[c-nsp] BGP Architecture Question

Brian Feeny signal at shreve.net
Tue Nov 16 20:09:21 EST 2004 



On Nov 16, 2004, at 5:46 PM, Christopher Martinsen wrote:

> I am going to be setting up BGP for my company.
>
> I have secured two T1 circuits, each from different ISP's.
> I have secured an AS number for my organization.
> I have secured a full class C address space.
>
> The question that I have is about architecture.
>
> I will have each T1 going into a seperate router. I have
> one Cisco 2621 and one Cisco 2621XM.
>
> I believe that with BGP the incoming traffic will be somewhat
> load balanced as well as connectivity for my organization will
> be redundant should one of the circuit go down.
>

yes.  If your announcing your address space to both providers,
then you should be receiving traffic from both.  If the space was 
assigned
by one of your providers (as opposed to ARIN), make sure they are 
announcing
your specific /24 in addition to its aggregate.


> I want to know the best way to architect the LAN side of the
> connection. I will have:
>
> 	T1		T1
> 	\		/
> 	 \	       /
> 	 Router	     Router
> 	    \	     /
> 	      Switch 	
> 		|
> 	    PIX Firewall
> 	
> If I put a switch between the firewall and routers. How can I set the
> outbound traffic to be load balanced?

There are different ways to do this.  One is to run HSRP on the routers,
then they have a floating ip address between them.  You then peer the
two routers via iBGP, and although your traffic will come into whichever
router is the current active HSRP router, it will be sent to the other 
router
if BGP determines it needs to do so.


>
> I'm not sure what options are available to me. I'm hoping
> that someone can provide me with some options and insights
> on the best way to architect this.

HSRP and iBGP is how I would do it.

Brian



>
> Thanks,
>
> Chris
>
> -- 
> Christopher Martinsen		1620 SW Taylor, Suite 200
> Network Systems Manager		Portland, OR 97205
> Via Training			503.944.0957 ph
>
> 		   cmartinsen at viatraining.com
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
---------------------------------------------
Brian Feeny, CCIE #8036, CISSP
Network Engineer
ShreveNet Inc.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
Url : https://puck.nether.net/pipermail/cisco-nsp/attachments/20041116/6e351bbb/PGP-0001.bin

More information about the cisco-nsp mailing list