Forum Discussion

Nimbostratus

Feb 03, 2014

Data Center Failover

Hi, Am looking for some advice on the following. I have two data centers with F5's in both . Data centers are connected/routed across 2 x 10G links using a dynamic routing protocol. They are going to...

design

Cory_50405

Noctilucent

Feb 04, 2014

So the NAT that you are doing on your external firewalls, are you just doing destination NAT or also source NAT? If both, then the solution can be fairly easy. Just advertise the private NAT address space across the tunnel between sites so the firewalls know to push the traffic across to the other site to route back out to the Internet.

If just destination NAT, then you may need some kind of conditional route advertisement from your external router to your firewall. The logic of which would be if the BGP session with your ISP is up on your router (receiving default route or some other monitored route), then advertise the default route to your firewall. Do you already have a routing protocol setup between your router and firewall by chance?

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)