Dual ISP/Dual Firewalls configuration...

Unanswered Question
Aug 5th, 2009
User Badges:

I am in the process of configuring our network with dual internet connections through separate firewalls using different ISP carriers. We will be using BGP for inbound traffic, but how do I configure our outbound traffic for internet failover? I am running OSPF internally on all the core switches. Our current internet connection is in our Data Center 1 (as noted in the drawing) and the 2nd, proposed, connection will be at our Headquarters. I want the traffic to go through Data Center 1 and if there is an issue, failover to the Headquarters ISP. I currently have my gateway of last resort routes mapped to the Data Center 1 connection. I assume I need to remove those routes and let OSPF handle default routes? Any help will be greatly appreciated. TIA.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
ildavide72 Wed, 08/05/2009 - 16:22
User Badges:


I'm only a CCNA student, so I can make a mistake..

But I try to give you my solution.

You probably configured the boundary router of Data Center 1 as the gateway of last resources whit the link to ISP as exit interface.

The OSPF has an Administrative Distance of 110

If you put a default static route on this gateway ( to the Headquarter exit )

with command ip route you can set 111 as Administrative Distance ( not using 1 as default)

this route won't be the best route untill the link from data Center 1 and ISP is up.

If this link fails the default route will be added in the routing table.


This Discussion