Inbound to public IP address during failover state. 1

[4DeanB]

Thanks for reading this post. I'm trying to configure a 2610 (with 2 possible connection paths to the Internet, a primary T1 and a secondary DSL) to allow inbound and outbound traffic to/from an internal mail server. I understand the floating static route concept for outbound traffic, however the WAN address of the mail server is set to a public IP address associated with the T1 IP block. The MX record is set-up with 2 weighted IP addresses, T1 as primary and DSL as secondary if T1 goes down. My problem is getting inbound traffic to the mail server in the event that the T1 does go down. The DSL has it's own public IP address(es) which I don't know how to route to the mail server address. The mail server is incapable of multiple (secondary) addresses. BGP is not an option, though I know it would be a solution.



T1(S0) DSL(e1)
|_________2610____________|
|e0
|
mail server

e0 12.x.x.1 /28
e1 65.x.x.2 /29
Mail server 12.x.x.2 /28


How can I make the 12.x.x.2 address reachable from the outside if the T1 should die?

 

[4DeanB]

No responders on this one? Is this an obvious impossibility?

4DeanB

 

[NetEng631]

Depends if you have links from the same ISP. If they are form the SAME ISP the internal ISP routing should take care of it. However, the fail over time may not be that great. It will depend on how the link fails. If it is not from the same ISP and you do not have no portable address space then yes your out of luck.

 

[gconnect]

the real question is how is your DNS setup? if the domain is resolved to the IP address alotted on the T1 link and the DSL link is from a different provider, then you maybe in for a bumpy ride......because the domain name (from the public's perspective will always resolve to the addy on the T1 link, and when it goes down, it's down.


if you have 2 different providers, then you may not want to waste your time reading the rest of this.....

if the DSL and the T1 is by the same provider then you may be in ok. you would need to buy 1 ip address for the mail server and attach it to a loopback interface. You would need to get with the DNS administrator to associate the mail server with this new IP Address. The public would need to resolve your mail server's name to the Loopback addy and you of course would need to reconfigure NAT with the loopback also with "ip nat outside". also, your provider would have to add a 2 routes (or policy routing) to their edge router to make it work.

on your providers edge router
ip route YOURLOOPBACK 255.255.255.255 YOURT1LINK
ip route YOURLOOPBACK 255.255.255.255 YOURDSL 254

so that when your T1 Goes down, traffic will go through the DSL link. if they are using BGP to talk to thier neighbors it may not be too big of a deal to them, but if they are not then they may gripe and not want to do this.

sounds like alot of work, but doable. all depends on the customer service of your service provider

-gC-