 | Start a set with this search |
 | Include this search in one of my sets |
 | Exclude this search from one of my sets |
 | Permalink to these results Paste this link in email or IM: |
 | Atom feed for tracking future search results Paste this URL into your reader: |
17 messages in net.nether.puck.cisco-nsp[c-nsp] eigrp question| From | Sent On | Attachments |
|---|---|---|
| Kern, Tom | Jan 5, 2005 12:16 pm | |
| Kern, Tom | Jan 5, 2005 12:29 pm | |
| Kern, Tom | Jan 5, 2005 1:00 pm | |
| Rodney Dunn | Jan 5, 2005 1:34 pm | |
| Kern, Tom | Jan 5, 2005 1:36 pm | |
| Jim McBurnett | Jan 5, 2005 2:14 pm | |
| Kern, Tom | Jan 5, 2005 3:56 pm | |
| Rodney Dunn | Jan 5, 2005 4:41 pm | |
| Jim McBurnett | Jan 5, 2005 4:50 pm | |
| Kern, Tom | Jan 5, 2005 4:56 pm | |
| Marty Adkins | Jan 5, 2005 5:19 pm | |
| Jim McBurnett | Jan 5, 2005 11:29 pm | |
| Gert Doering | Jan 6, 2005 4:14 am | |
| Pekka Savola | Jan 6, 2005 5:10 am | |
| Randy Bush | Jan 6, 2005 8:54 am | |
| Gert Doering | Jan 6, 2005 9:35 am | |
| Randy Bush | Jan 6, 2005 9:45 am |
| Permalink for this message Paste this link in email or IM: |
| Permalink for this thread Paste this link in email or IM: |
| Atom feed for this thread Paste this URL into your reader: |
| Subject: | [c-nsp] eigrp question | Actions... |
|---|---|---|
| From: | Kern, Tom (tke...@CHARMER.COM) | |
| Date: | Jan 5, 2005 1:00:24 pm | |
| List: | net.nether.puck.cisco-nsp | |
there is a router outside the firewall. its the stub router and only has static
routes.
i looked into SAA probes but my ios(12.2(6)) doesn't support it and the one that
does is too big for my flash and of course the powers that be don't want to
shell out any $$$ for a new flash card.
finally, i think i'm screwed because the sonicwall pro 100 in the remote site
doesn't have any pre built services for gre and doesn't have an option to create
a rule based on IP ports only tcp/udp.
sigh....
-----Original Message----- From: barney gumbo [mailto:barn...@gmail.com] Sent: Wednesday, January 05, 2005 12:53 PM To: Kern, Tom Subject: Re: [c-nsp] eigrp question
Is there a router beyond (outside) the firewall? If so, GRE over EIGRP will get the EIGRP packets through the firewall. In other words, build a GRE tunnel through the firewall and add the GRE network (on both routers) into EIGRP. Be careful not to redistribute the external routing protocol (if there is one) into EIGRP and vice-versa.
BGP is actually quite simple on a basic level. It get's tricky when you need to exchange routes between BGP and an IGP, in this case EIGRP.
However, it sounds like you don't have a router on the outside of the firewall. In this case you can set up policy-routing which will ping a network, if the ping fails, the policy-routing will kick in and change the route you need changed.
Check these links-
http://www.cisco.com/en/US/about/ac123/ac114/ac173/Q2-04/department_techtips.html
http://www.cisco.com/warp/public/784/packet/apr04/pdfs/dept_tt_scenarios.pdf
I use these features in my network. Specifically I ping a destination host that we're not exchanging routes with. When that ping test fails, policy-routing kicks in and the backup route is injected. Once the pings start working again, the original route is re-injected. Works quite well.
--Barn
On Wed, 5 Jan 2005 12:29:58 -0500, Kern, Tom <tke...@charmer.com> wrote:
I'm trying to set up an internet redudancy plan. i have 3 sites all connected
via T1's. each site has its own internet connection(frame relay) and i'd like to
set it up so if one site's firewall(sonicwall and watchguard) go down or the
internet link goes down, internet traffic will automagically be rerouted via one
of the other site's internet connection.
i'm avoiding bgp because i have no experince with it.
all my routers run eigrp. i thought using "ip default-network" would work. but
if eigrp neighbors need to be on the same subnet, this won't help me. also eigrp
would only work if the whole router went down(rare). i want the routes to change
if the serial link is down.
does anyone know of a way to make this work? is it possible? thanks
-----Original Message----- From: Michel Py [mailto:mic...@arneill-py.sacramento.ca.us] Sent: Wednesday, January 05, 2005 12:20 PM To: Kern, Tom Subject: RE: [c-nsp] eigrp question
would an eigrp neighbor relationship be formed between 2 routers if they are on seperate subnets?
No. (I would be very interested in this if it could work). So far the only thing I got to route across a firewall is either a tunnel (which defeats having a firewall) or BGP.
_______________________________________________ cisco-nsp mailing list cisc...@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/