I'm about to embark on an interesting project with our UTM's. Just to give you an idea of the topology:
SITE A (primary) = 2x HA UTM SG330 with 50mb/50mb fibre to internet (ISP A)
SITE B (failover) = 2x HA UTM SG330 with 50mb/50mb fibre to internet (ISP B)
There is a 100mb PtP fibre connection between both sites which is used for replication etc.
Our other 50 satellite sites are connected via MPLS to both sites (100mb) but the primary internet connection for all is via SITE A UTM
I'm currently working on the routing so if SITE A connection fails, everything will reroute via SITE B > 100mb > SITE A and vice versa. But that's outside the scope of this.
What I want to achieve is:
Internet bound traffic enters via SITE A and is then balanced between SITE A UTM & SITE B UTM. Simple enough I think by linking both UTM's together via a separate vlan on the 100mb PtP SITE A > SITE B
But I also want to reverse this should the SITE A MPLS connection drop. I will take care of this routing but I would like to know what happens if all the traffic now enters via SITE B and internet bound traffic hit the SITE B UTM?
I assume I will need to enter another multipath rule to balance SITE B UTM with SITE A UTM?
But going back to things running normally, can I have both multipaths active at the same time or will this confuse the UTM's? What I mean by active is in normal use SITE A UTM balances with SITE B UTM. The SITE B UTM multipath rule is dormant because no internet bound traffic is entering via SITE B but only via the SITE A multipath rule. This dormant rule will only come alive when internet bound traffic enters via SITE B lan
This thread was automatically locked due to age.
