From: beatccielab (beatccielab@gmail.com)
Date: Mon Mar 05 2007 - 09:32:58 ART
Sorry for late reply and thank u very much for your respond..
Yes my configuration like your describe but for complete network diagram i
describe like at below:
isp(a) isp(b)
| |
| |
router(a) router(b)
| _ _ _ _ _ _|_ _ _ _ _ _ _ _ |
| / | \ DMZ
Fw(a) ------------ FW(b)---------------- /
| |
| |
L ---Core Sw----|
my diagram like at above..
isp(a) - router(a) is link#1
isb(b) - router(b) is link#2
you want to use link#1 for mail access only.
you want to use link#2 for internet access only.
if link#1 fails use #2
if link#2 fails do not use #1.
@ router(a): you do not advertise your mail gateway route
* ==> Yes i understand : not advertise my prefix from router(a) to internet,
Right? (correct me if i wrong)*
@ router(b): you advertise both your mail gateway route (prepend/less
specifics) + internet gateway.
*==> set route-map with as-path prepend atribute and local preference,
right?*
* (correct me if i wrong)*
**
and my another question is :
-* if FW(A) is fails, which Router(A)/link#1 is not fails THEN why access to
mail server cannot be reach via ISP(B)?
- should me to use vrrf or hsrp?*
**
*thank u very much for your respond to help me..*
**
*Rgrds,*
*Beatccielab*
On 3/1/07, tim tiriche <junipertech@gmail.com> wrote:
>
> Hello,
>
> This is how i understand you are setup.
>
> isp(a) isp(b)
> | |
> | |
> router(a) router(b)
>
>
> isp(a) - router(a) is link#1
> isb(b) - router(b) is link#2
>
> you want to use link#1 for mail access only.
> you want to use link#2 for internet access only.
>
> if link#1 fails use #2
> if link#2 fails do not use #1.
>
> @ router(a): you do not advertise your mail gateway route
> @ router(b): you advertise both your mail gateway route (prepend/less
> specifics) + internet gateway.
>
> now if router(a) fails you still have access via router(b)
>
> please let me know if i may have misunderstood your question.
>
>
> regards,
> --Tim, jncip.
>
>
> On 3/1/07, beatccielab <beatccielab@gmail.com> wrote:
>
> > Hi All..
> >
> > I have a problem with my configuration BGP multihomed that connect
> > to two ISP with two local router. Link Router(A)-ISP(A) is used to
> > dedicated only for mail access, and link Router(B)-ISP(B) is used
> > to browsing access internet for user internal only.
> > if link Router(A)-ISP(A) is fail then for access to mail server is
> > automaticality switch to ISP B. But if link B is fail
> > not allowed to use ISP A.
> > Note: fast0/0 of Router(A) is connect to
> > Firewall(A) and fast0/0 of Router(B) is connect to Firewall(B). between
> > Firewall(A) and Firewall(B) is set failover.
> > I was configure between Router(A) and Router(B) peering as iBGP and
> > Router(A) to ISP A and Router(B) to ISP B is peering eBGP,
> > and setting for policy routing for incoming policy is use
> > local_preference
> > and for outgoing is use as-path prepend.
> > After i was configure like that, but unfortunately not running properly.
> >
> > i found is several problem :
> > - if router(A) or Link to ISP A is fail cannot switch access the mail
> > server via ISP B
> > - if Router(B) or link to ISP B is fail is internal user can to reach
> > internet access via ISP A.
> > - if FW(A) is fail (Router(A) and link is not fail) then access to
> > mail server cannot be reach via
> > ISP(B).
> > please advice to me to fix this problem. thank u very much for your
> > help.
> >
> >
> >
> >
> > --
> > Regards,
> > beatccielab
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
>
>
>
> --
> -tim
-- Regards, beatccielab
This archive was generated by hypermail 2.1.4 : Sun Apr 01 2007 - 06:35:50 ART