You may want to take a look at this link:
http://www.cisco.com/en/US/tech/tk365/tk80/technologies_configuration_exampl
e09186a0080094309.shtml
HTHs
-kent
----- Original Message -----
From: "neteng"
To:
Sent: Monday, August 02, 2004 3:10 PM
Subject: Re: ISP Path selection and BGP [7:91342]
> Thanks for the reply and I'll try to clarify my problem. We have a couple
> hundred home users that VPN in. The address space is ours, a class C with
> our own AS (but provisioned from AT&T's space). Once the users connect to
> the VPN, they do not have any internet access. We do not allow split
tunnel
> and we restrict internet access from the VPN itself (no default gateway).
> Currently about half the users are coming via the SBC network, which is
our
> failover ISP. I believe they are coming over SBC because our local DSL
> service is SBC. Since they reside on the SBC network, they will stay on
the
> network to access our site, instead of jumping over to AT&T. Is there a
way
> to make them jump over to AT&T to access our site? My boss wants no
traffic
> over the SBC link unless there is a fail-over. Hope this helps and thanks
> again for your reply.
>
>
> ""Howard C. Berkowitz"" wrote in message
> news:200407310336.i6V3a0ah018332@xxxxxxxxxxxxxxxxx
> > At 11:23 PM +0000 7/30/04, neteng wrote:
> > >We have one connection (DS-3) to ISP#1 and one connection (DS-3) to
ISP#2
> > >for internet access. We have BGP in place and prefer all traffic to go
> > >through ISP#1. Here's the problem, local DSL subscribers are on the
ISP#2
> > >network, so all of our home workers with DSL take the ISP#2 route
instead
> of
> > >the ISP#1 route. I can understand that because it's the local network
> that
> > >it's the preferred route, but can I change it to route through ISP#1 or
> > >would all that be internal to ISP#2's BGP network?
> > >
> >
> > I'm not sure that I understand the problem you are trying to solve,
> > or, if I am extrapolating the problem, what is broken.
> >
> > First, let me understand: do the DSL users come to your site when
> > accessing the Internet, or do they go directly to SBC?
> >
> > Second, what address space do the home workers used? SBC space or
> > provider-independent space of yours?
> >
> > If they come back to your site, as, for example, to go to a firewall,
> > there's nothing stopping you from sending them out the AT&T pipe. If
> > they have source addresses in the SBC address space, the response is
> > likely to bypass your firewall and come back directly to them.
> >
> > If you are trying to make your users on SBC go directly to AT&T, I
> > don't see any way to do that without your ordering a VPN from SBC to
> > make that happen. In other words, there is no incentive to SBC to
> > make traffic go through AT&T.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=91423&t=91342
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
