cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1239
Views
0
Helpful
6
Replies

Dual-homed active/standby, with single Public IP per ISP

Fabot
Level 1
Level 1

Dear Cisco Community,

One of our customer has the following business need:
Currently, the customer has one border router with three ISPs. As usual, each ISP delivers only one public IP address to that router. However, there is an emerging need to have second router at the border. This new router will work only as standby, and it will take over just in case the primary router has failed.

The question here is about the usage possibility of just one public IP address given by the ISP, which would be shared virtually by these two routers, using a FHRP protocol, like HSRP (Cisco) or VRRP (IETF) to the WAN (ISP).

On this sense, is it possible to use a FHRP, configuring the single public IP address as a Virtual IP, which could be shared by these two border routers, for the WAN side (ISP faced)? If for some reason, it would be not possible, is there another known aproach for this kind of scenario?

1 Accepted Solution

Accepted Solutions

I review it 

SW connect ISP to both hsrp routers with one public IP from ISP dont work.

You need to use router instead of SW and NATing 

Then connect this router to both hsrp routers.

View solution in original post

6 Replies 6

balaji.bandi
Hall of Fame
Hall of Fame

depends on how your network Look like - if you have any rough diagram share to suggest better

Most Industry use case IP SLA and fail over - or you can also use both the link if you like to using PBR and Fail over method

some guidance below document can help you :

https://www.cisco.com/c/en/us/support/docs/ip/ip-routing/200785-ISP-Failover-with-default-routes-using-I.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Dear @balaji.bandi,

Follows in attachment the network topology with the WAN side, facing ISPs.

 

is this real or Lab environment.

You have different Failure scenarios here, Router and Firewall

so If you can add another ASA Interface connecting to other Router you can make Fail over

Also wroth adding switch between Router ASA  FW also decent change to meet the requirement.

If the Router to ASA  have Private IP then, that where you add Switch and introduce HSRP

check below example to help you

https://www.balajibandi.com/?p=1932

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Add any router connect it to ISP and do NATing  then connect this routet to other hsrp routers.

Using one public ip not work for any fhrp.

MHM

Dear @MHM Cisco World,

I just uploaded the network topology. Please take a look at it.

I review it 

SW connect ISP to both hsrp routers with one public IP from ISP dont work.

You need to use router instead of SW and NATing 

Then connect this router to both hsrp routers.