Problem
You want to connect your network to two different ISPs using two routers to eliminate any single points of failure.
Solution
In this example, we have two routers in our AS, which has ASN 65500. The first router has a link to the first ISP, whose ASN is 65510:
Router1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router1(config)#interface Serial0 Router1(config-if)#description connection to ISP #1, ASN 65510 Router1(config-if)#ip address 192.168.1.6 255.255.255.252 Router1(config-if)#exit Router1(config)#interface Ethernet0 Router1(config-if)#description connection to internal network, ASN 65500 Router1(config-if)#ip address 172.18.5.2 255.255.255.0 Router1(config-if)#exit Router1(config)#ip as-path access-list 15 permit ^$ Router1(config)#router bgp 65500 Router1(config-router)#network 172.18.5.0 mask 255.255.255.0 Router1(config-router)#neighbor 172.18.5.3 remote-as 65500 Router1(config-router)#neighbor 172.18.5.3 next-hop-self Router1(config-router)#neighbor 192.168.1.5 remote-as 65510 Router1(config-router)#neighbor 192.168.1.5 filter-list 15 out Router1(config-router)#no synchronization Router1(config-router)#exit Router1(config)#end Router1#
Then the second router connects to the second ISP, which uses ASN 65520. And because these two routers are both members of the same AS, they also must have an iBGP connection:
Router2#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router2(config)#interface Serial1 Router2(config-if)#description connection to ISP #2, ASN 65520 Router2(config-if)#ip address 192.168.2.6 255.255.255.252 Router2(config-if)#exit Router2(config)#interface Ethernet0 Router2(config-if)#description connection to internal network, ASN 65500 Router2(config-if)#ip address 172.18.5.3 255.255.255.0 Router2(config-if)#exit Router2(config)#ip as-path access-list 15 permit ^$ Router2(config)#router bgp 65500 Router2(config-router)#network 172.18.5.0 mask 255.255.255.0 Router2(config-router)#neighbor 192.168.2.5 remote-as 65520 Router2(config-router)#neighbor 192.168.2.5 filter-list 15 out Router2(config-router)#neighbor 172.18.5.2 remote-as 65500 Router2(config-router)#neighbor 172.18.5.2 next-hop-self Router2(config-router)#no synchronization Router2(config-router)#exit Router2(config)#end Router2#
Discussion
This recipe is similar to Recipe 9.4, but here we have split the functions across two routers to ensure that you can sustain a link failure or a router failure without losing your Internet connection. Figure 9-2 shows the new network topology.
Figure 9-2. Using two ISPs
The main difference is that we have had to configure an eBGP link from each router to its ISP, as well as an iBGP link between the two routers. Note that we have included the same AS Path filter on both routers to ensure that our network doesn't allow transit routing from one ISP to the other.
However, just as in the single router example, you have to decide how you want to deal with the problem of the excessive number of routes that you will receive from both of these ISPs.
Notice we have included the next-hop-self option for the iBGP peers on both routers:
Router1(config)#router bgp 65500 Router1(config-router)#neighbor 172.18.5.3 remote-as 65500 Router1(config-router)#neighbor 172.18.5.3 next-hop-self
Without this option, the next hop IP address for prefixes learned through Router1 will be the ISP connected to Router1. But even in this simple network, Router2 will not have a route to this next hop address. We could also get around this problem by including static routes on both routers. We discuss the next-hop-self option in more detail in Recipe 9.3.
In this example, we only have two routers inside our AS. You could add more, using exactly the same configuration commands that we used here. However, you need to remember to create a full mesh of iBGP peer relationships between all of these routers. Every BGP router must have a neighbor statement connecting to every other BGP router in the same AS.
See Also
Recipe 9.3; Recipe 9.4
Router Configuration and File Management
Router Management
User Access and Privilege Levels
TACACS+
IP Routing
RIP
EIGRP
OSPF
BGP
Frame Relay
Handling Queuing and Congestion
Tunnels and VPNs
Dial Backup
NTP and Time
DLSw
Router Interfaces and Media
Simple Network Management Protocol
Logging
Access-Lists
DHCP
NAT
First Hop Redundancy Protocols
IP Multicast
IP Mobility
IPv6
MPLS
Security
Appendix 1. External Software Packages
Appendix 2. IP Precedence, TOS, and DSCP Classifications
Index