August 2013 • 7 min read
In the world of enterprise networking, reliability is paramount. With business operations depending heavily on internet and inter-office connectivity, designing a resilient WAN has become a top priority. In 2013, many enterprises are looking toward a combination of Border Gateway Protocol (BGP) and Cisco IP SLA to build highly available WAN architectures without depending solely on expensive proprietary failover solutions.
Why WAN Redundancy Matters
As more applications move to the cloud and users become distributed, even brief outages in WAN connectivity can have a cascading impact on productivity. Many businesses operate with multiple service providers to mitigate the risk of an ISP failure, but redundant circuits alone do not guarantee intelligent failover. That’s where dynamic routing and health monitoring come in.
Enter BGP: The Internet's Default Routing Language
BGP remains the protocol of choice for multihomed enterprise networks connecting to two or more ISPs. It allows policy-based routing and gives administrators control over which paths are preferred, advertised, or suppressed.
A typical dual-homed WAN deployment involves connecting the enterprise edge router to two ISPs. Each ISP provides a /30 WAN IP block and possibly a public IP range for NAT. Using BGP, each link can independently announce the enterprise network while using attributes like Local Preference and AS Path to influence incoming and outgoing traffic.
Where IP SLA Comes In
Despite BGP’s flexibility, it has one drawback: it does not inherently test for path availability. If the physical link is up but the path to the Internet is degraded (e.g., due to a remote ISP issue), BGP may continue routing traffic into a black hole.
To fill this gap, Cisco’s IP SLA can monitor key destinations (e.g., public DNS servers, business-critical apps) and use track objects to influence route decisions. When an IP SLA test fails, it can withdraw a static route or trigger a change in BGP behavior.
Example: Dual WAN with BGP and IP SLA Tracking
Here’s a basic configuration to demonstrate the concept:
interface GigabitEthernet0/0
description Link to ISP1
ip address 203.0.113.2 255.255.255.252
interface GigabitEthernet0/1
description Link to ISP2
ip address 198.51.100.2 255.255.255.252
ip sla 1
icmp-echo 8.8.8.8 source-interface GigabitEthernet0/0
frequency 5
ip sla schedule 1 life forever start-time now
track 1 ip sla 1 reachability
ip route 0.0.0.0 0.0.0.0 203.0.113.1 track 1
ip route 0.0.0.0 0.0.0.0 198.51.100.1 200
This configuration prefers ISP1, monitored using IP SLA. If the tracked destination (8.8.8.8) becomes unreachable, the route via ISP1 is withdrawn and the static route to ISP2 takes over due to the higher administrative distance.
Advanced Failover with BGP and Route Maps
In more advanced scenarios, BGP can also react dynamically to changes in IP SLA state. For example, you can use route-maps with 'set local-preference' or 'set metric' based on tracking objects to influence BGP path selection automatically.
Some enterprises also integrate object tracking with HSRP or GLBP to maintain high availability at Layer 3 gateways, especially when there are multiple routers sharing the WAN edge role.
Common Pitfalls and Design Tips
- Ensure IP SLA monitors an external host, not just the next hop.
- Be mindful of asymmetrical routing and return traffic flows.
- Document all BGP peerings, route policies, and failover logic clearly.
- Log tracking events to syslog or SNMP for monitoring.
Ultimately, combining BGP’s powerful policy control with IP SLA’s real-time path awareness results in a robust, cost-effective, and scalable WAN failover architecture.
Conclusion
In 2013, enterprise IT teams are expected to deliver maximum uptime on constrained budgets. By leveraging open standards like BGP along with smart telemetry from IP SLA, network engineers can design WANs that don’t just survive ISP failures—they adapt to them.
No comments:
Post a Comment