Routing

 View Only

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



Expand all | Collapse all

Dual Router Dual Internet Setup

  • 1.  Dual Router Dual Internet Setup

    Posted 03-14-2022 19:37
    Hi,

    Just wanted ask on how to setup two juniper routers that will act in a active / standby setup?

    thanks

    ------------------------------
    NERI GARY CACATIAN
    ------------------------------


  • 2.  RE: Dual Router Dual Internet Setup

     
    Posted 03-14-2022 19:38
    Sounds like you want the second example starting on page 24 of the High Availability example guide.

    https://www.juniper.net/documentation/en_US/release-independent/nce/information-products/pathway-pages/nce/nce0092-chassis-cluster-srx-configuring.pdf

    ------------------------------
    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
    http://puluka.com/home
    ------------------------------



  • 3.  RE: Dual Router Dual Internet Setup

    Posted 03-15-2022 13:01
    The setup would be like, the the primary router has MPLS and internet. while the second router only has internet. the failover will only happen on the circuit not the entire router.
    So i was thinking what would be the solution for this

    ------------------------------
    NERI GARY CACATIAN
    ------------------------------



  • 4.  RE: Dual Router Dual Internet Setup

    Posted 03-16-2022 05:32
    Hi!
    How is your routing setup? Are you sending Internet traffic via your MPLS circuit? Or in the other hand, you are using the local Internet circuits keeping the MPLS to communicate with remote sites/colo/HQ?
    Assuming the latter it boils down to how your distribution/core layer is routing to those WAN Routers.
    You could have default routes 0/0 advertised from both WAN Routers to your LAN and have the Secondary WAN Router have its 0/0 advertised with a less preferred metric. You should also keep in mind that an important factor is making sure you WAN Routers are failing over upon noticing Internet is unreachable. Keep sending probes to the Internet and stop adversing a default route towards the distribution/core layer is an option. It depends in how your currently have your setup.
    What is the order of preference you have in mind for this failover?

    ------------------------------
    Hector Gustavo Serrano Gutierrez
    ------------------------------



  • 5.  RE: Dual Router Dual Internet Setup

    Posted 03-16-2022 09:52
    the setup would be the internet ckt will go through a fw, while the MPLS traffic will be going via the sw. MPLS would just be use for inter site traffic.

    In this case, would it be the fw who will handling the failover or the SRX routers can still influence the internet traffic priority?

    PLease note that the secondary router doesn't have an MPLS ckt

    thanks

    ------------------------------
    NERI GARY CACATIAN
    ------------------------------



  • 6.  RE: Dual Router Dual Internet Setup

    Posted 03-16-2022 19:18
    What device is acting as the Gateway of Vlans in your network? I am assuming a Distribution/Core layer used which can route to either of your WAN Routers.
    Having your WAN Routers establish a dynamic Routing Protocol (i.e OSPF) with your Distribution/Core should smooth things.
    The Primary WAN Router (the one with the Internet & MPLS circuits) can advertise a 0/0 plus remote networks towards the Distribution/Core layer.
    The Secondary WAN Router (the one with the backup Internet circuit) can advertise another 0/0 but manipulated with a less desirable metric (Cost if OSPF is used).
    When the Primary WAN Router loses the Internet connection, it can withdrawn the prefix 0/0 dynamically via the Routing Protocol. Once done the Distribution/Core layer can start adding the 0/0 which is coming from the Secondary WAN Router to its Routing Table. Distribution/Core should still be routing to the Primary WAN to the MPLS connection as more specific prefixes should still be received.
    For this to happen Internet access needs to be monitored from the Primary WAN Internet Router by probing it or the 0/0 itself installs in its Routing Table be withdrawn. Probably the only way the later can happen is with the Firewall also withdrawing the dynamic route towards your WAN Router.

    ------------------------------
    Hector Gustavo Serrano Gutierrez
    ------------------------------



  • 7.  RE: Dual Router Dual Internet Setup

     
    Posted 03-16-2022 05:45
    Are you able to do bgp with the internet provider?

    That would allow simple routing failover when the default route is lost.

    If using static default routes you would need to configure RPM  (realtime performance monitoring) to drop the primary static route during failures detected.

    https://iliketech2017.wordpress.com/2019/04/23/static-route-tracking-with-junos-rpm-tracking/

    ------------------------------
    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
    http://puluka.com/home
    ------------------------------



  • 8.  RE: Dual Router Dual Internet Setup

    Posted 03-16-2022 15:46
    hi I did a quick lab for this requirement and its very easy:


    primary router is running ospf area 0 within the firewall
    secondary router is running ospf area 1 withing the firewall

    the reason why, is we are using O as primary and IA as secondary, relying on OSPF : D 
    for the lan perspective im running vrrp and tracking the interface facing the fw

    without tuning I lose 3 ping in a test scenario .

    Luis Flor


    ------------------------------
    LUIS W FLOR GONZA
    ------------------------------



  • 9.  RE: Dual Router Dual Internet Setup

    Posted 03-16-2022 19:15
    I don't know why they erase the configs : (

    ------------------------------
    LUIS W FLOR GONZA
    ------------------------------



  • 10.  RE: Dual Router Dual Internet Setup

    Posted 03-16-2022 19:15
    you could more simply accomplish standby using a link cost/metric rather than a whole different ospf area.  But, there's often more than one solution to accomplish the end goal

    ------------------------------
    Aaron Gould
    Senior Network Engineer
    aaron@gvtc.com
    https://www.linkedin.com/in/agould123/
    ------------------------------



  • 11.  RE: Dual Router Dual Internet Setup

    Posted 03-16-2022 19:19
    Your lab looks great!
    I think we can add efficiency by having a Distribution/Core layer acting as default Gateway as opposed to using the WAN Routers and VRRP. Not sure if that is how the current setup is though.
    Regards.

    ------------------------------
    Hector Gustavo Serrano Gutierrez
    ------------------------------



  • 12.  RE: Dual Router Dual Internet Setup

    Posted 03-15-2022 13:01
    Hi,

    Actually the design would be like internet failover. The setup is that the first router has MPLS and internet, while the second router only have an internet ckt.

    Would clustering solve this, since i believe clustering would be more of router failover?

    ------------------------------
    NERI GARY CACATIAN
    ------------------------------



  • 13.  RE: Dual Router Dual Internet Setup

    Posted 03-16-2022 15:46
    a picture is worth a thousand words.  would be good if you could draw a simple picture showing what you are trying to accomplish.  may help me and others correctly recommend a feasible solution.

    ------------------------------
    Aaron Gould
    Senior Network Engineer
    aaron@gvtc.com
    https://www.linkedin.com/in/agould123/
    ------------------------------