I hope one of you techies can help me with this problem.
I need to put in additional resilience into our network due to a problem we recently experienced.
We currently have routes out our network via two pix's (in a failover config) which connect to our providers two devices. The provider routes unfortunately come into our network via a single duct so a jcb on that single duct will cause an outage on both routes, as has happened in the past.
In addition we have another route via a 1Gb LES to a sister site and I want to configure my devices to send outbound traffic via this connection in the unfortunate but not altogether unlikely event our dual provider links were taken out.
Our sister site also has a similar configuration to ours -
The core/edge devices send all outbound traffic (via a default route) to the firewalls which have been configured with a static default route out to the providers devices.
Please advice as to how I would configure my devices.
1. Would I configure a second default route on my edge switches with a different metric?
2. Presumably the Pix would inform the Edge devices that the provider link had gone down, how? There is no routing protocol on the Pix's although there is OSPF on the edge devices. Would I need any additional configuration on my Pix's?
3. What configuration do I need to add to my LES switches? At the moment there is no connection from either LES switch to the provider devices as they are simply in place for intersite traffic.
4. On the sister site, what would I need to configure? Would I need an additional static route on their Pix's sending the failover traffic back.
I'm sorry I've asked so many questions, I am a bit confused and as always know I can rely on some good answers from this forum.
Please let me know if you require any further clarification.