DUAL Internet Gateway - Need to achieve high availability,redundancy

Unanswered Question
Oct 22nd, 2008
User Badges:

Hi Experts,



I have Small Scenario. You guys can provide your view on this to come to a conclusion.


I have a multi-tier scenario, which has got two routers in the WAN Edge and the customer has got 1 set of public IP segment to host their public servers behind the firewall. The physical layout will look like ;



(public server)Dmz---- Firewall active (ASA)---2950 switch-IGW1-------internet


|FO-LINK |Trunk


Firewall standby (ASA)---2950 Switch ___IGW2------internet


Each of the IGW (Internet Gateway) has got two inbuilt giga interfaces; one is connected directly to the internet (MPLS) and another one connected to the switch. No direct connection between the IGW's.


Running OSPF between these ASA's and IGW's (Broadcast Network Type).Injecting default route on IGW's.


My OBJECTIVE here is to achieve high availability and box level redundancy and want to make use my both internet routers and connections.



1. What if I am getting internet connection from same provider? Is it possible to achieve high availability without doing any changes on the MPLS (PE) end? My internet traffic from inside to outside and our external traffic from outside to inside public servers…


2. If my service provider is ready to configure two different gateways to my public IP address on the PE? (One pointing to my IGW1 with Normal AD and Another one pointing to my second IGW2 with more AD).In that case, only one link will be used most of the time..


3. What if my ISP is ready to run any dynamic protocols between PE and CE (IGW's)? Which one is preferred OSPF or BGP?


Is there any other options are recommendation to follow on?



Regards,


Sak

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Giuseppe Larosa Wed, 10/22/2008 - 08:50
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Sak,

I'm not sure ASA can install both default routes if is so you can get redundancy but not load-balancing


there have been other threads about OSPF on ASA and it was noticed only one route was installed on ASA.


Hope to help

Giuseppe


Actions

This Discussion