[c-nsp] Dual Homing
Antoine Monnier
mrantoinemonnier at gmail.com
Wed May 14 08:37:02 EDT 2014
what traffic to you use to test this? The load-sharing algorithm may be
sending all traffic to the same path if all the the traffic has the same
source and destination IP address.
Moreover, have you checked that one of those routes disappear from your
routing table when the first link is down?
ip route 172.21.200.32 255.255.255.224 192.168.10.1 tag 1
ip route 172.21.200.32 255.255.255.224 192.168.10.5 tag 1
If you have a default-route, your equipment could be doing a recursive
lookup for 192.168.10.1
you could try this instead:
ip route 172.21.200.32 255.255.255.224 vlanXY 192.168.10.1 tag 1
ip route 172.21.200.32 255.255.255.224 vlanYZ 192.168.10.5 tag 1
but it may only help if your L3 vlan interface goes down when your physical
link goes down.
On Wed, May 14, 2014 at 11:36 AM, Darwis Herman <magic.hand at live.com> wrote:
> Dear Daljit,
>
> The ACL hits showing that customer's gateway successfully reached ISP's
> end (C4500). That is just a control mechanism that will make sure only
> allowed IP can travel thru back to ISP.
>
> I don't have the control over Fortigate. The customer told me that that
> Fortigate configured with primary and secondary WAN link. It will sense the
> availability of links. If primary is down, it will divert to secondary.
>
>
>
> Dear Bruce,
>
> Yes, as of the ACL, ISP controls the inbound, Fortigate controls outbound
> from customer end.
>
>
>
> What is required in this setup is, 172.21.200.32/27 can travel thru both
> links at any point of time. Not necessarily load balanced.
>
>
>
>
>
> Best Regards,
>
>
>
> Darwis Herman
>
>
>
>
>
> “This is 10% Luck, 20% Skill,
> 15% Concentrated Power of Will, 5% Pleasure, 50% Pain And a 100% Reason
> to Remember The Name!”
>
>
>
> > Date: Wed, 14 May 2014 01:02:34 -0700
> > From: bep at whack.org
> > To: magic.hand at live.com; cisco-nsp at puck.nether.net
> > Subject: Re: [c-nsp] Dual Homing
> >
> > Darwis Herman wrote:
> > > Dear Gurus and Friend,
> > >
> > > I am seeking a little help on my setup as below:-
> > >
> > >
> > > /-----------1st Link (C4500)----------\
> > > ISP --------
> ---------------------- CUSTOMER (Fortigate 200B)
> > > \-----------2nd Link (C4500)----------/
> > >
> > >
> > > Current Setup:-
> > >
> > > Customer is having 2 connection to a same ISP.
> > > ISP assigned both links with 2 VLANs with point-to-point (/30) IP
> addresses for gateway termination.
> > > ISP also assigned a pool of /27 public IP addresses to CUSTOMER.
> > > CUSTOMER requires the /27 public IP to be accessible from both links.
> > >
> > >
> >
> > What are you expecting out of the C4500's? ISP controls the inbound.
> > Fortigate controls the outbound.
> >
> > --
> > =========
> > bep
> >
> >
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list