What would make the FWSM take the primary static route out of its routing table?
There is no facility to check availability of next hop to my knowledge so you would need to be able to shut down the primary outgoing interface on the FWSM before the floating static would be preferred (I'm assuming that's what would happen if the outgoing interface were shut down). However since you are using the same outgoing interface for the floating static route shutting down the interface is not an option. The only other possible options are using hsrp/vrrp on the next hop/s if you can and get rid of the floating statics; or running dynamic routing on the FWSM (pretty sure dynamic routing cannot be used if multiple context mode is also being used) if it's in single context or single firewall mode. Vijay Ramcharan -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Hash!!! Sent: December 31, 2007 06:51 To: [email protected] Subject: [c-nsp] Floating Static Routes on the FWSM Hi guys Please has anybody successfully achieved redundancy with floating static routes on the fwsm. I have this routes added on the blade but have the following dowbts. 1. I see the two routes in the routing table .I thought I am to see the one that is in the FIB (Routing table-with the lowest AD) 2. If I shutdown the primary gateway i.e 10.122.136.99 I am unable to reach the network through the secondary gateway. 3. Is there any limitation to this feature ? route inside 10.122.128.1 255.255.255.255 10.122.136.99 1 route inside 10.122.128.1 255.255.255.255 10.122.136.98 2 TIA Hash _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
