On Thu, Aug 30, 2012 at 2:17 PM, Tribble, Wesley <WTribble@sterneagee.com> wrote:
What is the best method to Instruct the provider's network to prefer the Primary Data Center routes over the DR site? Keep in mind that I am only peering with the provider over BGP and I have no visibility to the underlying MPLS architecture or configuration.
Hi Wesley, For an Internet-based system, here's how you would do it. The private MPLS-based network you describe won't be quite the same but it'll be similar. * Announce with a AS path length from the DR site that has at least 3 prepends. Get your own RIR-assigned AS number for this; you can use private AS numbers but this will eventually confuse someone debugging a connectivity problem. * Local pref the accepted routes to prefer the primary site. * At least two ISPs at the primary site. * At the DR site, the usually single ISP should be the same as one of the ISPs at the primary site. That way when there's trouble talking to the two sites there's only one vendor to blame and it's the one you pay directly. It also means the GRE tunnel traffic between sites tends to stay on a single carrier. * GRE tunnels between the sites running IBGP. One GRE tunnel for each pair of Internet connections. Despite your best efforts you'll get a trickle of traffic into the DR site during normal operation of the primary. You'll want to send it back to the primary site and that should all happen outside the firewall. * In addition to your BGP announced addresses, get a small bank of IP addresses from each ISP for each Internet connection at each site. I usually ask for a /28 but a /29 is normally adequate. You'll need these to anchor your GRE tunnels and management functions. Regards, Bill Herrin -- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004