What device is acting as the Gateway of Vlans in your network? I am assuming a Distribution/Core layer used which can route to either of your WAN Routers.
Having your WAN Routers establish a dynamic Routing Protocol (i.e OSPF) with your Distribution/Core should smooth things.
The Primary WAN Router (the one with the Internet & MPLS circuits) can advertise a 0/0 plus remote networks towards the Distribution/Core layer.
The Secondary WAN Router (the one with the backup Internet circuit) can advertise another 0/0 but manipulated with a less desirable metric (Cost if OSPF is used).
When the Primary WAN Router loses the Internet connection, it can withdrawn the prefix 0/0 dynamically via the Routing Protocol. Once done the Distribution/Core layer can start adding the 0/0 which is coming from the Secondary WAN Router to its Routing Table. Distribution/Core should still be routing to the Primary WAN to the MPLS connection as more specific prefixes should still be received.
For this to happen Internet access needs to be monitored from the Primary WAN Internet Router by probing it or the 0/0 itself installs in its Routing Table be withdrawn. Probably the only way the later can happen is with the Firewall also withdrawing the dynamic route towards your WAN Router.
------------------------------
Hector Gustavo Serrano Gutierrez
------------------------------
Original Message:
Sent: 03-16-2022 09:45
From: NERI GARY CACATIAN
Subject: Dual Router Dual Internet Setup
the setup would be the internet ckt will go through a fw, while the MPLS traffic will be going via the sw. MPLS would just be use for inter site traffic.
In this case, would it be the fw who will handling the failover or the SRX routers can still influence the internet traffic priority?
PLease note that the secondary router doesn't have an MPLS ckt
thanks
------------------------------
NERI GARY CACATIAN
Original Message:
Sent: 03-15-2022 13:30
From: Hector Gustavo Serrano Gutierrez
Subject: Dual Router Dual Internet Setup
Hi!
How is your routing setup? Are you sending Internet traffic via your MPLS circuit? Or in the other hand, you are using the local Internet circuits keeping the MPLS to communicate with remote sites/colo/HQ?
Assuming the latter it boils down to how your distribution/core layer is routing to those WAN Routers.
You could have default routes 0/0 advertised from both WAN Routers to your LAN and have the Secondary WAN Router have its 0/0 advertised with a less preferred metric. You should also keep in mind that an important factor is making sure you WAN Routers are failing over upon noticing Internet is unreachable. Keep sending probes to the Internet and stop adversing a default route towards the distribution/core layer is an option. It depends in how your currently have your setup.
What is the order of preference you have in mind for this failover?
------------------------------
Hector Gustavo Serrano Gutierrez
Original Message:
Sent: 03-15-2022 08:31
From: NERI GARY CACATIAN
Subject: Dual Router Dual Internet Setup
The setup would be like, the the primary router has MPLS and internet. while the second router only has internet. the failover will only happen on the circuit not the entire router.
So i was thinking what would be the solution for this
------------------------------
NERI GARY CACATIAN
Original Message:
Sent: 03-14-2022 19:38
From: STEVE PULUKA
Subject: Dual Router Dual Internet Setup
Sounds like you want the second example starting on page 24 of the High Availability example guide.
https://www.juniper.net/documentation/en_US/release-independent/nce/information-products/pathway-pages/nce/nce0092-chassis-cluster-srx-configuring.pdf
------------------------------
Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home
Original Message:
Sent: 03-14-2022 17:27
From: NERI GARY CACATIAN
Subject: Dual Router Dual Internet Setup
Hi,
Just wanted ask on how to setup two juniper routers that will act in a active / standby setup?
thanks
------------------------------
NERI GARY CACATIAN
------------------------------