Incoming Traffic hit only backup

Saed Eldin · ‎04-01-2017

Dears

I need your support. We have two internet traffic " on primary and other secondary" .All my outgoing traffic hits main link , but all incoming traffic hits backup link.

Both of Routers " Primary and Secondary" have static IP to next hop " Service provider". From LAN , we have internet Firewalls point to Primary RTR as main and secondary RTR as a backup , and we have track if any issue happen on main the traffic will be forward to backup " this only for outgoing" . Is there any method to control incoming internet traffic to force incoming traffic to hit primary RTR instead of Secondary.

Thanks

chrihussey · ‎04-01-2017

You could talk to the ISP to see if they can prefer you're desired primary link in their routing.

Another option would be to BGP peer with the ISP. If you did that you could influence how they route to you with AS-path prepending or something of the sort.

If the links to the ISP are equaI I suppose a third option would be to switch your preferred outbound path to the other firewall.

Hope this is of some help.

Saed Eldin · ‎04-01-2017

Unfortunately we don't have BGP , only static. For outgoing we have full control and we can force all outgoing traffic to select primary link . My issue only incoming traffic.

Thanks

chrihussey · ‎04-01-2017

The ISP should be able to adjust their routing to accommodate your needs.

chrihussey · ‎04-01-2017

One final thought. You could put one or a pair of routers between the ISP and your firewalls and control the routing yourself. A little more complicated and added cost, but just another solution.

Regards