[c-nsp] Connecting isolated L3 islands without GRE tunnels

Phil Mayers p.mayers at imperial.ac.uk
Thu Jul 11 05:15:22 EDT 2013

On 10/07/13 21:18, Pavel Dimow wrote:
> Hi,
> I have a a few branch offices and I want to connect them with central site.
> Now I have a few problems. First at every branch I have the same provider
> but it is very expensive to use any kind of their L2 or L3 MPLS services
> hence I have only internet access. Also, at every branch we have cisco 3560
> with very bad GRE tunnel performance (about 2Mbps).
> Now my only solution is to like this:
> Setup EBGP with ISP (require only default route)  and setup IBGP with route
> reflector at my central location. With this I should be able to have only
> default route from my ISP and all routes from my network (central and
> branch offices) and use only a single link from ISP without the need for
> GRE tunnel.
> Any ideas if I am missing something? Any advices for better solution?

I don't understand your solution. Without some kind of tunnel or 
encapsulation, your routing table is irrelevant - once the traffic 
reaches your ISP, it obeys their routing table, and will either be 
forwarded correctly (in which case you don't need the iBGP) or 
incorrectly (in which case iBGP does nothing)

Can you describe in more detail what you mean by "isolated L3 islands"?

I suspect you're going to need an additional or different box at each 
site to encapsulate the traffic.

More information about the cisco-nsp mailing list