Routing issue

15/05/2006, 15h47

I have two firewalls/gateways to the internet. The PRIMARY is 10.0.0.1
and
the SECONDARY 10.0.0.2.

I have a server with an address of 10.0.0.10

The server has it's gateways setup as 10.0.0.1 with a metric of 1 and
10.0.0.2 with a metric of 50.

If/when the primary firewall is down then incoming mail servers try to
access 10.0.0.10 via the SECONDARY route but the as the server has the
PRIMARY firewall as the default route the incoming mail cannot get
through.

This is not so much of a pain with email, we have other services that
are
more critical and this is causing an issue.

Any suggestions???

Thank you.

Richard

15/05/2006, 18h04

In article <1147704427.030830.317720@j73g2000cwa.googlegroups .com>,
<rich.nw3@btinternet.com> wrote:
>I have two firewalls/gateways to the internet. The PRIMARY is 10.0.0.1
>and
>the SECONDARY 10.0.0.2.

>I have a server with an address of 10.0.0.10

>The server has it's gateways setup as 10.0.0.1 with a metric of 1 and
>10.0.0.2 with a metric of 50.

>If/when the primary firewall is down then incoming mail servers try to
>access 10.0.0.10 via the SECONDARY route but the as the server has the
>PRIMARY firewall as the default route the incoming mail cannot get
>through.

I wouldn't really call that a TCP/IP question: it's a networking
question, best answered by people who know something about your
firewalls and about your routers (and about your server OS.)

There are several possible ways to proceed.

Possibly the easiest of them would be to not set static routes on the
server, and to instead have the firewalls emit default RIP routes with
different metrics. When the primary firewall went down, the route that
it was presenting would time out, and the route being presented by the
secondary would then become the only known route and the server would
start using that.

There are a number of other ways of varying levels of complexity,
and the best one to use depends upon your budget, expertise,
and what kinds of problems you are trying to solve by having
multiple gateways.

I recommend that you read through the white papers written by
Vincent C. Jones, which are available on his company web site,
http://www.networkingunlimited.com/

15/05/2006, 15h47	#1
rich.nw3@btinternet.com Messages: n/a Hébergeur:	Routing issue I have two firewalls/gateways to the internet. The PRIMARY is 10.0.0.1 and the SECONDARY 10.0.0.2. I have a server with an address of 10.0.0.10 The server has it's gateways setup as 10.0.0.1 with a metric of 1 and 10.0.0.2 with a metric of 50. If/when the primary firewall is down then incoming mail servers try to access 10.0.0.10 via the SECONDARY route but the as the server has the PRIMARY firewall as the default route the incoming mail cannot get through. This is not so much of a pain with email, we have other services that are more critical and this is causing an issue. Any suggestions??? Thank you. Richard

15/05/2006, 18h04	#2
Walter Roberson Messages: n/a Hébergeur:	Re: Routing issue In article <1147704427.030830.317720@j73g2000cwa.googlegroups .com>, <rich.nw3@btinternet.com> wrote: >I have two firewalls/gateways to the internet. The PRIMARY is 10.0.0.1 >and >the SECONDARY 10.0.0.2. >I have a server with an address of 10.0.0.10 >The server has it's gateways setup as 10.0.0.1 with a metric of 1 and >10.0.0.2 with a metric of 50. >If/when the primary firewall is down then incoming mail servers try to >access 10.0.0.10 via the SECONDARY route but the as the server has the >PRIMARY firewall as the default route the incoming mail cannot get >through. I wouldn't really call that a TCP/IP question: it's a networking question, best answered by people who know something about your firewalls and about your routers (and about your server OS.) There are several possible ways to proceed. Possibly the easiest of them would be to not set static routes on the server, and to instead have the firewalls emit default RIP routes with different metrics. When the primary firewall went down, the route that it was presenting would time out, and the route being presented by the secondary would then become the only known route and the server would start using that. There are a number of other ways of varying levels of complexity, and the best one to use depends upon your budget, expertise, and what kinds of problems you are trying to solve by having multiple gateways. I recommend that you read through the white papers written by Vincent C. Jones, which are available on his company web site, http://www.networkingunlimited.com/

Outils de la discussion
Afficher une version imprimable Envoyer un lien vers cette page par email