• February 24, 2025, 01:10:51 PM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: Connecting DFL800 to a HSRP (Cisco) connection  (Read 4797 times)

kmdxb

  • Level 1 Member
  • *
  • Posts: 8
Connecting DFL800 to a HSRP (Cisco) connection
« on: June 04, 2010, 10:47:04 AM »
Our hosting center has provided us with 2 network feeds that come from a cisco system using HSRP.

IP space = 192.168.1.120/29
192.168.1.120 = Subnet address
192.168.1.121 = Used as HSRP VIP
192.168.1.122 = Used as physcial IP for HSRP
192.168.1.123 = Used as physcial IP for HSRP
192.168.1.124 = for customer use
192.168.1.125 = for customer use
192.168.1.126 = for customer use
192.168.1.127 = Subnet broadcast IP

They have said we should use 192.168.1.121 as our default gateway, and have the firewall accept data sent to .124, .125 and .126

Although only using one DFL800 at this point, can we connect both feeds into it giving at least a bit more resiliance should one of the feeds fail for some reason. The hosting center can't help with this, they don't know the DFL800. We use all three of the <for customer use> ip's and have them setup on WAN1 (using ARP entries and entries in the routing table) - how can we also get them on WAN2 such that if the feed to WAN1 fails then WAN2 can take over automatically?

As it stands I don't think we can add a second DFL800 for this as we use the DMZ port which I believe would be required to be used as a link between both devices. (We can't use VLAN's to split up the LAN ports - not permitted under the security rules we have to follow so the stuff on the DMZ connection has to stay there)

Can we actually use both of these feeds or are we going to just have to use one of them and ignore the other?

Logged

Fatman

  • Level 9 Member
  • ****
  • Posts: 1675
Re: Connecting DFL800 to a HSRP (Cisco) connection
« Reply #1 on: June 04, 2010, 11:20:23 AM »
We can set up failover routes and whatnot, but we can not directly support participating in HSRP.

That said if you are not participating in HSRP (which it doesn't look like you are) then just use the virtual IP and all will be fine.  Adding another physical interface from the DFL can be done, but it won't add resiliency in any meaningful way.  You would need a second path out for that.
Logged
non progredi est regredi

kmdxb

  • Level 1 Member
  • *
  • Posts: 8
Re: Connecting DFL800 to a HSRP (Cisco) connection
« Reply #2 on: June 05, 2010, 04:34:09 AM »
The DFL800 won't be actually doing anything in regards to the HRSP - just trying to use both of the connections.

It gives resiliance in the form that if for whatever reason the hosting centers primary router fails, the secondary one will come up and be used instead. It might not only be because of unexpected failure, one router may be taken off line for upgrades etc. The hosting center has already done all the work relating to multiple feeds in from different carriers.

Logged

blessani

  • Level 1 Member
  • *
  • Posts: 7
Re: Connecting DFL800 to a HSRP (Cisco) connection
« Reply #3 on: June 05, 2010, 03:55:48 PM »
Have a look at this guide: ftp://files.dlink.com.au/products/DFL-860/REV_A/SetupGuides/How_to_set_WAN_Failover.pdf

Then when creating your arp entries, use the new interface group (that combines wan1+wan2) for defining the public IPs.

Then create the relevant SATs.
Logged