Aruba & ProVision-based
cancel
Showing results for 
Search instead for 
Did you mean: 

Multiple Routes - How to use as Failover

 
Tobisfr
Occasional Contributor

Multiple Routes - How to use as Failover

We have two branch offices, both with HP 5406RZl2 as Core Switch.

The branch offices are connected by radio relay with 1GBs. For failover there is an low bandwith VPN Site-to-Site between both firewalls.

How can we handle that the core-swichtes primary route the the traffic between our branch offices over the radio-relay? And if the radio-relay is down (next hop not reachable or Interface is down), it should be routed over the firewalls?

10 REPLIES 10
parnassus
Honored Contributor

Re: Mulitple Routes - How to use as Failover

Does the radio relay link appear just like a cable from the point of view of both cores or it involves some routing? In other terms, is it transparent to both Switches with respect to Firewalls links that are the next hops, each one for its site?

Vince-Whirlwind
Honored Contributor

Re: Mulitple Routes - How to use as Failover

Sounds to me like you have a Layer2 link between the two cores, and presumably routes on each telling them which subnets are on the other.

And it sound like the backup link is via a point-to-point subnet between each core and its local firewall.

So it sounds like you need to add static routes onto each core for each remote subnet pointing at the local firewall with a higher adminstrative distance. eg,

Core1: 10.1.0.0/16
      link to firewall: 10.1.0.1 <----> 10.1.0.2

Core2: 10.2.0/16
      link to firewall: 10.2.0.1 <----> 10.2.0.2

Link between cores 10.0.0.1 --> 10.0.0.2

Core1 has routes:
10.2.0.0/16 --> 10.0.0.2 10
10.2.0.0/16 --> 10.1.0.2 20

Core2 has routes:
10.1.0.0/16 --> 10.0.0.1 10
10.1.0.0/16 --> 10.2.0.2 20

Tobisfr
Occasional Contributor

Re: Mulitple Routes - How to use as Failover

Yes the radio link can be seen as a cable.

So I can do this with the administrative distance.

In your example:

If core1 can't reach 10.0.0.2, it would route all trafic to 10.1.0.2

Vince-Whirlwind
Honored Contributor

Re: Mulitple Routes - How to use as Failover

If the radio link goes down, then 10.0.0.2 disappears, so yes, it should then use the higher distance route.

16again
Respected Contributor

Re: Mulitple Routes - How to use as Failover

Maybe it works like this:
If the radio link goes down, the ethernet port where it's connected (or the VLAN) will stay up!!
Although 10.0.0.2 is no longer reachable, there still is a connected route for 10.0.0.0/24 , and the switch/router/hosts attached will keep ARP-ing for 10.0.0.2.   Only if 10.0.0.1 interface goes down, the connected 10.0.0.0/24 route disappears, and backup VPN route will become active

Vince-Whirlwind
Honored Contributor

Re: Mulitple Routes - How to use as Failover

Agreed. radio links can be a bit tricky because they have active equipment in the path.

Tobisfr
Occasional Contributor

Re: Mulitple Routes - How to use as Failover

Do I have any other options to handle this?

If the radio link is down ( for example due to the relay station is not working), the link state of the interface will still be "up", only the ip-adress on the other site is not reachable.

 

 

parnassus
Honored Contributor

Re: Mulitple Routes - How to use as Failover

Multiple (let me say Dual, at first) WAN Routers?
Give a Dual WAN Router the duty to manage your links' failover.
Generally a Dual WAN Router provides a lot of control about balancing/failover mechanisms between WAN links...
Vince-Whirlwind
Honored Contributor

Re: Mulitple Routes - How to use as Failover

Specifically, you might want to use interface tracking, which I'm pretty sure the 5406 can't do.