WEB Servers
|
Firewall (Customer Z VRF)
10.20.20.1 | | 10.10.10.1
| |
Switch
/ \
/ \
(20.2) A B (10.2)
| \ / |
| / \ |
RR-1---Core-2 Core-1----RR-2
| |
ISP-1 ISP-1
There are two redundant links from Dist-A and Dist B,to firewall,and
redundant links from Dist-A and Dist-B to Core-1 and Core-2, firewall want
to prefer Dist-A rather than Dist-B pointing static route with high AD to
B to remote sites located on other end of ISP.Am receiving routes from
another end (behind ISP) from active Core 1 and core-1 is passing routes to
Dist-A and Dist-B,
Customer Z VRF Firewall want the traffic to be from the interface 10.20.20.1
for webservers,when applying static routes for webservers on Dist-A and
Dist-B the static route on B pointing to 10.20.20.1 will it work or traffic
will be blackholed??? give me alternate solution or any link with example
configuration that link between Dist-A and firewall shld be active and the link between Dist-B shld be standby.
Dist-A
ip route vrf customer Z 100.100.100.0 255.255.255.0 10.20.20.1
ip route vrf customer Z 100.100.100.0 255.255.255.0 10.10.10.1 2
Dist-B
ip route vrf customer Z 100.100.100.0 255.255.255.0 10.20.20.1
ip route vrf customer Z 100.100.100.0 255.255.255.0 10.10.10.1 2