Scribd Logo
Unggah

Selamat datang di Scribd!

  • ANIRA V 0.1

    Diunggah oleh

    ganesh
    255 tayangan4 halaman
    ANIRA v 0.1

    Judul Asli

    ANIRA v 0.1

    Hak Cipta

    © © All Rights Reserved

    Format Tersedia

    DOCX, PDF, TXT atau baca online dari Scribd

    Apakah menurut Anda dokumen ini bermanfaat?

    Apakah konten ini tidak pantas?

    Laporkan Dokumen Ini
    ANIRA v 0.1

    Hak Cipta:

    © All Rights Reserved
    Unduh sebagai DOCX, PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    255 tayangan4 halaman

    ANIRA V 0.1

    Diunggah oleh

    ganesh
    ANIRA v 0.1

    Hak Cipta:

    © All Rights Reserved
    Unduh sebagai DOCX, PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    dari 4

    ANIRA

    Introduction:

    ANIRA is a Netgate router provided, managed and owned by AT&T.


    ANIRA is a AT&T Network Based IP VPN Remote Access device and is a fully managed, network based
    solution that offers organizations a remote access solution extending the reach of their existing VPN.
    ANIRA in Colliers is used as redundancy and failover to MPLS network and also provides Internet
    connectivity.
    ANIRA uses split tunneling methodology to carry both corporate and internet traffic.
    Current ANIRA model running in Colliers network is 8200 series.

    Requirement:

    ANIRA provides redundancy and failover to the MPLS and Internet connectivity. This provides business
    continuity and service with zero percent downtime.
    ANIRA is also used as a primary WAN and Internet connectivity at sites where there is no existence of
    MPLS connectivity.
    ANIRA carries Data, Voice and Wireless traffic.

    Colliers internal configuration for ANIRA:

    Colliers primary WAN link is MPLS via CE router (Customer Edge router) and ANIRA act as a backup to
    MPLS.

    So there are two step configurations we have to do in our LAN Core switch. Since traffic get initiated by
    end stations and then hit the core switch, so the core switch have to decide whether the traffic need to
    be forwarded to the CE router (Customer Edge router) or to the ANIRA.
    This decision is solely made by the Core switch based on the routing protocol and its routing table.

    Core switch run EIGRP with AS 10 to advertise the local subnets and also the external routes
    redistributed by the BGP in the CE router.
    So in our scenario, if the Primary MPLS link goes down, the BGP will fail to get the external routes and
    thus it will not be able to redistribute those routes to EIGRP and the connectivity of the end user to
    MPLS cloud will get lost.

    To overcome this issue, we have configured floating static route in the Core switch with higher
    distance value.
    A floating static route is simply one that has an administrative distance value greater than that of the
    dynamic routing protocol being used.
    Floating static route is nothing but a default static route that will act as a backup or failover to any
    actively running dynamic routing protocol.
    So in our LAN environment EIGRP is actively running as internal routing protocol and hence default static
    route is used a floating static route.

    Prepared by: Vinod Vasu Page 1


    ANIRA

    Also since EIGRP is carrying external routes into the LAN, so the administrative distance will be 170 and
    hence we need to keep the floating static route administrative distance higher than EIGRP, which is 250,
    otherwise the floating static route will have higher preference than EIGRP because of it default AD value
    as one.
    So the configuration of floating static route will be
    ip route 0.0.0.0 0.0.0.0 x.x.x.x 250
    This ip route command will make the core switch to decide that it has to direct the traffic to ANIRA in
    case the primary MPLS link goes down.
    Next-HOP x.x.x.x is the IP address of ANIRA and 250 is distance value defined by the administrator.

    Access port configuration:

    Core switch is connected to ANIRA using access port and it uses vlan 99 as connectivity vlan between
    Core Switch and ANIRA device.
    The standard configuration for the ANIRA access port in core switch will be as below:-
    interface FastEthernet0/48
    description Link to ANIRA LAN port 1
    switchport access vlan 99
    switchport mode access
    spanning-tree portfast
    end

    It is always advise to have a label / description assign to the port, in order to identify the port easily.
    Switch port connected to ANIRA will be access port, which is followed in every location where ANIRA is
    implemented. But this will depend on the design, if design demands then this can also be configured as
    layer 3 port.
    Spanning-tree portfast is configured to disable the spanning-tree functionality and convergence states
    and period on this particular port.

    ANIRA configuration for Colliers:

    Though ANIRA configuration is owned and managed by AT&T. But we Colliers responsibility is to inform
    AT&T what subnets they have to advertised into our LAN. So we need to provide them Data, Voice,
    Wireless or any other subnet that we feel need to be advertised with the next hop address of the Core
    Switch.
    The next-hop address will be Vlan 99 gateway in the Core switch.

    ANIRA also need to advertise network to the outside world to provide the same service that MPLS was
    providing when it was UP and running.
    So both internal and internet services are managed by ANIRA using spit tunneling concept. Where ANIRA
    carries the MPLS traffic via tunnel towards the MPLS cloud, using BGP community attribute.

    While it carries internet traffic using its standard routing towards the internet cloud.

    Prepared by: Vinod Vasu Page 2


    ANIRA

    Testing from Colliers end:

    After implementation, following testing can be done.

    If ANIRA need to be tested during MPLS is up and running then we need to remove the distance value
    given in the floating static route, this will make the default static route run on its default AD value of
    one. And the command will be
    ip route 0.0.0.0 0.0.0.0 x.x.x.x
    Where x.x.x.x will be the IP address of ANIRA inside interface pointing to internal LAN or we can say the
    Vlan 99 gateway assigned to ANIRA inside interface.

    Then run tracert or traceroute to any other site in MPLS cloud and check the ANIRA inside interface
    IP is listed in the HOP list. This will confirm that traffic is passing through ANIRA.

    There is a possibility that ICMP traffic is reaching the destination via ANIRA but users are not able to
    access remote applications, servers, internet and even phone connectivity not working, then in that case
    check with AT&T whether they have advertised the correct internal subnets into the ANIRA with the
    next-hop address as switch Vlan 99 gateway.

    Team involved:

    Implementation of ANIRA involves network team from Colliers and AT&T. The contact detail of AT&T is
    addressed in below section of the document.

    Process:

    ANIRA implementation will go through all the standard change process followed in Service-Now
    ticketing tool and proper approvals through the CAB meeting. Also AT&T will follow their own
    methodology of addressing the change, but this will be looped between both the teams.

    Locations:

    As of August 26th, 2013, the following are the Colliers locations that are currently running ANIRA setup.
    Toronto
    Vancouver
    Sacramento
    Irvine
    Portland
    Charlotte
    Stamford
    Seattle

    Prepared by: Vinod Vasu Page 3


    ANIRA

    Contact details:

    AT&T
    Name: Scott Nault
    Email: nault@att.com
    Email: sn8153@att.com
    Phone: 813-402-5263

    Netgate Helpdesk
    Phone: 800-727-2222 --- Press option 3, 3.

    Prepared by: Vinod Vasu Page 4

    Anda mungkin juga menyukai