Lev Kaytsner
asked on
Internet Routing
I am working on splitting the internet traffic from the rest of the data flowing between our two offices. Here is what I have now:
T1 P2P between Chicago and DC offices
DC Office being a satellite office
All traffic from DC travels to Chicago via P2P.
Data consists of Internet; Email, File Sharing, Phone Systems communication.
I also acquired a separate internet connection for guests using Wi-Fi that is sitting outside of my network. I would like to utilize this connection for internet traffic that currently comes to Chicago via P2P.
So, from what I understand, I need to create a route on my 2811 router to send all internet traffic to one gateway and the rest of the traffic going to P2P.
So, for example, my network is:
DC Subnet - 192.168.2.0/24
P2P Interface on DC Side - 192.168.252.2
P2P Interface on CH Side - 192.168.252.1
CH Subnet - 192.168.3.0/24
Addl Internet Interface on DC Side - 192.168.255.1
How can I split this into two routers?
Thanks,
T1 P2P between Chicago and DC offices
DC Office being a satellite office
All traffic from DC travels to Chicago via P2P.
Data consists of Internet; Email, File Sharing, Phone Systems communication.
I also acquired a separate internet connection for guests using Wi-Fi that is sitting outside of my network. I would like to utilize this connection for internet traffic that currently comes to Chicago via P2P.
So, from what I understand, I need to create a route on my 2811 router to send all internet traffic to one gateway and the rest of the traffic going to P2P.
So, for example, my network is:
DC Subnet - 192.168.2.0/24
P2P Interface on DC Side - 192.168.252.2
P2P Interface on CH Side - 192.168.252.1
CH Subnet - 192.168.3.0/24
Addl Internet Interface on DC Side - 192.168.255.1
How can I split this into two routers?
Thanks,
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
This sounds like a very simple solution.
I do have EIGRP command in the config and I am not sure why. I guess I need ot understand it a bit better. Here is the config for EIGRP:
DC Router
router eigrp 100
network 192.168.2.0
network 192.168.255.0 0.0.0.3
CH Router
router eigrp 100
network 192.168.3.0
network 192.168.255.0 0.0.0.3
Correction from previous post
P2P Interface on DC Side - 192.168.255.2
P2P Interface on CH Side - 192.168.255.1
Internet Interface - 192.168.252.1
Do I remove EIGRP commands and replace then with default routes?
ip route 0.0.0.0 0.0.0.0 192.168.252.1 - route to internet
ip route 192.168.3.0 255.255.255.0 192.168.255.2 - route to chicago.
Thanks.
I do have EIGRP command in the config and I am not sure why. I guess I need ot understand it a bit better. Here is the config for EIGRP:
DC Router
router eigrp 100
network 192.168.2.0
network 192.168.255.0 0.0.0.3
CH Router
router eigrp 100
network 192.168.3.0
network 192.168.255.0 0.0.0.3
Correction from previous post
P2P Interface on DC Side - 192.168.255.2
P2P Interface on CH Side - 192.168.255.1
Internet Interface - 192.168.252.1
Do I remove EIGRP commands and replace then with default routes?
ip route 0.0.0.0 0.0.0.0 192.168.252.1 - route to internet
ip route 192.168.3.0 255.255.255.0 192.168.255.2 - route to chicago.
Thanks.
ASKER
My network layout is very simple:
Chicago:
2911 router
12.XX.X.0 - servers subnet
192.168.3.0 - workstations subnet
192.168.255.1 - Serial Int on the router for P2P for DC
DC:
2811 router
192.168.2.0 - inside subnet
192.168.255.2 - Serial Int on the router for P2P for Chicago
Guest Internet Point would be connected to another WAN int on 2811 with 192.168.252.1
I want all my traffic to subnets in Chicago (12.XX.X.0 and 192.168.3.0) go one route and all my internet traffic from DC to go to 192.168.252.1.
So, I understand that I need to have two diferent routes added to the DC router.
Hopefully this is more simplified.
Thanks.
Chicago:
2911 router
12.XX.X.0 - servers subnet
192.168.3.0 - workstations subnet
192.168.255.1 - Serial Int on the router for P2P for DC
DC:
2811 router
192.168.2.0 - inside subnet
192.168.255.2 - Serial Int on the router for P2P for Chicago
Guest Internet Point would be connected to another WAN int on 2811 with 192.168.252.1
I want all my traffic to subnets in Chicago (12.XX.X.0 and 192.168.3.0) go one route and all my internet traffic from DC to go to 192.168.252.1.
So, I understand that I need to have two diferent routes added to the DC router.
Hopefully this is more simplified.
Thanks.
You could do this with just the static routes configured and you would need to add one for the servers to the DC router as well. You would also need one to get to the DC net in the Chicago router. EIGRP is taking care of all of that for you now.
The problem with static vs using a dynamic routing protocol, like EIGRP, for example, is that the DC router won't know if the server network becomes unreachable if that 12 network fails. It depends on how closely you monitor your network whether that is really an issue or not.
If DC can't get to the servers is knowing that its because the route is no longer valid going to help any when you are really going to need fix things in Chicago and won't be too worried about the ramifications in DC.
You would need to have a second, higher cost static default route in DC if you plan to back up the new Internet connection in DC with the current internet connection in Chicago if using all static routes.
The problem with static vs using a dynamic routing protocol, like EIGRP, for example, is that the DC router won't know if the server network becomes unreachable if that 12 network fails. It depends on how closely you monitor your network whether that is really an issue or not.
If DC can't get to the servers is knowing that its because the route is no longer valid going to help any when you are really going to need fix things in Chicago and won't be too worried about the ramifications in DC.
You would need to have a second, higher cost static default route in DC if you plan to back up the new Internet connection in DC with the current internet connection in Chicago if using all static routes.
As I understand it, you want to get the internet service for DC via CH, right?
So, the "Addl Internet INterface on DC Side" will be retired or a backup, right?
And, the CH Guest network will be the gateway for DC internet traffic, right?
So, first, what is the Guest network gateway address? 192.168.3.xxx??
[Actually, I think there's a bit of an issue with this so I've dealt with that below].
I have the same arrangement (almost) and this is what's done:
Set 192.168.2.zzz (the P2P router in DC) as the internet gateway for all the devices in DC - unless you re-route to there from the present internet router.
On the P2P router in DC:
route 0.0.0.0 to 192.168.252.1 (the P2P router in CH)
On the P2P router in CH:
route 0.0.0.0 to 192.168.3.xxx, the intended gateway on the 192.168.3.0
network.
(If you're using an RV042 for the P2P router then the WAN side of the router needs to be facing the CH LAN. Then you would enter the 192.168.3.xxx address as the gateway).
Settings may vary a bit according to the P2P router models .. but this is the general idea.
The one thing to overcome here is that you currently are keeping the guests out of the local LAN in CH. Yet, you no doubt need the DC office to connect to the CH LAN.
Yet, at the same time, you want to use the Guest internet connection for the DC office.
The issue then is how to do this while keeping the Guests separated out?
It would be simple if the "guest" internet gateway were also on the CH LAN. Then everything above would work - except separating out the guests.
What do you have available as an ISP interface for the guest connection in CH?
A modem? A modem/router? A modem/router/wireless? How is it presently configured?
So, the "Addl Internet INterface on DC Side" will be retired or a backup, right?
And, the CH Guest network will be the gateway for DC internet traffic, right?
So, first, what is the Guest network gateway address? 192.168.3.xxx??
[Actually, I think there's a bit of an issue with this so I've dealt with that below].
I have the same arrangement (almost) and this is what's done:
Set 192.168.2.zzz (the P2P router in DC) as the internet gateway for all the devices in DC - unless you re-route to there from the present internet router.
On the P2P router in DC:
route 0.0.0.0 to 192.168.252.1 (the P2P router in CH)
On the P2P router in CH:
route 0.0.0.0 to 192.168.3.xxx, the intended gateway on the 192.168.3.0
network.
(If you're using an RV042 for the P2P router then the WAN side of the router needs to be facing the CH LAN. Then you would enter the 192.168.3.xxx address as the gateway).
Settings may vary a bit according to the P2P router models .. but this is the general idea.
The one thing to overcome here is that you currently are keeping the guests out of the local LAN in CH. Yet, you no doubt need the DC office to connect to the CH LAN.
Yet, at the same time, you want to use the Guest internet connection for the DC office.
The issue then is how to do this while keeping the Guests separated out?
It would be simple if the "guest" internet gateway were also on the CH LAN. Then everything above would work - except separating out the guests.
What do you have available as an ISP interface for the guest connection in CH?
A modem? A modem/router? A modem/router/wireless? How is it presently configured?
ASKER
So, let me clarify some things here:
Chicago is my main office and I am monitoring my network 24x7 with monitoring tools, so I would know if my P2P route is gone. It is more important to me to know that my Chicago servers are alive then DC. if they have internet out from DC, they can get on VPN and come to Chicago network (12.47.X.X)
I want to make my DC Guest Internet line (Allied Com) to be main internet connectivity for DC subnet - 192.168.2.0
I like the solution where my P2P to Chicago could be secondary for Internet access to DC subnet 192.168.2.0
I want all my other traffic like file sharing, email, phones come to Chicago subnet - 12.47.X.X
So, here is what I think I need:
ip route 0.0.0.0 0.0.0.0 192.168.252.1 - route to internet from DC subnet
ip route 12.47.X.X 255.255.255.0 192.168.255.2 - route to Chicago Servers subnet
ip route 192.168.3.0 255.255.255.0 192.168.255.2 - route to Chicago Workstations subnet
Am I correct in creating these routes?
Do I then remove EIGRP routing?
how do I create backup route to chicago for internet?
Thanks,
Lev
Chicago is my main office and I am monitoring my network 24x7 with monitoring tools, so I would know if my P2P route is gone. It is more important to me to know that my Chicago servers are alive then DC. if they have internet out from DC, they can get on VPN and come to Chicago network (12.47.X.X)
I want to make my DC Guest Internet line (Allied Com) to be main internet connectivity for DC subnet - 192.168.2.0
I like the solution where my P2P to Chicago could be secondary for Internet access to DC subnet 192.168.2.0
I want all my other traffic like file sharing, email, phones come to Chicago subnet - 12.47.X.X
So, here is what I think I need:
ip route 0.0.0.0 0.0.0.0 192.168.252.1 - route to internet from DC subnet
ip route 12.47.X.X 255.255.255.0 192.168.255.2 - route to Chicago Servers subnet
ip route 192.168.3.0 255.255.255.0 192.168.255.2 - route to Chicago Workstations subnet
Am I correct in creating these routes?
Do I then remove EIGRP routing?
how do I create backup route to chicago for internet?
Thanks,
Lev
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
Thank you. This is a very interesting solution. I need to study it closer to understand it better.
Depending on your actual layout, adding and configuring a vrf can be simple and straightforward, or it can be very difficult. I would need more details on your network to give the easy/difficult opinion.