fault tolerance

Unanswered Question
Dec 22nd, 2007

I've got Internet leased line from two ISP's which is terminating to single router one is on fe0/0 and other is on s0/0, so can i get fault tolerance.

my design is as : LAN connected to firewall internal interface, firewall external interface connected to router with lan ip given by say ISP1.

so anybody got any idea on this...

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (2 ratings)
tk95439 Thu, 12/27/2007 - 14:11

If you just want your local users to have a fault tolerant internet connection you're pretty much set. You would just need to configure 2 default routes on your internet router, one to your primary ISP and one to your secondary. To avoid asymmetric routing use floating static routes and set the secondary route to a higher administrative distance then the primary. Then set your default route on the firewall to point to the router. Just remember you won't be using your secondary ISP unless your primary goes down.

If you need to balance your traffic between the two links or if you need fault tolerance for inbound connections things get a bit more complicated. I won't go into detail but here are a couple of options:

• Use a device like a Radware Linkproof to manipulate NAT and DNS. (For load balancing and inbound fault tolerance.)

• Talk BGP with your providers. (This usually is costly and complicated)

I'm currently using the smoke and mirrors approach (DNS and NAT) but it's defiantly not ideal if you want your solution to scale.


This Discussion