My Goals in life and more
Hey, thanks for sharing that to people!I have a question, though. You said you have to use two virtual routers. But I remember that once, many months ago, I tried to do the redundant V-shaped tunnel (one office has one ISP, another has two) using tunnel interfaces and different routing preferences, and it worked --- in one virtual router. I just made two different tunnels in both VPN devices (Juniper SSG-5).About load-sharing. I think if I make the routing preferences equal, then this is load-sharing tunnel (if both connections are active in the office with two connections; and maybe is ECMP needed, don't know), but if I make one of them higher, then this is active-passive redundancy.Or did you mean something else, in more general means or smth., why you had to use two virtual routers?
Hi,the problem is when your remote office doesn't have a static ip. which isp will the central site use to connect to remote ip? if you have 2 isp, you have 2 gateways.You can choose one, but then both vpn's are made over the same isp.When we have 2 vrouters i can make 2 default-gateways (in each vrouter for each isp).Now each vpn will use his outgoing interface (which is bound to vrouter) to send out packets. Because each vrouter has a default-gateway they can reach every destination ip.On the load-sharing topic. Only one route will be active. (even if there are 2 routes. (with ecmp you can tell how many routes he must make active with same preference and metric)hope this makes it clear.GreetZ
Post a Comment