot easier and there are no complications at all, but I don't know if it is better. There might be disadvantages compared with your setup. Not my domain so I'm not sure
    PidginHost.com - Managed dedicated servers, cloud servers and software development.

  10. #10
    Join Date
    Aug 2006
    Location
    Ashburn VA, San Diego CA
    Posts
    4,615
    Quote Originally Posted by ClaudiuPopescu View Post
    Isn't it easier to simply have a single Cisco with dual supervisors, dual PSU and dual fiber cards?
    One ISP in one fiber card and the other ISP in the other card.

    It's a lot easier and there are no complications at all, but I don't know if it is better. There might be disadvantages compared with your setup. Not my domain so I'm not sure
    Way easier... but he's afraid of the chassis failing I guess. Given the low probablility of a failed chassis compared to routing/configuration problems with your dual router setup, I think it's statistically better (uptime wise) just to run a single fully redundant chassis with a spare chassis on site just in case. Once you grow out of your collapsed core setup, you can then run dual boarders without all the complications.
    Fast Serv Networks, LLC | AS29889 | DDOS Protected | Managed Cloud, Streaming, Dedicated Servers, Colo by-the-U
    Since 2003 - Ashburn VA + San Diego CA Datacenters

  11. #11
    Quote Originally Posted by Jay Suds View Post
    One reason that GLBP could be problematic for a condensed core/edge layer is that each of your routers will have distinct routing tables, due to how eBGP routes are preferred to iBGP routes. So even if you redistribute your eBGP learned routes through iBGP between your two routers, the eBGP learned routes will take priority. As such, router A will prefer routes learned by provider A, and router B will prefer routes learned by provider B. If you load balance your traffic between your two cores, you could up with hosts in the same subnet/vlan taking very different external routes, causing general confusion and troubleshooting mayhem.
    Can't that be overcome by adjusting the Administrative Distance Value? They should be equal correct?

Similar Threads

  1. BGP default route - how to failover when provider peers down?
    By eger in forum Colocation, Data Centers, IP Space and Networks
    Replies: 12
    Last Post: 02-23-2011, 02:19 AM
  2. Do any know which provider offer BGP CDN solution?
    By condoraam in forum Specialty Hosting and Markets
    Replies: 1
    Last Post: 02-05-2011, 11:23 PM
  3. looking for contractor: Cisco 7500 BGP configuration
    By queensu in forum Employment / Job Offers
    Replies: 1
    Last Post: 11-09-2005, 07:40 PM
  4. Fremont BW Provider Needed (BGP Required)
    By BayColocation in forum Colocation, Data Centers, IP Space and Networks
    Replies: 0
    Last Post: 09-21-2005, 05:47 PM
  5. Need Advice on BGP Equipment / Configuration
    By Rob T in forum Hosting Security and Technology
    Replies: 23
    Last Post: 07-25-2005, 09:23 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •