Hello,
I am getting handed a SINGLE 1Gbps Ethernet link from my ISP with a /24 block of public IPs. I have this coming by December. I am also looking into having backup provider within a year, so keep that in mind. I have several customers in my building I am going to provide internet access for. My question is how to provide all my customers a Highly Available default route for their firewalls?
I am going to be in control of my /24 of IPs, and I also have 2 Cisco 6509-Es with Dual Sup 720s I would like to use for this project.
My question is how do I split the single link from my ISP to feed into both 6509s? Do I need another switch? Obviously one with redundant power...
Do I then just bring the ISP links into the 6509s as access ports and create HSRP Vlan interfaces on each 6509? I would then point my customers firewalls to .2 IP address in my block.
My default route will be .1(ISPs Router) in my /24 block of IPs.
I am brainstorming this now to come up with the best config. Please any thoughts or ideas are welcome on how to accomplish this.
Hi William,
Having single ISP router and single connection to two inside facing switches.My view is to have one layer two switch in between the 3 devices and have single subnet running, So that you have HSRP running on 6500 switches for incoming traffic from ISP and you can have default router towards ISP LAN interface.
High Availability with single ISP you can maintain at device level like by having redundant PS.
When second ISP comes in picture you can connect the second ISP link also in the Layer 2 switch for connectivity.
You would be having two option either to run dynamic routing protocol with ISP router LAN interfaces running BGP for HA mode or static routing with IP SLA in 6500 for High availability mode in case of primary ISP goes down.
Hope it Helps..
-GI
Rate if it Helps..
