We’re working on an data center design for a customer, and they’ve dropped in two ISP links - each with it’s own managed router and public IP space off one of the Ethernet interfaces.  The idea is that they want to use the Internet links in an active-passive setup without getting their own IP addresses to avoid running BGP with the ISPs.  To top it off, the headend of their control is an ASA cluster, so we wind up with two interface on the Internet to treat with a local security level.  Oh, the joys of doing network design.

Feel free to correct.

Study Questions

• What’s the most primitive way to get traffic destined to a single host to use a different path than your dynamic IGP dictates?

Use a static route.

• What’s the most primitive way to get traffic sourced from a single host to use a different path than your dynamic IGP dictates?

Use policy-based routing (PBR).

• What’s the most primitive way to get traffic sourced from a single host and destined for another host to use a different path than your dynamic IGP dictates?

Use PBR.