Best practice for ptp/loopback numbering for "small" enterprise multihome setup
Blake Hudson
blake at ispn.net
Fri Mar 26 18:46:03 UTC 2021
On 3/26/2021 12:01 PM, vom513 wrote:
> Hello,
>
> tl;dr - If I only have a /24 PI - is there any way to use this and not “chop it up / deagg” to use for ptp/loopbacks ?
>
> Hopefully I can explain this in a manner that makes sense.
>
> Say I have a vanilla dual router/dual upstream setup (think enterprise internet edge).
>
> It’s basically an “H” shape:
>
> - Two ISPs
> - Two routers (“crosslink” is the middle of the H - iBGP)
> - Each router has at least a link downstream into my public “outside” segment. I run an FHRP here. This is where my DMZ firewalls, VPN endpoints etc. have their outside interfaces.
>
> Let’s also say I only have a /24 of PI.
>
> I need to number the crosslink and the loopbacks. The upstreams will use their own /30 / /31 let’s say for the top of the H. My downstream interfaces will have my /24 (or parts of it) on the bottom of the H.
>
Couple things come to mind that might be a more efficient use of address
space: First, you don't need two routers in order to have dual
upstreams. Have you considered multi-homing using a single router? If
you need redundancy, it could be built into a single chassis. Another
option is that some routers can perform active/standby failover without
the need for extra public addresses. For example, two Cisco ASAs would
have a cross-link, but this link is limited to keeping state and HA
heartbeat between the two units and can be numbered with either an IPv6
link local or RFC-1918 address. Other platforms may have the option for
Virtual Chassis, VSS, stacking, or similar technology that can conserve
address space compared to two independent and traditionally addressed
routers.
More information about the NANOG
mailing list