Williamhawk "Straight Flush that I Folded"
Joined: 29 Sep 2017 Posts: 197
|
Posted: Thu Nov 02, 2017 4:13 am Post subject: Tying a Route to Multiple Tracked Addresses. Possible? |
|
|
Hii...
I’m wondering if anyone knows of a way to do this: I have a customer’s ASA firewall that has two ISP connections; a primary and a backup. I have the default gateway tied to an SLA track that monitors the 8.8.8.8 address, keeping the gateway pointed to the primary ISP if that address responds and failing to the backup if it fails. (Pretty standard tracked object route failover.)
The problem I had yesterday is that something happened on the local ISP’s backbone that black holed that specific 8.8.8.8 address. I got around it temporarily by shifting to the 8.8.4.4 address, which was responding.
So failover worked as it should have, but the result was that for a few hours they were running on their slower backup link, despite the fact that the primary was actually working. Not great for a retailer on December 21st.
Does anyone know of a way to do this where the firewall would track say 2 or 3 different addresses and only lose the route if all of them failed? Something like a track pool where you put all tracked objects in the pool and they all have to fail before the pool fails?
Thanks..!
For More Details:
product videos |
|