[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 317
  • Last Modified:

Bringing in a seperate ISP

Hello all!  

I am pretty sure I have this concept 95% complete, but wanted to run it by others to see what you suggest or different ideas.

So basically we currently have a location that has a router and a switch at the head end.  I bring in the ISP connection to the switch on a vlan and pass that along to the router for it's role.  Router on a stick.  The reason I do it this way is because this site is a multi vendor building and we have multiple businesses using public IP's from us for their firewalls etc.  Which is why I brought the IP's in via the switch so I can pass them down the line via layer 2.  Works great.

Now we are going to be bringing in a larger pipe from a separate provider for multi-homing and I am certain the way I need to do this is the same thought.  Bring it in on its own vlan and work on changing over the other businesses one at a time because of down time reasons.  I do not think it is possible to do the switch all at once.  I am sure this will work as well and will have not problems.  

Here is where I need some advice, after I switch over all the public IP's, I need to setup failover.  How would I accomplish this with a cisco 2921 for instance in this setup?  I do not have the ability to use BGP for both providers, only one, so not help there.  Is there a standby shut I can put on the vlan if port X goes down, the vlan activates?  How could I get other devices to do the same?  As long as it is supported of course.  I know one device is a cisco 2901.

I hope this helps
0
tomtom9898
Asked:
tomtom9898
1 Solution
 
InfamusCommented:
So you are going to have two routers connected to one switch?

Is the switch layer 3 cisco?
0
 
tomtom9898Author Commented:
It is not a layer 3 switch.  It's a pretty complex build.  So we have our main router at a tier 1 facility that advertises the /28 out via BGP, we then carry this vlan down a layer 2 service to a shelter, which is the cisco switch.  The 2921 pulls 1 IP from the vlan and runs the complex's wifi.  Then we carry the public IP vlan down some more switches to other building via trunks to hook up the company routers/firewalls. (Fiber connects all building via 10 gig)  I will try to put together a quick diagram to show.
0
 
Craig BeckCommented:
Ok so if I'm understanding this correctly you want to add a second line to this, and that at the moment everyone uses the same link from the same ISP?

Do you maintain your own AS and PI addressing then?  If so I'd really think about getting the second ISP to do BGP with you too, otherwise you just won't get this to work - your IP addresses would never route down the second ISP link and you would have to use theirs instead.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now