05-25-2020 12:22 AM
Hello all.
I have 2821 router with 2 ISP WAN connections with real IP addresses - main and backup. IOS 15.1(4)M12a
When main ISP is active I can't ping backup ISP interface IP address or access router from Internet. When main ISP is down backup interface is fully accessible.
Will you please help me configure router so I can use backup interface when main ISP is active.
My config
dot11 syslog ip source-route ! ! ip cef ! ! ! no ip domain lookup no ipv6 cef ! multilink bundle-name authenticated ! track 11 ip sla 1 reachability ! track 22 ip sla 2 reachability delay down 8 up 8 ! track 33 ip sla 3 reachability delay down 8 up 8 ! interface GigabitEthernet0/0 no ip address duplex auto speed auto ! interface GigabitEthernet0/0.20 description MAIN encapsulation dot1Q 20 ip address x.x.x.165 255.255.255.240 ip nat outside ip virtual-reassembly in ! interface GigabitEthernet0/0.21 description BACKUP encapsulation dot1Q 21 ip address y.y.y.182 255.255.255.0 ip nat outside ip virtual-reassembly in ! interface GigabitEthernet0/1 no ip address duplex auto speed auto ! interface GigabitEthernet0/1.30 description LAN encapsulation dot1Q 30 ip address 10.1.1.1 255.255.255.0 ip nat inside ip virtual-reassembly in ! ip forward-protocol nd ip http server ip http access-class 80 ip http authentication local ip http secure-server ! ! ip nat inside source route-map BACKUP interface GigabitEthernet0/0.21 overload ip nat inside source route-map MAIN interface GigabitEthernet0/0.20 overload ip route 0.0.0.0 0.0.0.0 x.x.x.161 track 22 ip route 0.0.0.0 0.0.0.0 y.y.y.1 170 ip route 4.2.2.1 255.255.255.255 x.x.x.161 permanent ip route 4.2.2.3 255.255.255.255 y.y.y.1 permanent ! ip sla 1 icmp-echo 8.8.8.8 frequency 10 timeout 10000 threshold 10000 ip sla schedule 1 life forever start-time now ip sla 2 icmp-echo 4.2.2.1 source-interface GigabitEthernet0/0.20 threshold 3000 timeout 3000 frequency 5 ip sla schedule 2 life forever start-time now ip sla 3 icmp-echo 4.2.2.3 source-interface GigabitEthernet0/0.21 threshold 3000 timeout 3000 frequency 5 ip sla schedule 3 life forever start-time now access-list 110 permit ip 10.1.1.0 0.0.0.255 any ! ! ! ! route-map MAIN permit 10 match ip address 110 match interface GigabitEthernet0/0.20 ! route-map BACKUP permit 10 match ip address 110 match interface GigabitEthernet0/0.21 ! control-plane ! ! ! ! mgcp profile default !
Thanks in advance.
05-25-2020 08:46 AM
Perhaps I am not clear on what you want to accomplish. The config establishes a primary outbound link (with track specified) and a backup outbound link (using a floating static default route). That is intended to have a primary link that is normally active and a backup link which is active only when the primary has failed. And it sounds like this is working.
Are you saying that you want to change the design and to have both outbound links active at the same time? If so that is fairly simple to accomplish. Change the static route using y.y.y.1 from floating static to regular static by removing the last parameter (170). If you do this then you will have 2 active default routes and the router will do load sharing using both interfaces. Is that what you intend?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: