How do you build dynamic failover routes

Unanswered Question
Jun 15th, 2010
User Badges:

I am trying to build redundancy in our network, and have run across an issue. I have traffic coming into my network from multiple satellite offices, they are coming into 3 different firewalls (non-Cisco) and if one of the firewalls goes down I would like my Cisco 3750 to point the traffic going to the one that is down to one of my other firewalls. How would I do that dynamically?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jon Marshall Tue, 06/15/2010 - 12:35
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN


You would run a dynamic routing protocol between your 3750 switch and the firewalls. If the firewalls are non-cisco you could use OPSF between the firewalls and the 3750 switch.

You would need the IP services image ie. not the IP Base image on the 3750 to run OSPF.


djh278778 Tue, 06/15/2010 - 16:23
User Badges:

Another option you could explore if you want to avoid dynamic routing would be the use of "object tracking". With the use of either the "ip sla"/"rtr" (depends on ios) and the "track" commands, your device can monitor and track the reachability state of a host on the internet for example, and force down your primary default route (routes have to be created with different metrics) thereby forcing your secondary route into the route table and so on. You can also track the state of the interfaces but this doesnt always help because the outage could be downstream and your switch interface would still be "up" to your firewall. Check out the resources for Cisco RTR, IP SLA, or object tracking online.


This Discussion

Related Content