Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

routing to the Internet for multiple points

What problems if any could be caused by configuration like this? I have an ISP provided IP subnet which my host are addressed from however I route the traffic from these hosts to the via a second ISP's router. I do not have enough IP addresses from the second ISP to address.

So if tracert from the internet to one of these host it goes through in original ISP's router however if I traceroute from a host on that subnet it traces through the second ISP router.

Are there any problem with this it seems to work?

3 REPLIES
Bronze

Re: routing to the Internet for multiple points

What you have is asyncronous routing. This is quite OK but you can run into problems if your traffic runs through a firewall which expects to see the session traffic in both directions. If your setup is working, you obviously do not have this.

Silver

Re: routing to the Internet for multiple points

That should say "asymmetric routing." And while it works, you do need to be careful, because not only do you need to keep your firewalls behind where your two streams finally merge on your side, but if your 2nd ISP does not route to you with the 1st ISP's addresses, then when they put in reverse path filtering to counter IP spoofing (block any packet with a source address which would not be routed out the interface it came in on) you will be disconnected.

Good luck and have fun!

Vincent C Jones

www.networkingunlimited.com

New Member

Re: routing to the Internet for multiple points

There is no problem with the way it is working, but are you advertising your routes out the second ISP? If so, are they accepting them? If you are...there should be some traffic originating from the internet and coming in thru ISP B.....If not, then you can only send traffic out ISP B.

The reason you want ISP B to route your address is if ISP A fails....ISP B will pick up the slack......if ISP B isn't receiving your routes then there is no failover in your network.

171
Views
0
Helpful
3
Replies