Hello colleagues!

Bring to your attention the idea of configuration the equipment when connecting a small enterprise to two ISP.

Additionally, propose to your consideration Switch block.

BGP2a.jpg

 

A feature of this design switch block is the lack of a link between the distribution switches. (Tell me if you think I'm wrong )

A VLAN members arranged only at one access switch. For to assign Root bridge, chooses the same access switch. This is a non standard location Root bridge. If you want to see a more advanced configuration, see - https://communities.cisco.com/people/igor196977/blog/2014/03/24/hsrp-with-a-non-standard-location-root-bridge

IGP routing protocol selected OSPF. CORE1 are  ABR for  area 21 and area 22. CORE2 тоже are ABR for area 21 and area 22. To increase the speed of convergence, was a work of fine-tuning the protocol parameters OSPF. (Here I did not invent anything new and applied a turnkey solution )

When you enter a default route from BGP into OSPF protocol applied route-map. This eliminates not desired load-balancing in case of inaccessibility of one ISP. If you need to give priorities to certain routes, the BGP protocol allows it.

A configure the ISP routers can be found here - https://communities.cisco.com/people/igor196977/blog/2014/04/28/bgp-multipath-with-load-balancing-plus-mpls-vpn

Fully test this idea I do not have the technical capabilities. Who are interested in this idea, conduct tests, please.

I will be glad to hear from you comments and suggestions to improve the current design.

If you see errors, please tell us.

 

 

 

DSW1 is configured as follows:

 

!

hostname DSW1

!

ip cef

!

track 20 list boolean or

object 21

object 22

!

track 21 interface FastEthernet0/0 ip routing

!

track 22 interface FastEthernet0/1 ip routing

!

!

interface Loopback20

ip address 10.20.21.1 255.255.255.255

!

!

interface Port-channel1

description Link to ASW1

switchport trunk native vlan 98

switchport trunk allowed vlan 20

switchport mode trunk

spanning-tree portfast

!

interface FastEthernet0/0

description Link to Core1

ip address 10.20.4.6 255.255.255.252

ip ospf network point-to-point

ip ospf dead-interval minimal hello-multiplier 5

!

interface FastEthernet0/1

description Link to Core2

ip address 10.20.4.22 255.255.255.252

ip ospf network point-to-point

ip ospf dead-interval minimal hello-multiplier 5

!

interface FastEthernet1/1

description Link to ASW1

switchport trunk native vlan 98

switchport trunk allowed vlan 20

switchport mode trunk

channel-group 1 mode on

!

interface FastEthernet1/2

description Link to ASW1

switchport trunk native vlan 98

switchport trunk allowed vlan 20

switchport mode trunk

channel-group 1 mode on

!

interface Vlan20

ip address 10.2.20.1 255.255.255.0

ip virtual-reassembly

ip tcp adjust-mss 1460

standby version 2

standby 20 ip 10.2.20.254

standby 20 timers 1 3

standby 20 priority 200

standby 20 preempt

standby 20 preempt delay minimum 2 reload 60 sync 2

standby 20 authentication md5 key-string PLASHCHUN

standby 20 track FastEthernet1/3

standby 20 track FastEthernet1/4

standby 20 track 20 decrement 20

!

router ospf 20

router-id 10.20.21.1

log-adjacency-changes

auto-cost reference-bandwidth 1000

timers throttle spf 10 100 1000

timers throttle lsa all 10 100 1000

timers lsa arrival 50

timers pacing flood 5

timers pacing retransmission 60

network 10.20.4.4 0.0.0.3 area 21

network 10.20.4.20 0.0.0.3 area 21

network 10.20.21.1 0.0.0.0 area 21

!

event manager applet NetworkActive20toOSPF20

 

event syslog pattern ".*%HSRP-5-STATECHANGE: Vlan20 Grp 20 state Standby -> Active.*"


action 1.0 cli command "enable"


action 2.0 cli command "configure terminal"


action 3.0 cli command "router ospf 20"


action 4.0 cli command "network 10.2.20.1 0.0.0.0 area 21"


action 5.0 syslog msg "Network Vlan20 to OSPF20"


event manager applet NoNetworkActive20toOSPF20


event syslog pattern ".*%HSRP-5-STATECHANGE: Vlan20 Grp 20 state Active -> Speak.*"


action 1.0 cli command "enable"


action 2.0 cli command "configure terminal"

action 3.0 cli command "router ospf 20"

action 4.0 cli command "no network 10.2.20.1 0.0.0.0 area 21"

action 5.0 syslog msg "No network Vlan20 to OSPF20"

!

end

 

DSW2 is configured as follows:

 

!

hostname DSW2

!

ip cef

!

!

interface Loopback20

ip address 10.20.21.2 255.255.255.255

!

interface Port-channel4

description Link to ASW1

switchport trunk native vlan 98

switchport trunk allowed vlan 20

switchport mode trunk

spanning-tree portfast

!

interface FastEthernet0/0

description Link to Core1

ip address 10.20.4.18 255.255.255.252

ip ospf network point-to-point

ip ospf dead-interval minimal hello-multiplier 5

!

interface FastEthernet0/1

description Link to Core2

ip address 10.20.4.10 255.255.255.252

ip ospf network point-to-point

ip ospf dead-interval minimal hello-multiplier 5

!

interface FastEthernet1/3

switchport trunk native vlan 98

switchport trunk allowed vlan 20

switchport mode trunk

channel-group 4 mode on

!

interface FastEthernet1/4

switchport trunk native vlan 98

switchport trunk allowed vlan 20

switchport mode trunk

channel-group 4 mode on

!

interface Vlan20

ip address 10.2.20.2 255.255.255.0

ip virtual-reassembly

ip tcp adjust-mss 1460

ip ospf cost 150

standby version 2

standby 20 ip 10.2.20.254

standby 20 timers 1 3

standby 20 priority 191

standby 20 preempt delay minimum 2 reload 60 sync 2

standby 20 authentication md5 key-string PLASHCHUN

standby 20 track FastEthernet1/1

standby 20 track FastEthernet1/2

standby 20 track 20 decrement 20

!

router ospf 20

router-id 10.20.21.2

log-adjacency-changes

auto-cost reference-bandwidth 1000

timers throttle spf 10 100 1000

timers throttle lsa all 10 100 1000

timers lsa arrival 50

timers pacing flood 5

timers pacing retransmission 60

network 10.20.4.8 0.0.0.3 area 22

network 10.20.4.16 0.0.0.3 area 22

network 10.20.21.2 0.0.0.0 area 22

!

event manager applet NoNetworkStandby20toOSPF20


event syslog pattern ".*%HSRP-5-STATECHANGE: Vlan20 Grp 20 state Active -> Speak.*"


action 1.0 cli command "enable"


action 2.0 cli command "configure terminal"


action 3.0 cli command "router ospf 20"


action 4.0 cli command "no network 10.2.20.2 0.0.0.0 area 22"


action 5.0 syslog msg "No network Vlan20 to OSPF20"


event manager applet NetworkStandby20toOSPF20


event syslog pattern ".*%HSRP-5-STATECHANGE: Vlan20 Grp 20 state Standby -> Active.*"


action 1.0 cli command "enable"


action 2.0 cli command "configure terminal"


action 3.0 cli command "router ospf 20"


action 4.0 cli command "network 10.2.20.2 0.0.0.0 area 22"

action 5.0 syslog msg "Network Vlan20 to OSPF20"

!

end

 

 

ASW1 is configured as follows:

 

!

hostname ASW1

!

ip cef

!

spanning-tree vlan 20 priority 8192

!

interface Port-channel1

description Link to DSW1

switchport trunk native vlan 98

switchport trunk allowed vlan 20

switchport mode trunk

spanning-tree portfast

!

interface Port-channel4

description Link to DSW2

switchport trunk native vlan 98

switchport trunk allowed vlan 20

switchport mode trunk

spanning-tree portfast

!

interface FastEthernet1/1

description Link to DSW1

switchport trunk native vlan 98

switchport trunk allowed vlan 20

switchport mode trunk

channel-group 1 mode on

!

interface FastEthernet1/2

description Link to DSW1

switchport trunk native vlan 98

switchport trunk allowed vlan 20

switchport mode trunk

channel-group 1 mode on

!

interface FastEthernet1/3

description Link to DSW1

switchport trunk native vlan 98

switchport trunk allowed vlan 20

switchport mode trunk

channel-group 4 mode on

!

interface FastEthernet1/4

description Link to DSW2

switchport trunk native vlan 98

switchport trunk allowed vlan 20

switchport mode trunk

channel-group 4 mode on

!

interface Vlan20

description ToSimulateClient

ip address 10.2.20.253 255.255.255.0

!

ip route 0.0.0.0 0.0.0.0 10.2.20.254

!

end

 

 

CORE1 is configured as follows:

!

hostname CORE1

!

ip cef

!

interface Loopback20

ip address 10.20.21.129 255.255.255.255

!

interface FastEthernet0/0

description Link to DSW1

ip address 10.20.4.5 255.255.255.252

ip ospf network point-to-point

ip ospf dead-interval minimal hello-multiplier 5

!

interface FastEthernet0/1

description Link to DSW2

ip address 10.20.4.9 255.255.255.252

ip ospf network point-to-point

ip ospf dead-interval minimal hello-multiplier 5

!

interface FastEthernet1/0

description To NAT

ip address 10.20.190.30 255.255.255.252

!

interface FastEthernet2/0

description Link to Core2

ip address 10.20.4.13 255.255.255.252

ip ospf network point-to-point

ip ospf dead-interval minimal hello-multiplier 5

!

router ospf 20

router-id 10.20.21.129

log-adjacency-changes

auto-cost reference-bandwidth 1000

timers throttle spf 10 100 1000

timers throttle lsa all 10 100 1000

timers lsa arrival 50

timers pacing flood 5

timers pacing retransmission 60

network 10.20.4.4 0.0.0.3 area 21

network 10.20.4.8 0.0.0.3 area 22

network 10.20.4.12 0.0.0.3 area 0

network 10.20.4.24 0.0.0.3 area 0

network 10.20.21.129 0.0.0.0 area 0

network 10.20.190.28 0.0.0.3 area 0

default-information originate route-map DefaultRouteForOSPF

!

router bgp 65190

bgp router-id 10.20.21.129

no bgp default ipv4-unicast

neighbor 10.20.4.14 remote-as 65190

neighbor 10.20.4.14 description To CORE2

neighbor 10.20.4.14 fall-over

neighbor 10.20.190.5 remote-as 111

neighbor 10.20.190.5 description To ISP1

neighbor 10.20.190.5 fall-over

neighbor 10.20.190.5 ebgp-multihop 3

neighbor 10.20.190.5 update-source FastEthernet1/0

maximum-paths 3

!

address-family ipv4

  neighbor 10.20.4.14 activate

  neighbor 10.20.190.5 activate

  neighbor 10.20.190.5 route-map CheckDefaultRoute in

  neighbor 10.20.190.5 route-map ForISP1 out

  maximum-paths 3

  no auto-summary

  no synchronization

  network 190.0.0.0 mask 255.255.255.252

exit-address-family

!

ip route 10.20.190.4 255.255.255.252 FastEthernet1/0

ip route 190.0.0.0 255.255.255.252 FastEthernet1/0

!

ip access-list standard ForIPS1

permit 190.0.0.0 0.0.0.3

!

ip prefix-list OnlyDefaultRoute seq 10 permit 0.0.0.0/0

!

route-map ForISP1 permit 10

match ip address ForISP1

!

route-map CheckDefaultRoute permit 10

match ip address prefix-list OnlyDefaultRoute

set community no-export additive

 

 

 

 

!

route-map DefaultRouteForOSPF permit 10

match ip address DefaultRoute

match tag 111

set metric 11

set metric-type type-1

!

end

 

 

CORE2 is configured as follows:

 

!

hostname CORE2

!

ip cef

!

interface Loopback20

ip address 10.20.22.129 255.255.255.255

!

interface FastEthernet0/0

description Link to DSW1

ip address 10.20.4.17 255.255.255.252

ip ospf network point-to-point

ip ospf dead-interval minimal hello-multiplier 5

!

interface FastEthernet0/1

description Link to DSW2

ip address 10.20.4.21 255.255.255.252

ip ospf network point-to-point

ip ospf dead-interval minimal hello-multiplier 5

!

interface FastEthernet1/0

description To NAT

ip address 10.20.191.30 255.255.255.252

!

interface FastEthernet2/0

description Link to Core1

ip address 10.20.4.14 255.255.255.252

ip ospf network point-to-point

ip ospf dead-interval minimal hello-multiplier 5

!

router ospf 20

router-id 10.20.22.129

log-adjacency-changes

auto-cost reference-bandwidth 1000

timers throttle spf 10 100 1000

timers throttle lsa all 10 100 1000

timers lsa arrival 50

timers pacing flood 5

timers pacing retransmission 60

network 10.20.4.16 0.0.0.3 area 22

network 10.20.4.20 0.0.0.3 area 21

network 10.20.4.12 0.0.0.3 area 0

network 10.20.4.32 0.0.0.3 area 0

network 10.20.22.129 0.0.0.0 area 0

network 10.20.191.28 0.0.0.3 area 0

default-information originate route-map DefaultRouteForOSPF

!

router bgp 65190

bgp router-id 10.20.22.129

no bgp default ipv4-unicast

neighbor 10.20.4.13 remote-as 65190

neighbor 10.20.4.13 description To CORE1

neighbor 10.20.4.13 fall-over

neighbor 10.20.191.5 remote-as 222

neighbor 10.20.191.5 description To ISP2

neighbor 10.20.191.5 fall-over

neighbor 10.20.191.5 ebgp-multihop 3

neighbor 10.20.191.5 update-source FastEthernet1/0

maximum-paths 3

!

address-family ipv4

  neighbor 10.20.4.13 activate

  neighbor 10.20.191.5 activate

  neighbor 10.20.191.5 route-map CheckDefaultRoute in

  neighbor 10.20.191.5 route-map ForISP2 out

  maximum-paths 3

  no auto-summary

  no synchronization

  network 191.0.0.0 mask 255.255.255.252

exit-address-family

!

ip route 10.20.191.4 255.255.255.252 FastEthernet1/0

ip route 191.0.0.0 255.255.255.252 FastEthernet1/0

!

ip access-list standard ForIPS2

permit 191.0.0.0 0.0.0.3

!

ip prefix-list OnlyDefaultRoute seq 10 permit 0.0.0.0/0

!

route-map ForISP2 permit 10

match ip address ForISP2

!

route-map CheckDefaultRoute permit 10

match ip address prefix-list OnlyDefaultRoute

set community no-export additive

 

!

route-map DefaultRouteForOSPF permit 10

match ip address DefaultRoute

match tag 222

set metric 11

set metric-type type-1

!

end

 

 

DSW1# show ip route - Use this command to check the availability of two default route.

Remember, default configured per-destination load balancing.

If you were interested to read the article, then click LIKE. Maybe this will help me find a job.

 

P.S. Sorry for my English