Hello experts! :)
Currently we are looking at replacing the Solaris-9 ipfilter box we have with a stronger box. But I was also exploring the idea of having some redundancy, ie, perhaps both servers to be active-active, or at the very least, active-passive.
The diagram looks like:
old:
* -> 192.168.30.1 -\
-> 192.168.1.1 -> Catalyst -> 192.168.1.197 -> ExtIP
* -> 192.168.xx.1 -/ (Cisco 3750)
(many more)new:
* -> 192.168.30.1 -\ /-> 192.168.1.197 -> ExtIP
-> 192.168.1.1 -> Catalyst
* -> 192.168.xx.1 -/ (Cisco 3750) \-> 192.168.1.198 -> ExtIP+1
(many more)Since the cisco at 192.168.1.1 has the default route for the entire setup, it would be nice to be able to set it to divide the load between the two Nat Solaris boxes running ipfilter.
I thought perhaps BGP with 2 default routes would work, but that seem to rely on AS numbers being different?
Should I look at VRRP ?
My strength lie in Unix and I haven't look deeply into Cisco capabilities, and the Networking Team say it can't be done.
Any pointers would be appreciated..
Lund
-- Jorgen Lundman | <[EMAIL PROTECTED]> Unix Administrator | +81 (0)3 -5456-2687 ext 1017 (work) Shibuya-ku, Tokyo | +81 (0)90-5578-8500 (cell) Japan | +81 (0)3 -3375-1767 (home)
