Hi All,
I have a network setup in mind which I want to deploy.(attached network design).
I have 2 WAN links, 1 x 50Mb and 1 x 4Mb (just a simple everyday internet connection).
Behind each WAN link there is a firewall. Just a simple model, nothing exotic. Not able to do a routing protocol.
Behind the Firewalls I have our L3 core switches which have all the SVI's configured and shared by HSRP. For some vlans core A is active, for some core B is active, depending on the WAN link the traffic has to use. Each Core switch has a default route to it's connected firewall. So traffic arriving on coreswitchA is passed on to firewall A and so on...
I want also to build in redundancy. When eg. Firewall B fails, I want all traffic to pass through Firewall A. I can do this by interface tracking on the uplink to the firewall on both core switches. Then decrementing the HSRP priority in order to let the active SVI's from coreswitch B fail over to coreswitchA
Now when the WAN B link itself is down the firewall B stays active, I do not have interface tracking available to do the failover, the firewall B interface will stay up on core switch B when WAN link B is down.
Is there an other way to track an ip a few hops further?
Any suggestion how to deal with this problem?
Thanks,
Best Regards,
Joris
