cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1272
Views
6
Helpful
3
Replies

Router on a stick - Bad idea?

jaimewalker
Level 1
Level 1

Hi,

Aside from with VLAN trunking where you use sub-interfaces, has anyone ever implemented a router on a stick design where traffic is routed back through the port it entered the router on?

I have 2 x ASA's on my LAN and want to route traffic to different networks through different ASA's. My servers currently have static routes telling them which ASA to take to reach the network intended. Is it possible to add a router onto the LAN, make it the default gateway for the servers and then put static routes on the router identidying which ASA data should go through to reach a specific network? Is that bad design? Do I need to introduce a new network between the router and the ASA's??

3 Replies 3

Jon Marshall
Hall of Fame
Hall of Fame

The main issue with using routing on a stick is possible bandwidth contention on the router interface where you are doing the 802.1q encapsulation depending on how fast that interface is.

So if it is a 100Mbs interface and you have 2 server vlans they will have to share 100Mbs of bandwidth. That's why a layer 3 switch is usually a better option in these instances.

If bandwidth isn't an issue then there is no reason why you couldn't do what you want and this would allow you to consolidate the static routes onto the router.

Jon

Sorry, I think I may have described the problem poorly. I am not using dot1q trunking. I have a single network 192.168.123.0 with ASA No1 192.168.123.254 and ASA No2 192.168.123.253. I crurrently use ASA No1 as the default gateway for my web servers but they need to reach some networks via ASA No2 so I have added static routes onto the server e.g 172.16.11.0 via 192.168.123.253. I was hoping to add a router on to the network on 192.168.123.252, make this the default Gateway and put the static routes on the router rather than the servers. This router would only have one network cable plugged into it and traffic would hairpin back out the connection that it came in on. The ASA's, router and Servers would be connected via a single switch.

I have tried this before and the web servers were intermitantly available. Since making the ASA the default gateway things have been fine but I need to route to some places via the other ASA.

Richard Burts
Hall of Fame
Hall of Fame

jaime

There are probably aspects of your environment which we do not know which might affect the answer. But based on what you have given us so far I do not see any need to introduce a new network. Probably the main issue that comes to mind is whether the amount of traffic through the interface might begin to overload the interface. Without knowing what the traffic levels are and what kind of router and what kind of interface then we are not in a good position to advise on this detail (but for most networks this would not be an issue).

HTH

Rick

HTH

Rick
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: