Quote:
Originally Posted by baldy3105
ok so it will look something like this -
int f0/0
ip address 10.0.0.1 255.255.255.0
desc **** connection to firewall dirty side ****
int s0/0
ip address 192.168.0.1 255.255.255.252
desc **** wan connection to ISP ****
router ospf 1
network 10.0.0.0 0.0.0.255 area 0
redistribute static metric 50
ip route 0.0.0.0 0.0.0.0 192.168.0.2
So only the lan side will run ospf but the ospf process will bring the static route in as long as its a valid route. If the interface goes down then the route becomes invalid and the route will be withdrawn.
Don't forget that this approach only works for outgoing traffic that is load balanced on a per session basis by the internal router, which is the fella that will be making the routing decisions. You should have your public facing servers on a DMZ off the firewalls so incoming sessions will be unaffected by the load balancing.
|
Looks embarrassingly simple.
Thanks. I've seen this done many times in several of m y very own books, but I guess I never understood it correctly.
I think that should solve the problem nicely. If I could give you points, I'd give you the max available. Half for helping me out, and the other half for not letting me argue an incorrect point to my engineer.