03-29-2007 12:14 PM - edited 03-05-2019 03:11 PM
Hi all, im at my new job now, they seem to have a load balanced internet connection, 2 x 2mb, behind these 2 routers sits one firewall, what will be the most likely config of the internet routers ? as there is a default route on the firewall just to the outside interface !
03-29-2007 12:42 PM
Carl,
Ideal scenario is:
1. Firewall points to HSRP VIP which presents
both routers (with two firewalls MHSRP is
the best way to go for loadbalanicing)
2. If load balancing based on the source, then
on the primary router should be PBR
sending these sources to the second router
link.
3. If no BGP running between edge and ISPs
then statics with tracking objects is a
way to go.
HTH,
OW
03-29-2007 12:56 PM
it says on my diagram protocol based load balancing, but how can this be achieved if there is no static route on my firewall, the route on my firewall is just pointing to its outside interface, any ideas ?
03-29-2007 01:00 PM
Carl,
I don't see any diagrams. What firewall is
that ? Do you have any configs to post ?
Thx,
OW
03-29-2007 03:46 PM
hi, they are cisco 1700 internet routers, the firewall is a symantec one. routers and firewall all have external ip address and sit on the same switch
03-29-2007 10:04 PM
Carl,
Protocol based load-balancing is morever reffreing to Policy based routing and using one router for HTTP,FTP traffic and other router for mail or some other traffic. OW has pointed out the same in his post earlier.
HTH,
-amit singh
03-30-2007 01:10 AM
Thanks Amit, so how would this work with my firewall? there is no route to either router from my firewall, and will the pbr be from the isp inbound or from my internet routers going outbound ?
03-30-2007 05:35 AM
Carl,In that case there shouldb be routes on the firewall towards both the routers.The PBR will be from your internet routers going outbound.The routers will decide to route the packet based on the source traffic and will act as backup to ach other.
HTH,
-amit singh
03-30-2007 12:55 PM
would I just do 2 default routes from my firewall in this case, and how would these internet routers failover if they each have there own pbr ?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: