I have inherit a network that is in full mesh of point-to-point links and the protocol is OSPF. I have 10 hubs (main routers) across the US in this full mesh of point-to-point links. One of the main routers (R4) has access to the Internet through a default route and the other main router (R6) has a BGP peering with another AS. The whole network is using an RFC1918 IP scheme except for a small network hanging of the BGP router. We are advertising a /24 to our BGP peer and we are receiving about 20K routes (I think), but I am pretty sure it was not the full table.
The /24 we are advertising is own by another group, so to this point the only one who could use the BGP is the group who owns the /24 and the rest of the network has a default static route point to R4. If R4 to go down, we could not get to the Internet, but the group who could get out via BGP.
I was tasked to propose a design if either one of the Internet edge routers to go down, we could at least failover to the other router. My plan is to propose a couple of scenarios to my boss and let them pick and do their politics.
Both internet routers are Juniper MX series. One of the scenario, is a floating static with RPM (IP SLA tracking). If R4 to go down, it would use the floating static route to the BGP router. Then I guess the router would NAT the internal network for it to get to the Internet.
The other scenario that I have in mind is to use IBGP with two RR or EBGP internally. But I do not have a real world experience with BGP at all and need your help. I want to do this the correct way.
I guess I would need more public addresses. If this is true, I am thinking each hub router would get their own /24. As each hub expand, the hub can allocate public IP addresses to their own group.
Am I going the right way here?
What is the process of advertising the BGP to my public neighbor?
Do I need to register my info to a registrar like altdb.net ? Is this mandatory?
I definitely don't want to become a transit AS, how do I do this on a Juniper device?
How should I design this network?
No comments:
Post a Comment