If you see following diagram we have two separate links (10G) coming from same ISP terminated on ASR 1006 router where we are planning to run BGP. From ASR 1006 two 10G fiber terminated to L3 switch.
Notes: I know BGP doesn't make sense with single ISP but in future we have plan to get second ISP but for now we have only single ISP.
Question:
- How should i perform failover link using BGP with same ISP?
- From Router to L3 switch should i create VLAN trunk (L2) and create VLANs on Router instead of L3 switch.
- Or Should i do
HSRPbetween Router to L3 switch and create VLANs on L3 switch instead of Router.
What are the best practice out there for this kind of network?
Diagram:
Update:
Someone suggested run BGP on Internet connectivity but use OSPF for internal routing between Router <—> L3 switch
as per above diagram if i plan to configure OSPF between Router and L3 switch then what network i will advertise on OSPF network command?
Example: ISP provided 10.1.1.0/24 subnet to us how do i configure BGP and OSPF for internal network?
Any suggestion?
Best Answer
Form the BGP neighborship loopback interface. As per this thread:
The use of a loopback interface ensures that the neighbor stays up and is not affected by malfunctioning hardware, the main benefit from using loopbacks is that it will not bring down the BGP session when there are multiple paths between the BGP peers, which would otherwise result in tearing down the BGP session if the physical interface used for establishing the session goes down. In addition to that, it also allows the routers running BGP with multiple links between them to load balance over the available paths.
No. This is called router on a stick and was popular before L3 switches were widely available. However, now that they are widely available, you should use the router to connect to the WAN and use the L3 switch to handle inter-vlan traffic on the LAN.
Doing this means that if the router fails your inter-vlan traffic will still work. Also, if you add additional routers to the topology at a later date, the switch will be able to use both of them for outbound traffic as opposed to only using your current one.
No, do not configure HSRP between the router and switch. You should instead configure HSRP between the two L3 switches so that if one fails, the other can take over.
EDIT: In response to your comment:
Here is another quote from the thread I linked to above:
iBGP generally peers using the loopback address for the reasons mentioned by Mohamed (i.e. loopback interface always stays up therefore the iBGP session stays up as long as the IGP has a path to get to the loopback interface of the peer router). eBGP commonly peers using the physical interface as there is generally only one path between the two eBGP peers. Although the loopback interface is sometimes used between eBGP peers to achieved load-balancing when more than one circuit link the two eBGP peers.
In other words, loopback interfaces can be used for both iBGP and eBGP. As you have two connections to the one ISP, you should use a loopback interface.
In regards to your other comment:
As you've only got one router you simply can't have redundancy at the router level. If you want redundancy at the router level you'll need to purchase another router. In regards to switch redundancy, as I mentioned above you can attain this by implementing HSRP between the switches.