[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


WAN design (dual WAN providers, MPLS, BGP multi-homing)

Posted on 2012-09-12
Medium Priority
Last Modified: 2012-10-04
The customer is wanting to convert to a new WAN architecture that will provide a dual/redundant carrier architecture.

Specifically, they currently have a single MPLS carrier between all of their locations, each site having two circuits into the carrier cloud (single MPLS VLAN, not dual/separate). As they route via BGP to the carrier, each site has a single BGP ASN. The WAN routers perform re-distribution so they do not currently run iBGP between the two carrier CE routers.

The newly proposed architecture is to have a single circuit from the current carrier and another from a new carrier into each site, with each circuit terminated on individual/separate routers. To ensure session load balancing, bandwidth utilization, cost routing, etc., they're hoping for consulting experience/expertise to provide design input.

Stated options/questions include:

- whether to run iBGP between WAN routers and what impact the AS numbering may have
- the most effective (yet simplest) way to run performance routing code, etc that they need to understand how best to run the new WAN architecture
- cutover/migration plans/advice

So, we're looking for examples from similar designs - dual MPLS clouds with divergent carriers and how to design around problems.
Very broad, I know, but any/all input that can be provided would be appreciated.  As always, reference links/docs are appreciated.
Question by:cfan73
  • 4
  • 3
LVL 17

Assisted Solution

pergr earned 2000 total points
ID: 38393910
If you have enough MTU available, you may want to consider running GRE tunnels between CE routers, across the MPLS VPN clouds - and then run your IGP (OSPF?) inside the GRE tunnels. Then the design is simpler, and you may not even need BGP even to the provider.

In general BGP is a very nice protocol, since there is a lot of manual control, but effectively it means you need to do most things manually, based on the network in questions. For example, load-balancing will mean setting higher local preference for the networks you want to send via a specific MPLS provider - and then translate that to an IGP metric.

I would also consider getting a L2VPN or VPLS service instead, and connect that directly to CE routers - and run the IGP across the VPN.

Author Comment

ID: 38397357
Thanks for your feedback - will consider, but keeping this thread open for additional input (hopefully addressing the original requirements along with your suggestions).
LVL 17

Expert Comment

ID: 38397580
If you are using OSPF then another option is to use OSPF sham links across the VPN.
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.


Accepted Solution

cfan73 earned 0 total points
ID: 38445956
We settled on running iBGP between the dual perimeter routers at each location, each ISR connected to a single MPLS carrier. Extended communities will be used to tag priority data at ingress and provide QoS at egress. Local preference will be used to force the voice traffic over a particular carrier w/ failover to the other.

We just needed to get everyone in the room and hash it out. BGP only at the edge, OSPF within each location, no redistribution required.

Author Comment

ID: 38446764
I've requested that this question be closed as follows:

Accepted answer: 0 points for cfan73's comment #a38445956

for the following reason:

Internal team developed the recommended solution
LVL 17

Expert Comment

ID: 38446765
You may have chosen a different design, for what ever internal reasons, but there is nothing wrong with the options I provided.

I find it rather cheap not assigning the points.

Author Closing Comment

ID: 38462381
Internal team developed the recommended solution -

I certainly wasn't trying to be "cheap" in accepting my own answer, so not sure about that comment. What I wasn't aware of was the ability to accept your own answer yet still award points to others for valuable input.  I've corrected that here, awarded points, and will follow this process moving forward.

Thanks, all.

Featured Post

Get quick recovery of individual SharePoint items

Free tool – Veeam Explorer for Microsoft SharePoint, enables fast, easy restores of SharePoint sites, documents, libraries and lists — all with no agents to manage and no additional licenses to buy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This month, Experts Exchange’s free Course of the Month is focused on CompTIA IT Fundamentals.
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question