Might be a silly question but is it perfectly fine to have multiple eBGP neighbours with one common subnet between them all?
Usually with a router we would use 2 interfaces and have a /30 off each with one eBGP neighbor off one interface.
In this instance we have a active/standby ASA setup so im proposing making the transit subnet a /29 on one interface, into a switch (vss so also ha), and have our wan routers inside interface(which will be used to bring up the bgp session) also within this /29
I think it is fine, but wanted some feedback before into ahead with the proposal on Monday.
Reason behind this is it will save me having to mess about with interface zones, as all traffic will be coming in and out of one interface on the ASA, rather than potentially causing issues with statefull TCP checks etc
No comments:
Post a Comment