If you create a scenario like this, you can perform the automatic failover:
<pre>
+————+
| |
IF 1 / — — \ IF 2
/| |Lo1| |Lo2||\\
/ | — — | \
// +————+ \
/ \\
/ \
+—-/—-+ +—–\—+
| | | |
| | | |
+—-+—-+ +—-+—-+
| |
| |
| |
| ISP | ISP
| 1 | 2
| |
| |
| |
| |
+—-+—-+ +—-+—-+
| | | |
| | | |
+—-\—-+ +—–/—+
\ /
\ /
\ /
\ /
\ /
\ +————+ /
\| |/
\ — — /
IF 1| |Lo1| |Lo2||IF 2
| — — |
+————+
</pre>
Build your VPN tunnels from IF1 to IF1 and IF2 to IF2
Then build GRE tunnels from Lo1 to Lo1 and Lo2 to Lo2 (GRE for Lo1 routed over VPN for IF1 / GRE for Lo2 routed over VPN for IF2)
give a higher routing metric to your secondary route than that of your primary route. If your primary route goes down, your secondary will automatically take over.
This is the easiest solution – If this doesn’t work, there are other solutions (if you are in a cisco environment) – but they are more complex.
Discuss This Question: