[afnog] PIX VPN & Backup Link Issues
Bernard Wanyama
bwanyama at linuxsolutions.co.ug
Thu Feb 24 18:38:00 EAT 2005
Hi,
> On Tue, 2005-02-22 at 13:59 +0300, Bernard Wanyama wrote:
> <SNIPPED>
> >
> > The question is, what is the easiest way of ensuring that traffic to
> > my /29 subnet is routed back in case the primary link is down and
> > I've engaged the backup link via ISP B.
>
> I think you would have to advertise your /29 prefix via both ISP A and
> ISP B, and have/accept default routes with different weights to both
> ISPs. That way, you would have both inbound and outbound failover.
>
> >
> > Remember that the /29 was obtained from ISP A. I also do not want to
> > run BGP just yet.
>
> I'm Not sure how you would have inbound failover without peering with
> both providers.
>
> Is this /29 part of a larger IP block 'owned by' ISP A?
>
Yes, the /29 is part of ISP A's block.
Peering via BGP is not what I can afford right now, I'm looking at
implementing the secondary link using ISDN DDR.
Maybe I have to re-design the VPN?
> Regards,
> Ezra.
> --
> To be sure of hitting the target, shoot first and, whatever you hit,
> call it the target.
>
>
>
--
Bernard Wanyama
Support Engineer
Linux Solutions
Kampala, UGANDA
Cell: +256 71 193979
More information about the afnog
mailing list