Deploy HA pair with two separate gateway

jindok42jindok42 Member ✭✭
in System
I have a HA pair AX, I want to load balance for Farm servers and DMZ servers (one AX primary for Farm, standby for DMZ, the other one primary for DMZ and standby for Farm). The problem is, there's two different gateway for server in Farm and server in DMZ in this case, no VRRP in gateway router because they work independently. Please advice me how to overcome this issue?

Comments

  • [Deleted User][Deleted User]
    edited February 2014
    A couple questions.

    1. What version of code is running on the AX?
    2. Are you using separate VLANs to segment the traffic?
  • jindok42jindok42 Member ✭✭
    edited February 2014
    I am using version 2.4.x and separate VLANs to segment the traffic
  • [Deleted User][Deleted User]
    edited February 2014
    The best way to accomplish this is to use a default route for the DMZ return traffic and static routes for the remainder of the traffic.

    Example
    ip route 0.0.0.0 /0 10.1.1.254 (for DMZ)
    ip route 10.0.0.0 /8 10.0.0.254 (for Internal traffic)

    You may have to alter the second route to fit the networks you're trying to route to, but this should work for your deployment. There are other options that require a code upgrade to 2.6.1p4, but this should be your first option.
  • jindok42jindok42 Member ✭✭
    edited February 2014
    There're too many of subnets for DMZ and Internal and it is too complicate. I upgraded to 2.6.1 -p4 to create two partition in this case, this is good option for me. Thanks jraasch
  • [Deleted User][Deleted User]
    edited February 2014
    Great to hear that application delivery partitions worked for you as that is the best and cleanest option.
Sign In or Register to comment.

© Copyright 2024 - A10 Networks Community - All Rights Reserved. | Legal