Hello guys,
I'd like to have some help about an asymetric routing issue.
We subscribed to an IaaS OVH solution to deploy an active/active infrastructure. You can see an overview here : https://www.casimages.com/i/200819050333618224.png.html
We have one cluster of Palo Alto spread on two physical sites (by the OVH solution named vRack), so from a networking POV, this is one logical site. We have to use two routers (one for each public IP pool) in front of our Palo Alto cluster. The cluster of Palo Alto is reachable from a public IP on the left and also on the right by NAT rules.
The problem is that when one user reach the B site for example, the incoming trafic is routed on the Palo Alto cluster normally, but the outcoming trafic can possibly be routed to the A side as also the B side. We use static routing with the same weight on the Palo Alto.
May some of you have solutions and best practices to solve this kind of issue, please ?
Thanks in advance and I can give some further informations of course !
No comments:
Post a Comment