02-23-2006 01:56 PM - edited 03-03-2019 01:59 AM
If I have two ways to the internet and one goes down, is the only way to send users out to the internet through a floating static route? Such that,
ip route 0.0.0.0 0.0.0.0 10.10.10.1
ip route 0.0.0.0 0.0.0.0 10.200.10.1 100, where the 100 allows the static default route to be replaced when the primary route is down? How would the router know when a static route is down?
Solved! Go to Solution.
02-24-2006 03:13 AM
Hi,
If you are running a relatively new IOS (12.3(8)T, I believe) you can use the reliable static route backup feature. This feature allows you to detect failures downstream from your ethernet connection.
Here's a sample config:
Replace
interface Ethernet 0
description Main Link
ip address 10.1.1.1 255.0.0.0
!
interface Ethernet 1
description Backup Link
ip address 192.168.1.1 255.0.0.0
!
ip sla monitor 1
type echo protocol ipIcmpEcho
timeout 1000
frequency 3
threshold 2
!
ip sla monitor schedule 1 life forever start-time now
!
track 100 rtr 1 reachability
!
access list 101 permit icmp any host
!
route-map LOCAL_POLICY permit 10
match ip address 101
set ip next-hop 10.1.1.254
set interface null0
!
ip local policy route-map LOCAL_POLICY
!
ip route 0.0.0.0 0.0.0.0 10.1.1.254 track 100
ip route 0.0.0.0 0.0.0.0 192.168.1.254 254
Hope that helps - pls do rate the post if it does.
Paresh
02-23-2006 02:10 PM
Hi,
What you have suggested is certainly one way of doing it ? The trick is to ensure that your primary static route does go down when your link breaks. With links such as ethernet links, the physical interface may remain up although the connection itself is broken. In such cases, you need to use a reliable static route backup option where you use track objects to track reachability through the link.
However, if what you have is a couple of serial links, the idea of using floating static routes will work perfectly well.
The other alternative is to run BGP with your provider.
Hope that helps - pls rate the post if it does.
Paresh
02-23-2006 02:22 PM
Hello,
If your primary default route should always reachable via a particular interface you can include that in the static route statement - so if that interface goes down - your floating static will be effective.
Hope that helps.
Regards,
James
02-23-2006 05:43 PM
Thanks for the input. As usual I left key information out of the question, such as the ethernet interface part. I can't use BGP as neither ISP is willing to do BGP. I guess what I'm asking is how to make ethernet interfaces know when a neighbor isn't reachable. It's not very often that an ethernet interface goes down, it's usually a serial interface further down the line that goes down, then I usually go in manualy to change the default route.
Once again, thankyou.
02-24-2006 03:13 AM
Hi,
If you are running a relatively new IOS (12.3(8)T, I believe) you can use the reliable static route backup feature. This feature allows you to detect failures downstream from your ethernet connection.
Here's a sample config:
Replace
interface Ethernet 0
description Main Link
ip address 10.1.1.1 255.0.0.0
!
interface Ethernet 1
description Backup Link
ip address 192.168.1.1 255.0.0.0
!
ip sla monitor 1
type echo protocol ipIcmpEcho
timeout 1000
frequency 3
threshold 2
!
ip sla monitor schedule 1 life forever start-time now
!
track 100 rtr 1 reachability
!
access list 101 permit icmp any host
!
route-map LOCAL_POLICY permit 10
match ip address 101
set ip next-hop 10.1.1.254
set interface null0
!
ip local policy route-map LOCAL_POLICY
!
ip route 0.0.0.0 0.0.0.0 10.1.1.254 track 100
ip route 0.0.0.0 0.0.0.0 192.168.1.254 254
Hope that helps - pls do rate the post if it does.
Paresh
03-31-2006 01:10 PM
Paresh, is there a link where your example comes from explaining what each command does?
I am considering implementing the above with Serial as primary path and ethernet as secondary path with IPsec (over Internet). Just need to understand it a bit more.
03-31-2006 01:22 PM
Here is the link:
http://www.cisco.com/en/US/products/sw/iosswrel/ps5413/products_feature_guide09186a00801d862d.html
Pls do remember to rate posts.
Paresh
03-31-2006 04:37 PM
IOS 12.3(14)T I beleived replace "rtr" with "ip sla" command. Do you have a link with sample configuration similar to the above (i.e primary and backup link) using ip sla command instead?
If not, can you convert the above using ip sla? Thanks.
03-31-2006 06:01 PM
Here's a config I use - you will need to adjust it for your requirements;
Replace
interface Ethernet 0
description Main Link
ip address 10.1.1.1 255.0.0.0
!
interface Ethernet 1
description Backup Link
ip address 192.168.1.1 255.0.0.0
!
ip sla monitor 1
type echo protocol ipIcmpEcho
timeout 1000
frequency 3
threshold 2
!
ip sla monitor schedule 1 life forever start-time now
!
track 100 rtr 1 reachability
!
access list 101 permit icmp any host
!
route-map LOCAL_POLICY permit 10
match ip address 101
set ip next-hop 10.1.1.254
set interface null0
!
ip local policy route-map LOCAL_POLICY
!
ip route 0.0.0.0 0.0.0.0 10.1.1.254 track 100
ip route 0.0.0.0 0.0.0.0 192.168.1.254 254
Pls do remember to rate posts.
Paresh
03-31-2006 11:30 PM
Hi Paresh,
I am a Guruprasad.R working as Network Administrator in Saksoft Ltd for the past 6 months. I am a new guy to the Networking world.I finished my B.Tech[Information Technology] by May 2005.
I finished my CCNA by Jan 06 and i am currently focussing on CCNP(BCMSN) paper. I used to visit discussion forums frequently. I was supposed to see that all questions were replied by you.
I am really proud of you. I have more idea and interest in the Security Environment. So, Kindly guide me in my career. Expecting you guidance, kindness and wishes to make my career the best one.
Your's Truly,
Guruprasad.R
Mail id: itguruprasad@yahoo.com
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: