Hey everyone!
I am looking on the best method to implement failover WAN in a hub-spoke scenario and have some questions. I did some looking around but am missing something (many things I am sure).
We have a main location (SiteA) with a new secondary WAN link. We have about 5 remote offices that route back to SiteA through ipsec tunnels and advertise routes through ospf.
Previously, I was figuring I would have to create a second ipsec tunnel for each remote site, or 3 more tunnels for remote sites that also have dual wan (a1-b1, a1-b2, a2-b1, a2-b2)
I was speaking with a buddy and was told that they handle this situation by using BGP and aggregate their two WAN links so that there is one advertised outward facing IP so that they get redundancy over the existing tunnels without additional configuration (beyond the BGP setup).
I have roughly looked at how BGP works (and need to seriously do more research before testing it) but am curious about advertising your IP with the second ISP. Can I use the public IP leased through ISP A and ask ISP B to advertise it? If that is true, does that not cause issues when ISP A go down, don't they own that last hop?
If it makes any difference, we are using fortigates at every site
sorry for things being unclear - this was a bit stream of thought
No comments:
Post a Comment