Qris
asked on
Implement a T1 failover network
Situation:
We currently added a T1 (Verizon) to our existing partial T1 line (UUNET). We planned to use the Verizon as our primary connection and UUNET as a failover/fault-tolerance backup.
hardware:
Cisco 3620 with 2 DSU units.
1 Sonicwall firewall
Verizon UUNET
| |
| |
| |
+----------------------+
| Cisco 3620 | 1
+----------------------+
|
|
|
+------+
|switch| 2
+------+
|
|
+--------------+
| Firewall | 3
+--------------+
| |
| |
+-------------------+ +----------------------+
|LAN (Static IP)| |DMZ (Web server)| 4
+-------------------+ +-----------------------+
Question:
What will be the easiest solution to this?
We currently added a T1 (Verizon) to our existing partial T1 line (UUNET). We planned to use the Verizon as our primary connection and UUNET as a failover/fault-tolerance backup.
hardware:
Cisco 3620 with 2 DSU units.
1 Sonicwall firewall
Verizon UUNET
| |
| |
| |
+----------------------+
| Cisco 3620 | 1
+----------------------+
|
|
|
+------+
|switch| 2
+------+
|
|
+--------------+
| Firewall | 3
+--------------+
| |
| |
+-------------------+ +----------------------+
|LAN (Static IP)| |DMZ (Web server)| 4
+-------------------+ +-----------------------+
Question:
What will be the easiest solution to this?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Not with two different ISP's. You don't need full internet route tables, which certainly would require hardware upgrade, if the ISP will cooperate, then you only need then to give you a default, and broadcast your subnet through their external BGP. This does not require hardware upgrades.
The other alternative to BGP is something like the Warp/Extreme boxes from Fatpipes
The other alternative to BGP is something like the Warp/Extreme boxes from Fatpipes
ASKER
Is there any configurations needed in the cisco router? Thanks.
For which solution:
For BGP, yes.
http://www.cisco.com/warp/public/459/40.html#3
For Fatpipes, I'm not sure how that works.
For BGP, yes.
http://www.cisco.com/warp/public/459/40.html#3
For Fatpipes, I'm not sure how that works.
ASKER
After reading the articles it come to my interpretation that the BGP is for a load sharing network, instead of the fail over network that we needed. My initial thought was something simple like the HSRP service on the CISCO router, am I missing something here?
There is a solution that will work on a 2500 router, just set one up in fact. The one side setups up a static route with 0.0.0.0 0.0.0.0 ip route to the primary T1, then the other ISP can have the subnets from the other ISP in their BGP filter list provided you get them an LOA from your BGP upstream to add their IP's to the filter. The backup T1 can run EIGRP provided the backup ISP is running a Cisco network. On the EIGRP network redistribute static and connected should be added as well as a route-map defaultroute with disables the default route to the other ISP. You will only need a /30 for your serial interface for the backup T1.
Ex:
Interface Serial0
IP address 10.10.10.2 255.255.255.252
encaps ppp
Backup interface Serial1
Backup delay 30 60
!
Interface Serial1
ip address 192.168.1.2 255.255.255.252
encaps ppp
!
router eigrp 10101
redistribute connected
reditribute static route-map defaultroute
network 10.10.10.0
network 192.168.1.0
no auto-summary
!
ip route 0.0.0.0 0.0.0.0 Serial0
!
access-list 50 deny 0.0.0.0
access-list 50 permit any
!
route-map defaultroute permit 10
match ip address 50
Basically interface serial1 will be down acting as a backup, and in the event serial0 goes down, for 30 seconds serial1 wil come up and bring up eigrp neighbor 192.168.1.1 and start routing over that network. When Serial0 comes back up, serial 1 will shut down and EIGRP will drop and flush the routing table sending traffic back over the first T1 which has the default route pointing to it.
Ex:
Interface Serial0
IP address 10.10.10.2 255.255.255.252
encaps ppp
Backup interface Serial1
Backup delay 30 60
!
Interface Serial1
ip address 192.168.1.2 255.255.255.252
encaps ppp
!
router eigrp 10101
redistribute connected
reditribute static route-map defaultroute
network 10.10.10.0
network 192.168.1.0
no auto-summary
!
ip route 0.0.0.0 0.0.0.0 Serial0
!
access-list 50 deny 0.0.0.0
access-list 50 permit any
!
route-map defaultroute permit 10
match ip address 50
Basically interface serial1 will be down acting as a backup, and in the event serial0 goes down, for 30 seconds serial1 wil come up and bring up eigrp neighbor 192.168.1.1 and start routing over that network. When Serial0 comes back up, serial 1 will shut down and EIGRP will drop and flush the routing table sending traffic back over the first T1 which has the default route pointing to it.
ASKER