Brett,
In the scenario described, the FW would not know that the router
had died. This is a problem that HSRP is intended to solve. You
would run HSRP on the 2 external routers and have a single default
route to the HSRP IP address. If the primary router fails, the
secondary router will assume the IP and MAC of the primary router.
The other ways you could solve this would be:
1) run a routing protocol on the FW
2) have the FW arp for every destination (you can do this by
pointing its DG to its own IP for most OSes) and have the 2 outside
routers supply their address for every destination using proxy-arp
3) use some sort of load-balancing device such as Alteon,
Arrowpoint (cisco), BigIP, etc.
Simplest answer is to use HSRP on the outside routers.
Regards,
Kent
On 9 Apr 2001, at 11:45, Brett Johnson wrote:
> I have a general question about the following scenario:
>
> If I have two ways out to the internet using two different routers.
> These two routers and the firewall are connected to a switch. If I
> use a default route on the firewall with one path having a lower cost
> then the other, the firewall should forward the packets down that
> path. Now if the router in the preferred path crashes, will the other
> path become active. In other words how would the firewall know that
> the router is down. The firewalls link is still active because it is
> connected to another device (the switch), it isn't using a 'dynamic
> routing protocol'. So why would the firewall go to the other default
> route? (We could substitute another routers instead of a firewall in
> this scenario.)
>
> Thank you.
>
> Brett Johnson
> Nondisclosure violations to [EMAIL PROTECTED]
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
