WAN edge redundancy

JUSTIN LOUCKS · ‎04-25-2006

I am looking to add as much fault tolerance as possible. The ISP connected router has 2 GE ports coming off of the back which I was going run to 2 seperate switches for Internet connectivity of my firewalls, etc.

My thoughts were that although the circuit would be down if the ISP link drops, it would be protected against a single ethernet cable/port problem coming off of the router and against a switch failure for connection to my firewalls.

Can anyone suggest the best way to accomplish this? Since there is only one router involved, I don't think HSRP can be used to provide failover between the two ethernet links. Would I need to put a different IP on each ethernet interface and then have multiple default gateways on my firewalls and other Internet facing devices or is there a better way to do this?

Richard Burts · ‎04-25-2006

Justin

There are a couple of things to consider in deciding what would work and what is the best implementation. What kind of connection do you get from your provider? Is it a connection that can terminate in a switch? If it is a T1 there are not many switches that can terminate a T1.

There is another issue to consider and that is that if you are going to connect to a switch would the switch have more than one VLAN active? If there is more than one active VLAN what will do the inter-VLAN routing? If you are going to connect two interfaces from the router to the switch that normally would indicate two VLANs since the IOS will not let two Ethernet interfaces on the router be in the same subnet.

The connection from the ISP has an address. Would that address be on the switch or on the router?

So trying to provide the edge redundancy is a bit complicated.

HTH

Rick

HTH

Rick