Book now with code EOY2025
GT-Rob wrote: » Ok, so Visio isn't on this computer, so its awesome MSPAINT to the rescue! The 'core' of the network, is the same on each side. Most vlans are configured on both sides, but the active router is for most of them on the DC1 side (sorry, DC1 is on the left lets say), since thats where 95% of the traffic exists. So, according to the diagram, 102 and 202 learn the remote site networks via the WAN routers, but only from the one they are connected to. These routes are redistributed into OSPF, so 102 and 202 eventually do learn both routes out, but because BGP has a lower distance, thats whats installed. Now, since my DC1 router is basically maxed out some days while the DC2 router sits idle, im looking for a way to force traffic that hits 102, out the 202 route to WAN2. One solution would be to simply make 202 (or 203) the HSRP active router for a few subnets. The problem with that is since most people and servers are in DC1, that will waste bandwidth between the sites. Another solution is for 102 to peer with DC2's WAN router, but involving the ISP is the last thing I want to do. Another solution is to policy route (which I am doing for a few things now), but we lose the dynamic failover that a routing protocol offers, and is not a great long term solution. Im also not sure what the performance impacts of this is. The solution I was thinking of was simply giving OSPF a lower distance (or BGP with a higher), so that the OSPF routes make it into the RIB, and then I can edit the metrics to send certain vlans where I want them. *edit* also, this is OUTBOUND traffic I am trying to manipulate. Inbound traffic is not a concern.
ColbyNA wrote: » Here's what I think would be best: You run iBGP on the link between your two BGP routers, then you can do whatever you want with the traffic with weight or LP, basically what networker said in the beginning, lol. Then you don't need to mess with the BGP BD stuff and you have complete control through BGP. Edit: With these being iBGP routes you might run into an issue with AD again lol.
networker050184 wrote: » You wouldn't need the BGP routes in OSPF at that point. You just need the internal reach ability with default to the BGP routers in OSPF. Then once the traffic gets to the edge routers they can route it out or across to the other DC depending on how you manipulate BGP.
GT-Rob wrote: » One solution would be to simply make 202 (or 203) the HSRP active router for a few subnets. The problem with that is since most people and servers are in DC1, that will waste bandwidth between the sites.
GT-Rob wrote: » EDIT btw Colby I am digging the blog, good stuff. When are you heading for the CCIE?
networker050184 wrote: » Also, only routes from the routing table will be redistributed from BGP to OSPF as far as I know.
APA wrote: » Correct.... redistribution is still a form of advertisement.... for BGP to advertise routes it must be in the RIB not just the BGP table.
APA wrote: » - L2 trunk between your internal devices are fine.... Having a dedicated SVI used for routing between the two devices achieves what a dedicated PtP routed link would achieve... Plus the added bonus of carrying your trunked Vlans between the devices for your HSRP usage... etc
GT-Rob wrote: » Yes but theres two links. The redundancy design is that all distribution/access switches are connected to both cores at each site. So if SW_102 goes down, 103 picks up. Actually now that I think of it, you are right. 202 will never work as a gw for hosts in DC1, since the only way it would become the GW is if both switches were down, putting any host offline anyway.
ColbyNA wrote: » Passing VLANs across this link is definitely not the same as a routed p2p. I don't think carrying multiple VLANs across that link is a bonus, I think it's a bad thing. Unnecessary traffic is traversing that link. And HSRP here really doesn't do much, if that link is down so is HSRP.
APA wrote: » What are you talking about? With the link being a Layer2 trunk and you using one of the VLANs passed across that trunk as a 'Virtual Point-to-Point' link acting as if a physical circuit would....
networker050184 wrote: » I'm not sure why people are worried about the AD in this situation. If the external routes are ONLY in BGP (ie you have just a default to your BGP routers in OSPF) then AD will never come into play. You would only have those routes in a single routing protocol. BGP would also be very easy to manipulate what traffic to send where. You can also manipulate your inbound traffic to keep async routing down which is what would happen if you went with an outbound only solution. What ever you come up with let us know!
ColbyNA wrote: » Yea, you'll still be able to run everything across it, but my point is that you're also passing L2 information across it with whatever VLANs are on the trunk. I just don't see the need for an L2 link here.
APA wrote: » My turn to run to the gym now..... but thinkin out aloud really quickly... 2) Default routes via OSPF...leave external networks in eBGP... Metrics to default-route next-hops would have to be identical to ensure both default routes are installed and load-balanced over.... otherwise static defaults would suffice to provide the identical metrics...
Forsaken_GA wrote: » If his entire goal is to send some DC1 traffic out WAN2, then using a default route in OSPF to get egress traffic to the BGP routers and establishing a peering session between WAN2 and DC1 is his best option. That will let him get back to the norm of letting his IGP handle his internal routing, and influencing his egress traffic only via BGP. That way if he wants some traffic to go out WAN2, he can just send it directly, if the link goes down it'll go back to using WAN1, and you don't have to fiddle with the IGP to route egress traffic
Right now (apart from hating APA as its -5 here right now)
Use code EOY2025 to receive $250 off your 2025 certification boot camp!
