dslreports logo
    All Forums Hot Topics Gallery


how-to block ads

Search Topic:
share rss forum feed

Networking is a lifestyle

Brantford, ON

Regional routing in WAN cloud?

Ok I have an interesting one here.

I have been asked, if I can group our offices together into regions, and have regional Internet gateways.

All offices are connected via a WAN cloud.

Western offices -Western gateway
Central offices - Central gateway
Eastern offices - Eastern gateway.

They would like to have the ability for all offices to use the other gateways in case of some kind of failure at the regional one.

Does this sound plausible?

I am using ASA 5520s for the firewalls at each gateway, as well as 2851 routers, with 30Mbps WAN connections.

Thanks for any tips!


2 edits

This is probably a better question for your provider, and would depend
on how they're set up. Speaking for myself, alot of clients I support
use MPLS for inter/national connectivity with BGP handling the overall
connectivity, but a (last-mile) circuit down issue is still a circuit down
issue, and there's no real way around that other than dual carrier / homing.

Someone who works more closely in the Service Provider arena can probably
get into the nuts and bolts details better than I can.


reminds me of the danse russe
Chandler, AZ
reply to NeTwOrKDawg

said by NeTwOrKDawg:

Does this sound plausible?
it can be done -- but as HELLFIRE See Profile has pointed out, its going to take some research and coordination on your part. if you can get national mpls connectivity, you advertise into your own bgp vrf and let routing take care of itself through some means or you can build gre tunnels and work with qos, etc if needed.
probably the easiest way -- though its very non-trivial to set up on your end, especially if you have to migrate and maintain dual connectivities at the same time (old and new).

"...if I in my north room dance naked, grotesquely before my mirror waving my shirt round my head and singing softly to myself..."



1 edit

Yes its do-able. There are a few things to consider:

If you have ONE MPLS L3 VPN provider for all of your locations (and they are in the same VPN), you may advertise the same BGP prefix into the cloud (for example the default route from multiple sites. The locations advertising the default route we will call "internet gateways". The locations across the cloud we will call "remote sites".
The default route used by the remote site is selected by the remote-site PE router. It usually makes this selection by selecting the internet gateway location with the lowest backbone IGP cost inside the provider network.
USUALLY the providers setup their backbone IGP cost by geographic region. They tend to focus on the 3 world areas, the americas, EMEA, and APAC.
If you dont like the internet gateway selected by a remote sites PE based on IGP cost, this CAN be overrided but requires provider action. Every provider seems to have a different name for it. VerizonBusiness PIP calles it "site of origin", ATT calls it "route groups" i believe, I can check on the name that sprint uses, but generally you need to approach them to implement it anyways so its best to tal to them about what you want to do.

Networking is a lifestyle

Brantford, ON
reply to NeTwOrKDawg

Ok, I am in Canada, and we use Telus for our WAN.

It is indeed MPLS, managed by them. They install a PE router or switch, which I connect my 28xx series router to.

I then establish a BGP peering with that local PE device, and inject my own subnets, etc. It sure is great to add subnets on demand.