Policy Routing -Internet Architecture

jerry_best · ‎11-21-2008

Dear All,

Need Suggestion for following network design.

1. Using 3 diffrent Internet link in my network, for the same i am trying to achive Auto-failover and load balancing.

2. i have Three diffrent ip pools for Three diffrent ISP.

3. Using ISA as proxy server for some customers in my network. i have to NAT this ISA server.

4. for some customers they don't required ISA proxy server. so i have to send them directly for internet access.

5. i am using 400 series as core switches , i have 3600 and 7206 routers in my network and SSG 520 firewall(juniper).

6. thinking of using Core Switches-Firewall - Internet router as logical path. Will terminate all the internet links on my Internet router and Internet router will be physically connected to my core switch.

7. Do i need to configure IP SLA for this design for track all the Links?

Kindly advice.

Thanks and Regards,

Jerry

jerry_best · ‎11-24-2008

Hi All,

Can anyone help me ???

Thanks and Regards,

Jerry

tcordier · ‎11-24-2008

A drawing of your situation including devices and routing protocols would be helpful, it is not easy to understand what your topology looks like. However, if you terminate all 3 ISP links on one router, you could keep it simple, and point a default route from your firewall (and/or ISA server) to the router. The router could have three default routes to each provider, and load-share, or use BGP to determine the best path. Since you have a single egress router, I do not see right away the need, or use, to work with object tracking.

HTH, Thomas