Ok - only solution we could come up with pending better customer information
or a better design idea:
Internet-----edgerouter-------firewall--------inside
Recall that there are two internet connections terminating on the edge
router.
Policy routing on the edge router interface connecting to the firewall.
inbound to the edge router )
Extended access-lists to identify an categorize the customer internet-bound
traffic
Policy routing implemented using a route-map which refers to the
access-lists
Howard's point was interesting - issue of redundancy being, perhaps,
misunderstood. The RFI specifically mentioned failover if one or the other
interfaces was down..
Here's where I am not sure even policy routing will assure failover. Packet
matches a policy, if forwarded to the designated interface. That path is
down - packet dropped? I'm pretty sure that's how it works. So no automatic
failover in the design above.
So - now what?
Chuck
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Chuck Larrieu
Sent: Tuesday, April 10, 2001 11:07 PM
To: [EMAIL PROTECTED]
Subject: Design Challoenge - a bit off topic [7:195]
Howard's comment brings to mind a problem my Design Engineer raised when
responding to a customer RFI.
Howard's comment: . (Pause for usual mystification on why someone wants
routing protocols to pass through
a firewall, a fairly frequent question).
The customer RFI stated requirement ( wording as best as I can remember ):
Solution will entail two internet connections, a T1 and a DSL. Routing will
be configured such that priority traffic will use the T1 connection, and
ordinary internet browsing will use the DSL connction.
Lindy and I were having a real good laugh about the vagueness of the
requirement, when we decided to try to come up with a solution. We came up
with a number of questions for the customer to elaborate upon, and a
possible solution. Would anyone else care to use this as a test of design
issues?
If memory serves, the customer defined "priority" traffic as e-mail and
connectivity to a certain external web site.
So:
1) what are some of the questions the customer still needs to answer?
2) What are some possible solutions to this requirement?
( assume the T1 and the DSL terminate on the same router )
Chuck
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=348&t=195
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
