Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: Requesting help with HA design in network

Requesting help with HA design in network 12 years 4 months ago #4262

  • n8
  • n8's Avatar
  • Offline
  • New Member
  • Posts: 13
  • Karma: 0
I am new to this forum. I hoped I could get some advice from the community.

I have been working on a network for a couple years now and have been using static routes the entire time. I need to migrate my configuration and setup to a high availability environment.

So far I have 1 core router with a single gig fiber link to my global firewall, where I have a gig link connected to my border router. My border router runs BGP with 2 peers. My core router has a gige fiber link to all my l2 stacks. If any one of these devices fail I have an offline device with a matching configuration that I can uplug all cables and plug into, to recover from the failure.

I need to move to a topology where all my secondary devices are active with interconnecting links to the primaries. I believe I can accomplish this by using OSPF and IBGP between my border routers.

If anyone is interested in helping me out, check out my proposal1.jpg to see where I am at now.

Here's a summary of my diagram.

Consider that each device with a 1 in its name is active now. All the 2s are my secondary devices which are offline at the moment. I believe I can directly connect the two border routers and run IBGP between them. I can then connect one of my peers to Border 1 and accept full routes. In turn I can directly connect Border 2 to my second peer and accept full routes. If any Border router fails, I still have 1 peer.

The two firewalls (FW#) are interconnected with the Border routers and my core routers, using OSPF. I believe OSPF can choose a default gateway. Correct me if I am wrong.

The two Core routers would be interconnected with OSPF and I would only connect my stacks to one Core router. If my primary core router failed, I could unplug cables and directly connect it to my Core 2 router.

What do you think? Thanks for any advice you can give.

This email address is being protected from spambots. You need JavaScript enabled to view it.
The administrator has disabled public write access.
Time to create page: 0.074 seconds


Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V


  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup