Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

LINUX failover between two default gateways - more details



Thank you for your help.

That is definitely my first choice. I would love to have the two
Cisco's share a VIP that I could use as the default gw. 

But I oversimplified the problem. The Ciscos are actually PIX's. And
right now they are clustered. But we are moving one to another building
to support two ISPs (one coming into each building) for redundant
connectivity. 

The PIX's will be in two physically separate buildings. My
understanding is that the two clustered PIX's need to be wired together
directly. This is not possible here.

What I'm trying to accomplish is that servers in the DMZ that share a
VLAN between the two PIX's will still have a default gateway if one
goes down. So if a server in one building loses the PIX there, it'll
still have the PIX in the other building as a default gateway.

If I am wrong, PLEASE correct me. Clustering the PIX's is how I want to
solve this. But I think that I'll have to do the failover on the
servers.

Your help is greatly appreciated.

--- Derek Atkins <warlord at MIT.EDU> wrote:
> Yea, clustering the two Ciscos into one virtual box would work
> as well.  As Derek says, you'd have to share one IP address.
> 
> -derek
> 
> "Derek D. Martin" <ddm at pizzashack.org> writes:
> 
> > At some point hitherto, Derek Atkins hath spake thusly:
> > > You need to use dynamic routing on the client.  Look at gated.
> > 
> > That's an option, but also many Cisco products have failover
> > capabilities built into them.  IOW you can link them together, and
> the
> > secondary will automatically take over for the primary if it fails.
> > The IP of the gateway will float between them, and generally
> they'll
> > each have their own IP as well.
> > 
> > IMO this is the better way to solve the problem, because you don't
> > have to worry about (re)configuring dozens or hundreds of clients
> > correctly to deal with the redundancy.  Just point them all at your
> > one gateway IP, and let the routers do the rest.
> > 
> > -- 
> > Derek Martin               ddm at pizzashack.org    
> > ---------------------------------------------
> > I prefer mail encrypted with PGP/GPG!
> > GnuPG Key ID: 0x81CFE75D
> > Retrieve my public key at http://pgp.mit.edu
> > Learn more about it at http://www.gnupg.org
> > _______________________________________________
> > Discuss mailing list
> > Discuss at blu.org
> > http://www.blu.org/mailman/listinfo/discuss
> 
> -- 
>        Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
>        Member, MIT Student Information Processing Board  (SIPB)
>        URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
>        warlord at MIT.EDU                        PGP key available
> _______________________________________________
> Discuss mailing list
> Discuss at blu.org
> http://www.blu.org/mailman/listinfo/discuss


__________________________________________________
Do You Yahoo!?
Yahoo! Greetings - Send FREE e-cards for every occasion!
http://greetings.yahoo.com




BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org