Dynamic Routing offsite

Reply
L2 Linker

Dynamic Routing offsite

I have been using small(ish) static routing tables until now.  I have 2 PA-3020 in HA mode that control the internet and new offsite datacenter.  At a second location 15 miles away, I will have a backup link to that datacenter.  A third 3020 is in place to handle the connection.  My plan is to install OSPF on the juniper gear controlling the internal network.  How do I advertise the two links to this new datacenter to the OSFP area from the Palo Alto's though?  I'm not very familiar with BGP but even a general idea/best practice would be helpful for me to start reading up on.  Rough map attached.

PA-Route.png

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Ultimate goal: have access to the datacenter regardless if one link goes down without manual changes from me.  

Tags (1)
L7 Applicator

Re: Dynamic Routing offsite

@ToddJohnsen,

Have you looked into PBF and path-monitoring to accomplish the same thing with less complexity? Not saying that the OSPF idea isn't a good one, but if you aren't familiar with it I wouldn't really want my firewalls to be the place I learn how to configure things properly. 

L2 Linker

Re: Dynamic Routing offsite

The problem with that is that it assumes that site 1.1.1.0 is available.  Secondary sites would still be routing there even if it went down.

L7 Applicator

Re: Dynamic Routing offsite

Hello,

Why not use OSPF all the way around? You mentioned OSPF and BGP. To make things easier, why not make everything area 0.0.0.0? Using metrics should help out with any asymentric routing.

 

Regards,

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!