Routing issue - TCP-IP

This is a discussion on Routing issue - TCP-IP ; I have two firewalls/gateways to the internet. The PRIMARY is 10.0.0.1 and the SECONDARY 10.0.0.2. I have a server with an address of 10.0.0.10 The server has it's gateways setup as 10.0.0.1 with a metric of 1 and 10.0.0.2 with ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Routing issue

  1. Routing issue

    I have two firewalls/gateways to the internet. The PRIMARY is 10.0.0.1
    and
    the SECONDARY 10.0.0.2.

    I have a server with an address of 10.0.0.10

    The server has it's gateways setup as 10.0.0.1 with a metric of 1 and
    10.0.0.2 with a metric of 50.

    If/when the primary firewall is down then incoming mail servers try to
    access 10.0.0.10 via the SECONDARY route but the as the server has the
    PRIMARY firewall as the default route the incoming mail cannot get
    through.

    This is not so much of a pain with email, we have other services that
    are
    more critical and this is causing an issue.

    Any suggestions???

    Thank you.

    Richard


  2. Re: Routing issue

    In article <1147704427.030830.317720@j73g2000cwa.googlegroups. com>,
    wrote:
    >I have two firewalls/gateways to the internet. The PRIMARY is 10.0.0.1
    >and
    >the SECONDARY 10.0.0.2.


    >I have a server with an address of 10.0.0.10


    >The server has it's gateways setup as 10.0.0.1 with a metric of 1 and
    >10.0.0.2 with a metric of 50.


    >If/when the primary firewall is down then incoming mail servers try to
    >access 10.0.0.10 via the SECONDARY route but the as the server has the
    >PRIMARY firewall as the default route the incoming mail cannot get
    >through.


    I wouldn't really call that a TCP/IP question: it's a networking
    question, best answered by people who know something about your
    firewalls and about your routers (and about your server OS.)

    There are several possible ways to proceed.

    Possibly the easiest of them would be to not set static routes on the
    server, and to instead have the firewalls emit default RIP routes with
    different metrics. When the primary firewall went down, the route that
    it was presenting would time out, and the route being presented by the
    secondary would then become the only known route and the server would
    start using that.

    There are a number of other ways of varying levels of complexity,
    and the best one to use depends upon your budget, expertise,
    and what kinds of problems you are trying to solve by having
    multiple gateways.

    I recommend that you read through the white papers written by
    Vincent C. Jones, which are available on his company web site,
    http://www.networkingunlimited.com/

+ Reply to Thread