[f-nsp] Routing problem

[David Lawson]

Hi guys,

 

A Foundry newb here, but having a major routing issue.

 

We put an RX-16 into place last night and all seemed good as we tested
inbound and outbound routes to the system from various points around the
country.

 

However, this morning, several diverse locations are unable to access the
system.  We have a *very* simple (maybe too simple) setup.

 

We have port 1/1 and 3/1 connected via HSRP to the ISP.  We have ports 1/2
and 3/2 connected to a firewall.  All ports are in a Layer 2 VLAN ID 4000.

 

We have two internal public subnets (one /24 and one /28) that are supposed
to *route* to the ISP, so we simply added the IP of the routed interface to
1/1 and then added a static route for all traffic (0.0.0.0/0.0.0.0) to point
to the ISP.  This seemed to work in the initial tests, but now hundreds of
users are blocked by our system, seemingly from certain ISPs.

 

Have we committed a routing faux pas by using the static route as our
default gateway?  Any help is appreciated.

 

Thanks,

David Lawson

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/foundry-nsp/attachments/20120321/bb39c291/attachment.html>