Solved: 2 local routers 1 ISP failover

Cisco eng · ‎11-06-2014

Hi,

I've been given the task to configure 2 Cisco 1921 routers in LAN/WAN failover mode, and if it is possible even do load-balancing.

I used HSRP for this and when I turn off the primary router, the secondary router takes over nicely. When the primary router comes back up, it takes over again. But when both routers are online (primary router active/ secondary router standby) the WAN link becomes unstable with alot of ping-timeouts. When I administratively shut down the WAN port of the secondary router, the WAN link becomes stable again.

Below the configuration I use, what can be done to prevent the unstable connection? Or is there a better way to configure this?

Primary router:

interface GigabitEthernet0/0
description Connection-To-Internet
ip address *.*.*.28 255.255.255.128
ip access-group FIREWALL in
ip nat outside
ip virtual-reassembly in
standby 1 ip *.*.*.30
standby 1 priority 200
standby 1 preempt
duplex full
speed 100

!

interface Vlan1
description Connection-To-LAN
ip address 192.168.0.248 255.255.255.0
ip pim sparse-mode
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1452
standby 2 ip 192.168.0.247
standby 2 priority 200
standby 2 preempt
standby 2 track 1 decrement 10

!

ip route 0.0.0.0 0.0.0.0.0 *.*.*.1

Secondary router:

interface GigabitEthernet0/0
description Connection-To-Internet
ip address *.*.*.29 255.255.255.128
ip access-group FIREWALL in
ip nat outside
ip virtual-reassembly in
standby 1 ip *.*.*.30
standby 1 preempt
duplex full
speed 100

!

interface Vlan1
description Connection-To-LAN
ip address 192.168.0.249 255.255.255.0
ip pim sparse-mode
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1452
standby 2 ip 192.168.0.247
standby 2 preempt
standby 2 track 1 decrement 10

!

ip route 0.0.0.0 0.0.0.0.0 *.*.*.1

Thanks,

Tom

Mohit Sahai · ‎11-06-2014

Hello Tom,

Fir this issue I think combination of IPSLA and EEM script would help you out.

Below steps can be followed,

Step1: Configure IPSLA to ping the WAN IP.

Step 2: If the packet drops are detected, the IPSLA state changes and that should trigger the WAN interface to get shut down.

Below discussion refers to the shutting the BGP if there is packet drops on the issue is observed.

Similarly we could configure the EEM to shut the link down when the packet drops are observed.

More preciously you can find the EEM to shut the link

https://supportforums.cisco.com/discussion/10794236/shut-interface-if-no-ping-response-using-ip-sla-eem

Hope this helps you to achieve the requirement.

Let me know if further clarification is needed.

Thanks,

Mohit

View solution in original post

Mohit Sahai · ‎11-06-2014

Hello Tom,

Fir this issue I think combination of IPSLA and EEM script would help you out.

Below steps can be followed,

Step1: Configure IPSLA to ping the WAN IP.

Step 2: If the packet drops are detected, the IPSLA state changes and that should trigger the WAN interface to get shut down.

Below discussion refers to the shutting the BGP if there is packet drops on the issue is observed.

Similarly we could configure the EEM to shut the link down when the packet drops are observed.

More preciously you can find the EEM to shut the link

https://supportforums.cisco.com/discussion/10794236/shut-interface-if-no-ping-response-using-ip-sla-eem

Hope this helps you to achieve the requirement.

Let me know if further clarification is needed.

Thanks,

Mohit

Cisco eng · ‎11-07-2014

Hi Mohit,

Thank you for this information, this could be what i'm looking for. There's no way for me to test this right now, my boss changed the planning to have this done early next year.

I will mark your answer as correct. If it does not work I will open this forum discussion again and will report my findings.

Thanks!

Tom