Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
354
Views
0
Helpful
3
Replies

Cisco 3600 Router Issue - Secondary Route Programming

lesleek
Level 1
Level 1

‎05-09-2003 08:59 AM - edited ‎03-02-2019 07:14 AM

Can a Cisco 3600 router be programmed to route based on line condition? If so, how? Here is our situation...

Right now we are using one T1 circuit for all of our Internet traffic. Our Cisco 3600 router sends all traffic to our firewall, which acts as our default gateway (This is set up like: Gateway of last resort is 10.10.2.21 to network 0.0.0.0).

Instead of this, for redundancy reasons, we would like the 3600 to route all traffic to a NetScreen integrated firewall/VPN appliance on the T1 circuit. In the advent of a T1 failure/outage, however, we'd like the 3600 to send all traffic to another NetScreen appliance on a 256K circuit. This way, line downtime would be reduced, at least based on our part of the routing equation.

Somebody suggested that I do the following, but I seek verification before any changes are made:

“Simply use a "floating" default with a higher metric than the default.

Example:

ip route 0.0.0.0 0.0.0.0 <ip add1>

ip route 0.0.0.0 0.0.0.0 <ip add2> 20

If the T1 routing to the first address drops, the traffic automatically goes to the second one.”

I searched for clarification and found it odd that I could not find the "ip route" command in any of the system or CD documentation that came with this router. Here's my question: Where might I find information regarding this command, or should I be doing something else to achieve line redundancy via a secondary gateway of last resort?

I appreciate any and all help very much.

Labels:
0 Helpful
3 Replies 3

mark-obrien
Level 4
Level 4

‎05-09-2003 11:06 AM

Here is a link to the "ip route" command in Cisco's documentation.

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fiprrp_r/ind_r/1rfindp1.htm#1018065

Mark

0 Helpful

rjackson
Level 5
Level 5
In response to mark-obrien

‎05-09-2003 12:14 PM

I dont think the static routes will work for your case. They work when the router can detect that it cannot reach the next hop "ip route 0.0.0.0 0.0.0.0 next-hop-ip".

That usually requires that at least the primary wan circuit be directly attached to the router. That way when it goes down it will be dropped from the route table and the second static route will be used.

In your case the netscreens are separating the wan circuits from the router so there is no way the router can tell when they are down. In addition, the netscreens i have seen have two LAN interfaces so there has to be another router beyond the netscreen before the internet. In that case the netscreen cannot detect a down t1 either.

If your netscreens really have the wan interfaces then you need to look into whether the netscreens have a feature like cisco's hot standby router protocol. They would use this to tell each other, not the router, to failover and the backup netscreen would take over the gateway IP address that the router is forwarding to. This is a common firewall feature.

0 Helpful

lesleek
Level 1
Level 1
In response to mark-obrien

‎05-09-2003 02:35 PM

I appreciate the link very much, but I don't see any references to metrics in it. Do you know whether the idea that was proposed in my initial posting would work?:

ip route 0.0.0.0.0.0.0.0 10.10.2.21

ip route 0.0.0.0.0.0.0.0 10.10.2.22 20

It seems that the person who suggested this idea believed that a priority setting of 20 at the end of the secondary IP would work like an MX record priority setting in a DNS record.

I am new to routing, so please pardon my lack of knowledge.

0 Helpful
Customers Also Viewed These Support Documents