Create a Post
Showing results for 
Search instead for 
Did you mean: 

R81.10 and dual internet uplinks



currently running R81.10 JHF 66 on VSX platform.  One of the instances is an internet uplink.  So one internal interface, one public interface and acting as a gateway to INETA.

Challenge : upgrade the internet uplink to INETB with as less downtime as possible

Need to new uplink to be on another interface as fibre requirement.  Catch : a block of public ip's is routed to the public ip of the interface leading to INETA.  I need some time to migrate these to public ip's of INETB.

Is it possible to have two uplinks active?  And i don't mean isp redundancy.  One to INETA and one to INETB. 

Default gateway will be to INETB.  This will cover internet access for internal users.

Access to the block of public ip's for INETA also needs to be active.  This is basically only for those specific devices.  This boils down to : there are two seperated nat translation tables needed for this to work.  Each tied to their respective INET interface.   Or perhaps one global nat translation table which also keeps record of which public interface trafic came in.

I'm not sure if this is possible.


A picture always says more ...


0 Kudos
2 Replies

Yes, the main thing is making sure the routing is configured correctly. 

There is only a single NAT rulebase and it doesn't factor in the interface the traffic came in on.
SecureXL does track this, so it might work the way you want.
If it's at all possible to lab this up, I'd do it to validate this configuration works the way you'd expect. 

0 Kudos

It would work ok except that reply packets from servers NAT'd to INETA IPs would go via INETB. Not necessarily a problem but if it causes issues could be resolved with some creative PBR. 

0 Kudos


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events