BGP Routing in DMVPN Access Network
A large enterprise (the Customer) has an existing international WAN backbone using BGP as the routing protocol. They plan to replace a regional access network with DMVPN-based solution and want to extend the existing BGP routing protocol into the access network to be able to scale the access network to several thousand sites.
The initial DMVPN access network should offer hub-and-spoke connectivity, with any-to-any traffic implemented at a later stage.
Figure 1: Planned DMVPN network
The Customer’s design team is trying to answer these questions:
- Should they use Internal BGP (IBGP) or External BGP (EBGP) in the DMVPN access network?
- What autonomous system (AS) numbers should they use on remote (spoke) sites if they decide to use EBGP in the DMVPN access network?
The document describes a summary of design challenges sent by readers of ipSpace.net blog and discussed in numerous ExpertExpress engagements. It’s based on real-life queries and network designs but does not represent an actual customer network. Complete document is available as downloadable PDF to ipSpace.net subscribers. You can also buy a digital book with all ExpertExpress case studies
Existing IP Routing Overview
The existing WAN network is already using BGP routing protocol to improve the overall scalability of the network. The WAN backbone is implemented as a single autonomous system using the Customer’s public AS number.
IBGP sessions within the WAN backbone are established between loopback interfaces and the Customer is using OSPF is exchange reachability information within the WAN backbone (non-backbone routes are transported in BGP).
The WAN backbone AS is using BGP route reflectors; new DMVPN hub routers will be added as route reflector clients to existing BGP topology.
Figure 2: BGP routing in existing WAN backbone
IBGP Versus EBGP
The following characteristics of IBGP and EBGP have to be considered when deciding whether to use single AS or multiple AS design:
- Route propagation in IBGP and EBGP;
- BGP next hop processing;
- Route reflector behavior and limitations (IBGP only);
- Typical IBGP and EBGP use cases;
The following recommendations were made based on equipment and Cisco IOS software releases deployed on remote sites, ease-of-use and design complexity considerations:
- Use EBGP in DMVPN access network.
- Use 32-bit private AS numbers
Get the complete document
Complete case study, including design and deployment guidelines and sample configuration snippets is available to ipSpace.net subscribers. Select the Case studies tab after logging into the webinar management system.
Products and Services
- Yearly subscription
- ExpertExpress and Consulting
- Live events and on-site workshops
- Webinars and recordings
- Customized webinars
About Ivan Pepelnjak
- BGP Convergence Optimization
- Combine Physical and Virtual Appliances in a Private Cloud
- Designing a Private Cloud Network Infrastructure
- External Routing with Layer-2 Data Center Interconnect (DCI)
- Integrating Internet VPN with MPLS VPN WAN
- Redundant Data Center Internet Connectivity
- Redundant Server-to-Network Connectivity
- Replacing the Central Firewall
- Scale-Out Private Cloud Infrastructure
- Sizing the Network
3 May 2017
- Open Networking for Large-Scale Networks
9 May 2017
- Networking in Private and Public Clouds
10 May 2017
- Data Center 3.0 Updates
22 May 2017
- Ansible Updates
23 May 2017
- Network Visibility with Flow Data
7 June 2017
- Building Network Automation Solutions (Online course)
15 September 2017
Recent blog posts