Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1125
Views
0
Helpful
2
Replies

how to design the ospf between the switch and firewall

raymond wang
Level 1
Level 1

‎09-22-2014 11:13 AM - edited ‎03-07-2019 08:50 PM

Hello All,

I have a question of the 2 core switch with 2 firewall connection. The 2 firewall is the cluster and both core switch has static default route to point to the firewall vrrp ip. My question is how to create the redundancy design for such conneciton. I plan to enable ospf between the 2 core switch. The problem is we do not enable ospf between the core switch and firewall and only has static route between them.

Since there is only ospf neighbor between the 2 core switch, if the link between the core1 to firewall failed, there is route issue since the statis is still point to the firewall.

Any idea?

 

Thanks!

Labels:
0 Helpful
2 Replies 2

Akash Agrawal
Cisco Employee
Cisco Employee

‎09-22-2014 12:22 PM

 

Cant we run ospf between switch and firewall. if not and we want to continue with static route then you can use track feature to check if firewall i reachable or not.

 

Example given in below link

https://sites.google.com/site/chaseerry/cisco-asa/static-route-tracking

 

Regards,

Akash

0 Helpful

raymond wang
Level 1
Level 1
In response to Akash Agrawal

‎09-22-2014 12:46 PM

no ospf configured on the firewall yet. IPSLA yes works fine. I am just wondering if the static route can be removed automatically if the next hop is not available on 7k. It looks like 7k/9k support it, but I never tested it...

 

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/6-x/unicast/configuration/guide/l3_cli_nxos/l3_route.html

 

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card