Good afternoon, we are updating our core soon. We are currently relying on static routes on the core to push traffic bound for AWS to an ISR that handles the AWS Direct Connect circuit. We have vpn's on our firewall that stay inactive, however, in the event of a disaster we can manually turn the VPN's on and change the static route for the AWS network to the firewall instead of the ISR. This honestly sucks for failover. We have discussed rolling out OSPF when we do our refresh\update. I am just now dipping my toes into dynamic routing. Is it possible to configure OSPF to forward traffic out the VPN link instead of the ISR in the event of an outage? From my understanding, this can be done with BFD along with OSPF. In you all's opinion, what would be the preferred way of handling this?
No comments:
Post a Comment