Chris_Miller
Mar 11, 2010Altostratus
iRule dependent on Link Availability
I'm currently using Link Controller to load balance ISPs. Due to the complications of IPSEC, I've had to do a config like this.
1. Pool containing IPSEC device with ip 1.1.1.1
2. VS created for IPSEC ports/protocols with public ip 2.2.2.2
3. ISP Routers are 2.2.2.1 and 3.3.3.1
4. SNAT pool created containing 2.2.2.2
5. Since IPSEC initiates some traffic, iRule created with following logic:
if client ip is 1.1.1.1, use snat pool 2.2.2.2 and use pool with 2.2.2.1 link
To make this redundant, I'd like to do the following.
1. Create VS for IPSEC ports/protocols with public ip 3.3.3.2
2. Create SNAT pool containing 3.3.3.2
3. Configure inbound wideIP which currently contains VS 2.2.2.2 to use 3.3.3.2 as a fallback IP.
4. Create an iRule that basically says, if link 2.2.2.1 is down, snat to 3.3.3.2 and use outbound link 3.3.3.1
What are my options here?