RE: Multi site BGP Routing design

[<John.Herbert () ins com>]

Depending on your security policies you may want to encrypt said tunnel also.

Other than that, it all depends on it all depends. For example - if you receive / or have a default route pointing to 
the ISP, then the fact you have the same AS and won't receive the other site's routes in BGP doesn't matter at all - 
you'll follow a default from site 1 to the ISP, and the ISP will have a route to site 2 and can pass the traffic in the 
right direction. If you don't mind your traffic being passed unencrypted over the Internet, that is. You'll obviously 
need to adapt your firewall policies to allow for that flow as well.

j.

________________________________
From: Chris Adams [cmadams () hiwaay net]
Sent: Friday, June 05, 2009 20:16
To: nanog () nanog org
Subject: Re: Multi site BGP Routing design

Once upon a time, Steve Bertrand <steve () ibctech ca> said:
> Unless someone else has any better advice (I'm sure they do), you will
> need two separate public ASNs. Site 1 advertises it's space out of AS1,
> and site 2 advertises it's space from AS2.

I don't know that it's better advice, but another way to link the two
sites is via a tunnel (GRE or IPIP).  Use the upstream IP on each router
as the local endpoint, and then run some routing protocol over the
tunnel.
--
Chris Adams <cmadams () hiwaay net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.