dual static next hop to the same dest

Unanswered Question
Jul 13th, 2007

what will happen if i have the ff command on my perimeter router

ip route 10.0.0.0 255.0.0.0 192.168.1.1

ip route 10.0.0.0 255.0.0.0 192.168.1.2

192.168.1.1-firewall 1

192.168.1.2-firewall 2

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Fri, 07/13/2007 - 02:12

Hi

Your permimeter router will load balance between the 2 firewalls. Whether it does it per packet or per destination depends on how you setup the router.

You need to be careful with this as you may well get asymetric routing - goes out one firewall and comes in the other. If your firewall are active/active this may not be a problem but it could be if you are running in active/standby.

HTH

Jon

Actions

This Discussion