[c-nsp] MPLS/VPN + Internet Setup

[Tim Franklin]

> Nothing, I only wanted to know if this is possible.
> How would you configure the redundancy ?
> HSRP within a vrf instance, or redundancy through a
> routing protocoll like eigrp, bgp ??

Typically both - they're doing different things.

HSRP will get the traffic from the machines on the LAN to the router that's
working and has the preferred path out.  You can configure it twice in
different VRFs to get the Internet / VPN separation.

Your routing protocol will let the rest of network know which way to go to
get a working path to the LAN(s), and also let outbound traffic hop between
CPEs if your HSRP primary is still alive, but its WAN link is down.

You can try and build it "on the cheap" with just HSRP and interface
tracking to cut over to the backup router when the primary WAN fails
(together with a bunch of appropriate statics), but this fails in the case
where your WAN is 'up' but isn't passing traffic for some reason.  (EoSDH
service with no link-state forwarding is the one that bit me for this, but
there may be other cases).  I believe there's some other options for object
tracking instead of interface tracking in more recent IOS, but it's not
something I've had the chance to dig into yet.

Conversely, if you have nothing but a router (ie no hosts) behind your pair
of WAN termination routers, you could probably ditch the HSRP and just speak
a dynamic protocol between all the devices.

Regards,
Tim.

-- 
____________   Tim Franklin                 e: tim at colt.net 
\C/\O/\L/\T/   Network Development &        w: www.colt.net 
 V  V  V  V    Product Engineering          t: +44 20 7863 5714 
Data | Voice | Managed Services             f: +44 20 7863 5876