[c-nsp] Floating Static Routes on the FWSM

[Ramcharan, Vijay A]

What would make the FWSM take the primary static route out of its
routing table?  

There is no facility to check availability of next hop to my knowledge
so you would need to be able to shut down the primary outgoing interface
on the FWSM before the floating static would be preferred (I'm assuming
that's what would happen if the outgoing interface were shut down).
However since you are using the same outgoing interface for the floating
static route shutting down the interface is not an option. 

The only other possible options are using hsrp/vrrp on the next hop/s if
you can and get rid of the floating statics; or running dynamic routing
on the FWSM (pretty sure dynamic routing cannot be used if multiple
context mode is also being used) if it's in single context or single
firewall mode. 

 
Vijay Ramcharan  
  
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Hash!!!
Sent: December 31, 2007 06:51
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] Floating Static Routes on the FWSM

Hi guys 

 

 

Please has anybody successfully achieved redundancy with floating static
routes on the fwsm. I have this routes added on the blade but have the
following dowbts.

 

1.       I see the two routes in the routing table .I thought I am to
see
the one that is in the FIB (Routing table-with the lowest AD)

2.       If I shutdown the primary gateway i.e 10.122.136.99 I am unable
to
reach the network through the secondary gateway.

3.       Is there any limitation to this feature ?

 

 

route inside 10.122.128.1 255.255.255.255 10.122.136.99 1

route inside  10.122.128.1 255.255.255.255 10.122.136.98 2            

 

TIA

 

Hash 

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/