Hi,
I'm trying to create a redundant environment for
HA. my setup is like this
100.x.x.1 10.x.1
10.x.x.2
ISP1 ---- FW1 ------------| DMZ
| |
LAN
| Server
| |
ISP2 ---- FW2
------------| here
200.x.x.1
10.x.10
On my DMZ server I specify defalut route from
both the FW:
ie : route 0.0.0.0 10.x.x.1 AND route
0.0.0.0 10.x.x.10
Now I saw strange behaviour, some time request
commig from FW1 lost or some time from FW2 lost.
What could be the reason of this? As I
could understand that if request come from FW1 with the real IP (not
10.x.x.) and replies goes back from FW2 (b'cuz system have two
default route) then I lost It can't reach
FW1 client.
I'm accessing Database in my DMZ.
How I can solve this problem?
Thanks
Gm
|