If you do not want to go the complexity of running BGP and you still want to multihome your network to the Internet here's how to do it: Purchase and configure two egresses to the Internet via two different ISPs. Say that both edge routers are Cisco 3640's and both have a Firewall, say a Pix behind them for security. I emphasize that for this to work make sure both 3640s have at least two Ethernet or Fa ports each! Setup your default gateway on both 3640s to be each respective ISP next hop. Setup the default gateway of your Pix to its respective edge 3640 router. Setup a vlan on a switch, do not make any routers aware of that vlan...its only a local broadcast domain...kind of like using a hub. Say your primary Ethernet interface on both edge routers is E0/0. Patch both E0/1 interfaces on each 3640 to your local vlan so that they can communicate, don't forget to no shut these interfaces of course. Configure both E0/1 interfaces so that they are both in the same subnet, use a /30 bit mask so that there is never a possiblity for IP overlap.....you may totally forget about these interfaces..I warn you..I have on my network ; -). Now configure HSRP on Both E0/0 interfaces with each other's E0/0 as the stanby IP address. Your done! If ISP 1 dies, HSRP will kick in and spoof the mac of your other 3640. All traffic that hits your edge router pointed toward the dead ISP will be forwarded across your local vlan to your other ISP! This of course doesn't work if your are running a web server and you are NATing simultaneously like 99% of the world, however I have a workaround for that. Instead of registering with the A root DNS server the outside IP address of your primary 3640 as the resolution to www.yourwebpage.com. Pay a little extra for a fully meshed ISP to host a static page for you. Register this static page with Internic. Write the static page to do a JAVA redirection into your network. The ISP will have the headaches of running the BGP and even if their link to you fails, chances are that your static page that they are hosting will still be veiwable to the Internet. Simply write your JAVA redirector to have your secondary 3640's outside IP address as a mirror site for immediate redirection. John Squeo Technical Specialist Papa John's Corporation (502) 261-4035 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=20318&t=20318 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
