This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

BGP setup - additional IPs only bound to one interface?

Hello.

I am working with BT to replace an existing 100Mbps circuit with 2 new 100Mbps failover circuits for redundancy.  I have been using UTMs for some time now but am fairly new to BGP.

The new circuits are installed and I have both configured with a test UTM.  I've managed to setup the BGP Neighbors and can ping in and out on both subnets (each circuit has a /30 subnet assigned).  This all seems to be working.

However, I'm failing in my attempts to use an additional /29 subnet for internal servers.  I have added them as additional addresses, and configured NAT rules, and announced them via BGP.  This works great, I can access a test web server and FTP server externally no problem.

The problem I have is when I pull the cable for the primary circuit to test failover.  After that I can no longer access any addresses in the /29 subnet.  It's probably because the IP can only be assigned to one interface, which now has no connection.  Also, outbound traffic fails - possibly because only one interface can have a default gateway?

Have I missed something simple?  Is there a way to have these extra IPs accessible on either interface?  Or should I enable something like link aggregation, or uplink balancing?

My goal is to have my internal servers available on these additional IPs, without any manual intervention, if either circuit fails.

Thanks for any help you can offer.  I'm using version 9.702-1.  More information or screenshots can be provided.



This thread was automatically locked due to age.
  • FormerMember
    0 FormerMember

    Hi  

    Thank you for reaching you to the Community! 

    Do you have multiple WAN interfaces configured on the UTM?

    Are those additional addresses configured on the same circuit that you are removing cables to test the failover?

    Thanks,

  • Hello.

    Thanks for the reply.  Yes, I have two WAN interfaces, one for each 100Mbps circuit.  Each circuit has its own /30 subnet (which I am not really using).

    The 3rd subnet I want to use is assigned to the one interface, as I can't assign it to more than one, but I want them to be available regardless of which WAN connection is being used.  Isn't that the point of BGP?  I need my internal web servers, mail servers, etc to be accessible whether WAN1 or WAN2 is active.