- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
06-19-2019 09:23 AM
I have been using small(ish) static routing tables until now. I have 2 PA-3020 in HA mode that control the internet and new offsite datacenter. At a second location 15 miles away, I will have a backup link to that datacenter. A third 3020 is in place to handle the connection. My plan is to install OSPF on the juniper gear controlling the internal network. How do I advertise the two links to this new datacenter to the OSFP area from the Palo Alto's though? I'm not very familiar with BGP but even a general idea/best practice would be helpful for me to start reading up on. Rough map attached.
Ultimate goal: have access to the datacenter regardless if one link goes down without manual changes from me.
06-20-2019 10:01 AM
Have you looked into PBF and path-monitoring to accomplish the same thing with less complexity? Not saying that the OSPF idea isn't a good one, but if you aren't familiar with it I wouldn't really want my firewalls to be the place I learn how to configure things properly.
07-02-2019 03:56 PM
The problem with that is that it assumes that site 1.1.1.0 is available. Secondary sites would still be routing there even if it went down.
07-03-2019 10:38 AM
Hello,
Why not use OSPF all the way around? You mentioned OSPF and BGP. To make things easier, why not make everything area 0.0.0.0? Using metrics should help out with any asymentric routing.
Regards,
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!