Auto failover

suthomas1 · ‎08-11-2019

Hello All,

we are looking for options to get auto failover working for our ranch sites.

these have a leased line or fibre link to the provider. We plan to use a secondary link( eg. broadband or adsl connection) as secondary standby only(no load share).

router used is Isr 4400’s.

routing is done with RIP / static default routes.

The second wan connection should auto kick-in if the main lease line goes down.

i was thinking about the lte wan cards that can be used with isr 4400.

pleasesuggest

Giuseppe Larosa · ‎08-11-2019

Hello Sunny,

you can use LTE combined with dialer watch feature.

The dialer watch look for the presence of some routes in the routing table (these are specified with an ACL).

when one of them is missing , the dialer watch feature will trigger DDR to make a call.

However, there are two notes here:

you should be using a dynamic routing protocol on the primary link.

RIPv2 is not a good candidate for its slow convergence I would look to replace it with EIGRP.

The second aspect is thar regardless of using LTE or an xDSL technology your secondary link will be over the public internet. So you should consider using IPSec or a GRE protected by IPSec solution.

If all branch offices were to be connected by ADSL or VDSL and the number of branch offices is high you can consider to use DMVPN Dynamic Multipoint VPN that is Cisco proprietary.

The issue with DMVPN over LTE is that it could make the call to stay up all the time just to exchange routing protocol messages or NHRP messages.

So depending on the number of remote sites DMVPN can be interesting.

For using DMVPN over LTE you would need an offer with high data volume per mounth so that you can don't care of the always on.

EIGRP is a good protocol for DMVPN and to make the DMVPN secondary you can increase delay on the mGRE tunnel interface.

Hope to help

Giuseppe

suthomas1 · ‎08-11-2019

Thanks.
Is there any configuration links that i can follow.
Is LTE compatible with ISR 4400's. We are looking at a fast failover rate, with as minimum downtime as possible in case of this switch.

Giuseppe Larosa · ‎08-12-2019

Hello Sunny,

for hardware compatibility your starting page can be the following:

https://www.cisco.com/c/en/us/support/routers/4441-x-integrated-services-router-isr/model.html?dtid=osscdc000283#DataSheets

The more recent LTE related datasheet is the following page:

https://www.cisco.com/c/en/us/products/collateral/routers/4000-series-integrated-services-routers-isr/datasheet_C78-738511.html

And should be supported on ISR 4400 series.

>> with as minimum downtime as possible in case of this switch.

As I have explained in my first post the switchover speed depends also on the routing protocol in use on the primary link.

RIPv2 is too slow in convergence for modern networks so moving to EIGRP can be a wise decision even if you don't want to deploy a DMVPN solution.

With static routes only you need to use IP SLA and to track IP SLA state on primary route so that floating static route using the backup link can be used and trigger a call (when the IP SLA fails the track state becomes false and the primary static route is removed from the IP routing table).

To be noted the use of dialer-watch has been reported as a workaround even in cases where the LTE link is the primary link by monitoring non exisisting routes like 8.8.8.8/32 one could make LTE to call and stay up all the time.

This is not your case.

Hope to help

Giuseppe

mhrznamn068 · ‎08-11-2019

Create a default route for both WAN connection gateways and change the distance of these routes. By default static route has AD value 1 and lower Administrative distance route is preferred. Increase the AD value of you secondary WAN link and it will act as failover link.