[c-nsp] MPLS VPN Running BGP w/ failover IPSec VPN Over Internet

Andrew Gabriel andrew.gabriel at sanmina-sci.com
Tue Jan 26 23:14:45 EST 2010


What devices do the VPN tunnels terminate on? If they are Cisco routers, it
should be pretty straightforward to run BGP between the VPN endpoints as
well. You can use AS padding and local preference for manipulating the
preferred path for the incoming and outgoing traffic respectively.


Regards,
Andrew Gabriel.

On Wed, Jan 27, 2010 at 2:49 AM, Jason LeBlanc <jasonleblanc at gmail.com>wrote:

> Team,
>
> This questions was put out there before in another chain but I wasn't able
> to figure out the best solution.  We have multiple campuses connecting to an
> MPLS VPN cloud running BGP internally.  At some locations we have backup ISP
> services and an IPSec VPN tunnel over that.  Currently BGP provides a
> default route to each campus as external BGP / Pref 40 / Metric 0.  Our
> backup IPSec is in as a Static / Pref 20 / Metric 32000.  When we lose
> BGP/MPLS VPN we want the IPSec tunnel to begin routing traffic between the
> campus and our main datacenter.  What is the best way to achieve this?
>
> Thanks,
>
> //LeBlanc
>
>
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

CONFIDENTIALITY
This e-mail message and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail message, you are hereby notified that any dissemination, distribution or copying of this e-mail message, and any attachments thereto, is strictly prohibited.  If you have received this e-mail message in error, please immediately notify the sender and permanently delete the original and any copies of this email and any prints thereof.
ABSENT AN EXPRESS STATEMENT TO THE CONTRARY HEREINABOVE, THIS E-MAIL IS NOT INTENDED AS A SUBSTITUTE FOR A WRITING.  Notwithstanding the Uniform Electronic Transactions Act or the applicability of any other law of similar substance and effect, absent an express statement to the contrary hereinabove, this e-mail message its contents, and any attachments hereto are not intended to represent an offer or acceptance to enter into a contract and are not otherwise intended to bind the sender, Sanmina-SCI Corporation (or any of its subsidiaries), or any other person or entity.


More information about the cisco-nsp mailing list