[c-nsp] MPLS/BGP - want to add backup IPSEC VPN

luan at netcraftsmen.net luan at netcraftsmen.net
Wed Jul 1 16:51:14 EDT 2009


> Ivan Pepelnjak wrote:
>>>> If you're the customer (having only CE routers), this is a classic
>>>> primary/backup problem, only this time using BGP as the
>>>>
>>> core routing
>>>
>>>> protocol.
>>>>
>>>>
>>
>>
>>> This sounds like what I'm planning on doing.....GRE for the
>>> routing protocols....we are on the CE end. If you could,
>>> please elaborate on the routing that is involved, thanks!
>>>
>>
>> The simplest thing would be to run BGP everywhere and make the paths
>> over
>> the GRE tunnels less preferred (for example, by using lower local
>> preference).
>>
>> Ivan
>>
>> http://www.ioshints.info/about
>> http://blog.ioshints.info/
>>
> Well looking at the Cisoc docs, I cannot terminate a GRE tunnel on an
> ASA firewall......any other ideas....thanks
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>


Terminate the GRE tunnel in the same router that has MPLS VPN.
You could just run EIGRP over the GRE (add IPSEC as well since it's over
the internet).

Regards,

-Luan



More information about the cisco-nsp mailing list