I'm trying to work through a design and thought I would come out here and ask.
Current Data Center is using eBGP with the ISP, but only has one ISP right now. The backup DC is now gone that was running the other eBGP. Between them, they were using vlan tagging over the Spectrum L2 (ELAN) and using EIGRP to connect the sites. Not sure why they used EIGRP for this, as I've always used iBGP for it, but I digress.
So, on to present day. Backup DC is now gone and building a new Second Data Center across the country. QinQ is being used between all of the sites over the ELAN including the new DC and is being used to be able to do QoS between all of the sites. Effectively creating Hub-Spoke sites with metrics to control the preferred site. DC's will be running active/active with the apps closest to the end users.
New equipment to be installed at each site:
eBGP routers: ISR 4431
L3 Cores: Nexus 93108's at the new site, Cisco 3850's w/ ipadvanced at the current DC
Spectrum ELAN routers: ASR1001x
The thing I am trying to figure out, is how to get the iBGP between the DC's. My first thought, is to just drop it on the corporate network and let it travel the QinQ to the other side. It would have it's own L3 QinQ and IGP AS. But I'm worried about exposing it like that.
My other option is going from the 4431's using an extra Gi interface to the ASR1001x and using something like psudowire to connect to the other side over the ELAN to supply the iBGP. Effectively doing the same thing as just using the Corporate network, but masking it in pseudowire.
I'm not sure I feel comfortable sending the iBGP over the corporate network and ELAN without masking it. Maybe I've overthinking this?
The other part I need to figure out, is what the configuration will look like on the NGFW 2110's for this.. I'm assuming both side will pretty much look the same. But that will be another day. Also, how to use the /28's from the ISP's with the eBGP running. Or do I just not use them and just use my /24.
Thanks!
No comments:
Post a Comment