• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2895
  • Last Modified:

Setup Cisco router with two ISP (active -active)

Hello Experts,

We have two ISP. the first ISP is providing our company internet using our IP range (185.X.X.X). and second ISP use his IP rage (Y.Y.Y.Y) to provide us internet. we use Cisco router 2801.My questions are

1- What configuration I need to do to publish our rang (185.X.X.X) to other networks. Do I need to use OSPF or another protocol and what configuration I need to do that

2- I need to combine both ISP  (185.X.X.X) and (Y.Y.Y.Y) in the router. And I need both service to work together as (Active -Active). I mean I do not want to use (Active-Passive) . I need to be able to use both service at same time (one service is 15 M and second one is 20 M) so when user work I need to use all 35 M.

Any help will be appreciate

Regards
1
maryam_adnan
Asked:
maryam_adnan
  • 6
  • 6
  • 2
  • +2
2 Solutions
 
JustInCaseCommented:
Check with your ISP what can be done, I guess you don't have your own AS number yet (your ISP already advertises your IP range to internet).
In case that you can advertise your IP range to internet:
1. You need BGP not OSPF
2. With BGP both your routes will be active, and routers can advertise both your networks to internet, but check do you have enough memory and processing power on your router to have whole internet routing table (I am not sure, but I don't think that 2801 is not good enough router for this). So, you will probably need your ISP to filter routing table for you..
So... check your possibilities with your ISP.
0
 
askincakirCommented:
Hi,

1-) Internet routing protocol is BGP. You definately have to use it.
2-) To use Active Active you need to get another /24 ip address range and add it to your BGP AS number.
3-) To use active active you need to do some configurations on your BGP protocol as a AS-PATH prepending.
    your first block ip address will be annonced better from ISP1 and the orher ip address block will be annonced better from ISP-2. Then some of your systems will use block 1 ip address, and the other will use block 2 ip address.
From my experience you can use active active but traffic  is not always %50-%50 equal load balanced.

About device you need to use: if you need full BGP table ( which in your situation may be good) you need at least 4GB ram router. I suggest you to get Cisco 3900 series router and you should check the ram amount.
As far as i remember full BGP table contains more than 500.000 routes amd 7 Million paths.

Br,
0
 
Don JohnstonInstructorCommented:
I don't think you need BGP.  Here why:

There are a few scenarios where BGP is called for. Here are the significant ones:
A) multiple internet connections (this one is a requirement since without two connections, there's no benefit to BGP).
Then you have to need at least one of the following:
B) you want traffic to transit your AS,
C) you want to provide optimal routing to the destination outside your AS and
D) you want to control how traffic enters your AS.

In your case, while you have two connections, you don't need any of the other benefits.

So here's how I would do it.

Create static, default routes for both connections. Assign a higher administrative distance to one to make it preferred.

Use object tracking so that in the event of a failure with the preferred route, all traffic will use the functional link.

If you want to use both links, setup PBR (Policy Based Routing) to identify certain traffic to prefer one connection over the other.  For example, you could specify that traffic from certain networks use ISP1 while others use ISP2.  Or you could do it by traffic type.  Web browsing and email uses ISP1 while all other traffic uses ISP2.

SLA Object tracking
Configuring PBR
0
Turn Raw Data into a Real Career

There’s a growing demand for qualified analysts who can make sense of Big Data. With an MS in Data Analytics, you can become the data mining, management, mapping, and munging expert that today’s leading corporations desperately need.

 
maryam_adnanAuthor Commented:
Hello Experts,
Thank you for all replies. Please here is my scenario

ISP1 (our Range we need to announced it 185.55.X.X/24)-----
                                                                                      Cisco Router 2801------Internal network 192.168.0.0
ISP2 (ISP Range it is announced by ISP2 (Y.Y.Y.Y)----------------
 
ISP1-- must announced in our router and we have block (/24) (we have AS number)
ISP2-- we have just (10 Public IP address provide from ISP2) it is already announced by ISP2

Need Active-Active (Both connection use at same time)

Can any one help me with configuration step by step

Regards
0
 
Craig BeckCommented:
@Don - I think the OP mentions using their own IP range.
We have two ISP. the first ISP is providing our company internet using our IP range (185.X.X.X)
If that's the case, BGP will need to be used to advertise to ISP-B.  We should probably clarify this.

@maryam_adnan - When you say "our IP range", do you mean you have a BGP AS and some PI address space, or do you just mean that ISP-A gave you a block of IPv4 addresses to use?
0
 
Craig BeckCommented:
^^^ just beat me to it...

So we do have an AS to distribute.

In that case ISP-B will need to do some sort of BGP with you in order to learn your /24.  If you don't do this you'll get outbound redundancy at best.
0
 
maryam_adnanAuthor Commented:
Hello craigbeck,

Thank you for your reply.

1- ISP1- We have AS and our range is (185.55.X.X/4). We bought this range and must be announced in our router
2- ISP2- We do not have AS (we have just 10 IP public IP address from our ISP2 )

Regards
0
 
Craig BeckCommented:
Thanks, maryam_adnan.

I posted just as you were summarizing a few minutes ago, but ISP-B will need to do some sort of BGP with you in order to learn your /24.  If you don't do this you'll only get outbound redundancy/load-balancing.
0
 
Don JohnstonInstructorCommented:
Or... you could ask ISP-B to advertise your AS (without using BGP).
0
 
maryam_adnanAuthor Commented:
Hello craigbeck,

Thank you so much for your reply.

Please can you guide me what configuration I need to do in our router. Step by step. any example will help. How I announced our Range- how I configure BGP - How I configure route

what configuration that must done in ISP2

Regards
0
 
Craig BeckCommented:
Hmmm - I don't think ISPs are allowed to statically advertise a route for a subnet that they don't own unless it's been dynamically learned from the AS that owns the range.  I'm sure that would be classed as IP hijacking, and thinking about it that would also remove a lot of the control from you in terms of routing anyway.
0
 
maryam_adnanAuthor Commented:
Hello,

I think the best way is to do that is announced our range in our router. But I need help with configuration to accomplish this job. Are there any document help with it

Regards
0
 
maryam_adnanAuthor Commented:
Hello Experts,

Please below my configuration in my router for ISP1 which is our network and we announced it and its work. I test it. Now I need to add ISP2 to router and make them work together. what configuration I need to add to my router

Any help will be very appreciate

Regards

interface FastEthernet0/0
 ip address 10.15.X.X 255.255.255.252 secondary
 ip address 10.15.Y.Y 255.255.255.252
interface FastEthernet0/1
 ip address 185.Z.Z.Z 255.255.255.0
router bgp QQQQQ
 no synchronization
 bgp log-neighbor-changes
 network 185.Z.Z.Z mask 255.255.255.0
 redistribute connected
 redistribute static
 neighbor 10.15.X.X remote-as WWWWW
 neighbor 10.15.X.X ebgp-multihop 5
 neighbor 10.15.X.X next-hop-self
 neighbor 10.15.X.X route-map NIC-IN in
 neighbor 10.15.X.X route-map NIC-OUT out
 neighbor 10.15.Y.Y remote-as WWWWW
 no auto-summary
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 10.15.X.X
ip route 0.0.0.0 0.0.0.0 10.15.Y.Y 100
ip prefix-list NIC seq 10 permit 185.Z.Z.Z/24
route-map NIC-OUT permit 10
 match ip address prefix-list NIC
 match nlri unicast multicast
route-map NIC-IN permit 10
 match nlri unicast multicast
 set weight 200
control-plane
scheduler allocate 20000 1000
0
 
Craig BeckCommented:
Like I said, unless ISP2 will do BGP with you only outbound redundancy is possible.  You cant just add ISP2 as a BGP neighbour and expect it to work - it wont.
0
 
maryam_adnanAuthor Commented:
Hello,
Thank you for your reply craigbeck. Please what command I need to add in router to use redundancy option.

Regards
0
 
Craig BeckCommented:
It's not as simple as that.

You'd need to use NAT to use the ISP2 link as it won't route for the IP range you have assigned to ISP1's link.  This would mean you need to do some NAT at the ISP2 router then configure multiple gateways at your LAN firewall/router.

I'm assuming that you don't use the BGP router as your actual LAN router - that would be bad!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

IT Degree with Certifications Included

Aspire to become a network administrator, network security analyst, or computer and information systems manager? Make the most of your experience as an IT professional by earning your B.S. in Network Operations and Security.

  • 6
  • 6
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now