How to automatically re-route internet traffic?

Unanswered Question
Sep 24th, 2009

Whats the recommended solution to automatically re-route traffic destined for the internet and re-route incoming traffic from the internet. We have two sites and an internet link at each site. At the moment we just have a static default route which is redistributed in to EIGRP at each site which points to the internal address of our Checkpoint firewall.If one of the links fail we have to disconnect the external connection and remove the static route, which takes time and send traffic in to a black hole.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
trackme Thu, 09/24/2009 - 22:29

There are two things you need to take care of

1. Automatic failover for outbound traffic ie send the traffic coming from your LAN to internet.

2. Automatic failover of incoming traffic ie traffic coming from Internet to LAN

For the first thing you need to setup in your internet router with two default gateways with different priority. If the primary fails, the secondary will kick in and all traffic will go out via that.

If you have BGP, we can set wieght statement to prefer primary and secondary automatically.

For the second thing, if you need truly 100% automatic failover then you need to do BGP with the service providers. In that case internet will prefer will one and if that fails, traffic will come via secondary automatically.

if BGP is not possible, then its little bit tricky as we need to do some route maps and NATting etc which may increase the CPU.

Hope this helps


This Discussion