No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Association Between IP-Link and PBR on a USG2000&5000

Publication Date:  2019-07-03 Views:  170 Downloads:  0

Issue Description

Association between IP-link and PBR on a USG2000&5000

Handling Process

Configure PBR on a USG2000&5000:

1. Networking requirements

 

The enterprise has two links (ISP1 and ISP2) to connect departments A and B to the Internet. The two links share the traffic and can back up each other to ensure service continuity.

The requirements are detailed as follows:

a. Department A resides on network segment 10.1.0.0/16 and its packets pass through link ISP1 in normal cases.

b. Department B resides on network segment 20.1.0.0/16 and its packets pass through link ISP2 in normal cases.

c. The links of departments A and B are mutually backed up. If the link (active link) of a department is faulty, traffic is switched to the link (standby link) of the other department.

 

2. Configuration roadmap

 

The roadmap for configuring PBR to associate with IP-link is as follows:

a. To balance traffic on different links, configure PBR based on source IP addresses, so that packets from department A pass through ISP1 and those from department B pass through ISP2.

b. To ensure the continuity and mutual backup of links at which departments A and B reside, perform the following:

(1) Configure PBR to interwork with IP-link. IP-link monitors the reachability of the active links of departments A and B. If an active link fails, PBR becomes invalid. The firewall searches for standby routes to ensure service continuity.

(2) Configure static routes from department A to link ISP2 and from department B to link ISP1 as the backup routes of departments A and B. IP-link monitors the reachability of the standby links of departments A and B.

END