We are soon to have a vpls solution delivered to us, to enable us to link our existing UK network and a couple of data centres and offices around the world.
In each data centre we are having 2 links into the vpls, terminating on two different routers. The plan is to have a subnet linking up the DC's, run ospf, mp-bgp, and extend our existing mpls over it. So far sounds perfectly fine?
Now, we also have a number of new offices coming into existence over the next year, and we want to use the vpls provider to provide tail circuits back to us. Original plan was to have 2 circuits to each office, one via the vpls provider and one via a different carrier.
The powers that be have out it to me why don't we have two links from the vpls provider as it will save costs. Is this even possible without causing a loop?
Our offices are set up a bit differently than DC's. Instead of having 2 routers/firewalls, we tend to run a active/standby pair of ASA's. My immediate thought is to place each vpls link at the offices into a separate vlan, and subinterface the vpls link on our core routers. Then we can run bgp from the offices, multipath, and let it choose it's own routes. Apart from that it would have to be one link into each firewall in the office and just run as active standby.
Anyone able to pipe in with some other thoughts on this?
Otherwise if both links in same vlan we would cause a loop
No comments:
Post a Comment