Changing HA-IP-Address over L3 Link

Hi Guys!

I got the following challenge I do not have a solution actually an dI appreciate any tips.

 

image

 

Referring to the Picture:

- Firewallcluster is connected to two Routers via L3 or L2 (with SVI) link

- If one Firewall fails (detected via HA link) the Ip-Address that is facing the routers (192.168.1.1) is MOVES from FW1 to FW2.

- As there is no L2 connectivity via the L3 conected routers this is kind of issue here.

 

My Idea:

- Work with IP sla tracks and inject the routes into the backbone with the "track" option. But the limit for IP SLA is 1second for an ICMP timeout. I want to implement subsecond here.

 

Does anyone has an Idea here?

Thanks in advance!

 

Regards!

Markus

Comments

Sign In or Register to comment.