Force a return Source Route

[squad133]

My network consisist of 2 internet connection respective 2600 routers and pix 515's . Once on the inside of my pix's I have 2 more 2600 routers that control 2 internal networks with different subnets. Both routers are the same with 3 ethernet interface cards. The 2 routers are conected together to allow each internal network to see each other. My goal is to allow internet traffic from one internet connection to come in, crossover the internal routers to the other network and access services on that network in case of failure of the second internet service. So far I can get the traffic to come in Internet A service to my first internal router, crossover to my other subnet router, ping the machine, but here is the problem. Instead of the traffic following back across the router to the orginal source, it follows the default gateway and out Internet B. How can I make it follow the same way out as it came in? I can see ping request come in one PIX and the replies on the other PIX.

The trace of this would look like this:

Internet A >>> 2600 Router >>>> PIX 515 >>>>>> 2600 Router/Network A >>>>> 2600 Router/Network B >>>>> Server. The return needs to follow the reverse route of this.

 

[tschouten]

What routing protocol are you using? You would need to use CIDR for that to really work. OSPF, or EIGRP would be your best bet for the routing protocol.

Would love to know exactly how everything is connected.

2600,eth0---eth1,pix

etc, etc

Would help me get a better idea.

 

[squad133]

Right now, there are no router protocals being used, just static routes. Here its how everthing is connected:

Network A
Internet > 2600 > PIX > 2621 (E1/0 to pix, E0/1 to Network B, E0/0 to Network A, S0/0 and S0/1 Point 2 Point T1's, load balanced to remote office)

Network B
Internet > 2600 > PIX > 2621 (E1/0 to pix, E0/1 to Network A, E0/0 to Network B) No Serial's in use.

Network A and B talk to each other via the E0/1 on each of the 2621's. The default gatway on each of the 2621's is the E1/0 port to there respective Pix's. Static statements allow access throught he Pix's to certain machines and ports. I also have traffic that comes from the remote office into Network A and B.

I can get a packet from Internet A to a machine on Network B, I just can't get the packet to go back out Internet A, the 2621 on Network B grabs it and sends it out it's default gateway.

 

[tschouten]

What is the easiest way to explain this....Your router only knows the route to the block of addresses you have shown it with your static maps. You are most likely using different Class blocks of IP addresses. So the router an network B will not know what lies behind Router on netowrk A. So the packet becomes something the router on Network B doesn't know how to handle, causing the Router to choose the Gateway of Last Resort.

I would suggest using a Routing Protocol or re-examining your static maps and make sure you have a map going back accross the whole network.