cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4009
Views
0
Helpful
12
Replies

Back-up interface routing problem

muratg7777
Level 1
Level 1

Hi;

I have configured 887 Router. ADSL with 3g(backup) everything is fine but the routing seems not working.

interface ATM0
backup delay 120 60
backup interface Cellular0
no ip address
no atm ilmi-keepalive
dsl bitswap both

ip nat inside source route-map adsl interface Dialer0 overload
ip nat inside source route-map cell interface Cellular0 overload
ip route 0.0.0.0 0.0.0.0 Cellular0 2
ip route 0.0.0.0 0.0.0.0 Dialer0
!
access-list 1 permit 192.168.1.0 0.0.0.255
dialer-list 1 protocol ip permit
!
!
!
!
route-map cell permit 10
match ip address 1
match interface Cellular0
!
route-map adsl permit 10
match ip address 1
match interface Dialer0
!

Tha nat is working but the routing seems not working. When I run remove "ip route 0.0.0.0 0.0.0.0 Dialer0" command I can connect internet.

I have tried also track command :

ip route 0.0.0.0 0.0.0.0 Dialer0 track 210

ip route 0.0.0.0 0.0.0.0 Cellular0 track 250

but it did not work. When I disconnect adsl line and run sh route, I see dialer 0 is the default route for 0.0.0.0.  I need to configure backup route for 0.0.0.0 network

12 Replies 12

Ganesh Hariharan
VIP Alumni
VIP Alumni

Hi;

I have configured 887 Router. ADSL with 3g(backup) everything is fine but the routing seems not working.

interface ATM0
backup delay 120 60
backup interface Cellular0
no ip address
no atm ilmi-keepalive
dsl bitswap both

ip nat inside source route-map adsl interface Dialer0 overload
ip nat inside source route-map cell interface Cellular0 overload
ip route 0.0.0.0 0.0.0.0 Cellular0 2
ip route 0.0.0.0 0.0.0.0 Dialer0
!
access-list 1 permit 192.168.1.0 0.0.0.255
dialer-list 1 protocol ip permit
!
!
!
!
route-map cell permit 10
match ip address 1
match interface Cellular0
!
route-map adsl permit 10
match ip address 1
match interface Dialer0
!

Tha nat is working but the routing seems not working. When I run remove "ip route 0.0.0.0 0.0.0.0 Dialer0" command I can connect internet.

I have tried also track command :

ip route 0.0.0.0 0.0.0.0 Dialer0 track 210

ip route 0.0.0.0 0.0.0.0 Cellular0 track 250

but it did not work. When I disconnect adsl line and run sh route, I see dialer 0 is the default route for 0.0.0.0.  I need to configure backup route for 0.0.0.0 network

Hi,

Can you try with the below config on IP SLA track configuration on automatic failover of the primary link:-

ip sla 1

icmp-echo "destionation ip"

timeout 500

frequency 3

ip sla schedule 1 start-time now life forever

track 1 rtr 1 reachability

now for the routing, we need to change the default route and associate it with the tracker

ip route 0.0.0.0 0.0.0.0 1.1.1.1 track 1

Then we need to add our secondary route

ip route 0.0.0.0 0.0.0.0 1.1.1.2 10

Hope to Help !!

Ganesh.H

Remember to rate the helpful post

Richard Burts
Hall of Fame
Hall of Fame

Murat

The issue here is that your default route specifies the dialer interface but even though you may have lost connectivity through the ATM interface the dialer interface still remains line protocol up and so the default route remains in the routing table and your floating static route never gets used. I see that you have tried using the track command but it seems to not work for you. Perhaps you could post some details of how you attempted to implement it. The post by Ganesh does show a way to implement the track/IP SLA.

HTH

Rick

HTH

Rick

Thanks for the replies. I did not configure ip sla so that's why  tracking was not working. The other configuration is typical adsl and 3g  config.

So the config will be:

ip sla 1

icmp-echo "destionation ip"

timeout 500

frequency  3

ip sla schedule 1 start-time now life forever

track 1 rtr  1 reachability

ip route 0.0.0.0 0.0.0.0 Dialer0 track 1

ip route 0.0.0.0  0.0.0.0 Cellular0 track 10   or metric 10 ???

Murat

I do not see any reason to involve tracking for the floating static. So I believe that it would work with ip route 0.0.0.0  0.0.0.0 Cellular0 2

HTH

Rick

HTH

Rick

Thanks. I am gonna try it

Hİ;

I finally did a sample config but routing seems problem again.

ip local policy route-map track-primary-if
ip route 0.0.0.0 0.0.0.0 Dialer0 track 234
ip route 0.0.0.0 0.0.0.0 f3 254


ip nat inside source route-map nat2cell interface f3 overload
ip nat inside source route-map nat2dsl interface Dialer0 overload

ip sla 1
icmp-echo 88.247.244.1 source-interface Dialer0
timeout 1000
frequency 2
ip sla schedule 1 life forever start-time now

access-list 191 permit ip 192.168.11.0 0.0.0.255 any
access-list 192 permit icmp any host 88.247.244.1


route-map track-primary-if permit 10
match ip address 192
set interface Dialer0
!
route-map nat2dsl permit 10
match ip address 191
match interface Dialer0
!
route-map nat2cell permit 10
match ip address 191
match interface f3

This is the sample config I did it on 877 router.

There is default route ip route 0.0.0.0 0.0.0.0 Dialer0 on it when I run no ip route 0.0.0.0 0.0.0.0 Dialer0.  S*   0.0.0.0/0 is directly connected, Dialer0
deletes from routing table and I am not able to connect to internet.

Tracking it seems working:

Router#show ip sla statistics

Round Trip Time (RTT) for       Index 1
        Latest RTT: 11 milliseconds
Latest operation start time: *18:27:27.043 UTC Tue July 20 2010
Latest operation return code: OK
Number of successes: 587
Number of failures: 0
Operation time to live: Forever


Router#sh ip route track-table
ip route 0.0.0.0 0.0.0.0 Dialer0 track 234 state is [undefined]

Atm interface config:

interface ATM0
no ip address
load-interval 30
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
backup interface FastEthernet3
pvc 8/35
  pppoe-client dial-pool-number 1
!

I found the mistake.

ip route 0.0.0.0 0.0.0.0 Dialer0 track 234

was wrong

ip route 0.0.0.0 0.0.0.0 Dialer0 track 1

ip route 0.0.0.0 0.0.0.0 Dialer0 track 1 state is [up] now

Murat

I am glad that you got it figured out and working. Thank you for posting back to the forum indicating that you have got it working and what you did to get it to work. Seeing solutions to problems like this helps to make the forum more useful.

HTH

Rick

HTH

Rick

Actually "track 1 rtr 10 reachability" was missing. It's ok now. But I have second problem;

let's say

dsl public ip : 1.1.1.80

isp side gateway : 1.1.1.1

3g: 2.2.2.80

I am tracking the isp side gateway 1.1.1.80. When I unplugged dsl line, backup interface (3g) comes up but routing is flapping between; dsl and 3g and I am getting these logs:

ip route 0.0.0.0 0.0.0.0 Dialer0 track 1 state is [up] now

ip route 0.0.0.0 0.0.0.0 Dialer0 track 1 state is [down] now

ip route 0.0.0.0 0.0.0.0 Dialer0 track 1 state is [up] now

ip route 0.0.0.0 0.0.0.0 Dialer0 track 1 state is [down] now

I can not ping 1.1.1.80 maybe from acl I did not have time to check acl

ip sla 1

icmp-echo 1.1.1.1 source-interface Dialer0

doesn't it mean to track from dialer 0 interface only? so why it is tracking also from cellular0 interface?

If I write deny acl for icmp and bind it to cellular 0 interface, does it work? I am far away from the location now so I couldn't tried.
Secondly, I have tried with another operator's data sim card, and this config did work with it.

Hi Murat,

I am also triynig to configure 3g bakcup line with primary DSL line.  I need some advice about configuraiton.

My situation can be bit different from yours, because DSL line is point to point. And 3G line has DMVPN configurations. Both lines works fine as a primary.

But second step is backup configuration,problem here.

I configure ip sla, track is working. But when I let both line is up, I thing is routing confuse, than I lost connection to the headquerter.

Could you please check my config ? Any thing look wrong...I am lost in config now:(

x.x.x.x head quarter real ip

x.x.x.z track ip

!

! Last configuration change at 14:04:58 UTC Tue Feb 8 2011

!

version 15.1

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname IST_DPC

!

boot-start-marker

boot system flash c880data-universalk9-mz.151-2.T2a.bin

boot-end-marker

!

!

logging buffered 51200 warnings

enable secret *****

!

no aaa new-model

!

memory-size iomem 10

crypto pki token default removal timeout 0

!

crypto pki trustpoint TP-self-signed-2733612712

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-2733612712

revocation-check none

rsakeypair TP-self-signed-2733612712

!

!

ip source-route

!

!

!

!

!

ip cef

no ip domain lookup

ip domain name yourdomain.com

no ipv6 cef

!

!

multilink bundle-name authenticated

chat-script internet "" "ATDT*99#" TIMEOUT 60 "CONNECT"

!

username ****  password *****

!

!

!

!

controller Cellular 0

!

ip ftp source-interface Vlan1

ip ftp username ozgur

ip ftp password 7 1418080C1916

!

!

crypto isakmp policy 10

hash md5

authentication pre-share

group 2

crypto isakmp key *** address x.x.x.x

!

crypto ipsec transform-set *** esp-3des esp-md5-hmac

!

crypto ipsec profile   ****

set transform-set ****

!

!

!

!

!

interface Tunnel1

ip address 192.168.168.2 255.255.255.0

no ip redirects

ip mtu 1440

ip nhrp authentication cisco123

ip nhrp map multicast dynamic

ip nhrp map multicast x.x.x.x

ip nhrp map 192.168.168.1 x.x.x.x

ip nhrp network-id 5

ip nhrp nhs 192.168.168.1

ip nhrp registration no-unique

tunnel source Dialer1

tunnel mode gre multipoint

tunnel key 5

tunnel protection ipsec profile ******

!

interface ATM0

no ip address

no atm ilmi-keepalive

pvc 8/35

  pppoe-client dial-pool-number 2

!

!

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

!

interface Cellular0

description "### 3g interface ###"

no ip address

ip virtual-reassembly in

encapsulation ppp

load-interval 60

dialer in-band

dialer pool-member 1

async mode interactive

no fair-queue

!

interface Vlan1

ip address 172.25.190.1 255.255.255.0

ip virtual-reassembly in

ip tcp adjust-mss 1452

!

interface Dialer0

ip address negotiated

backup interface dialer1   

ip directed-broadcast

encapsulation ppp

ip tcp adjust-mss 1300

dialer pool 2

ppp authentication chap pap callin

ppp chap hostname *********

ppp chap password  ****

ppp pap sent-username *****   password *******

no cdp enable

!

interface Dialer1

ip address negotiated

ip flow ingress

ip virtual-reassembly in

encapsulation ppp

shutdown

dialer pool 1

dialer idle-timeout 0

dialer string internet

dialer persistent

dialer-group 1

ppp authentication chap callin

ppp chap refuse

ppp pap refuse

ppp ipcp dns request

no cdp enable

!

!

router eigrp 5

network 172.25.190.0 0.0.0.255

network 192.168.168.0

!

ip forward-protocol nd

no ip http server

ip http access-class 23

ip http authentication local

no ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!

!

ip local policy route-map track-primary-if
ip route 0.0.0.0 0.0.0.0 Dialer0 2

ip route 0.0.0.0 0.0.0.0 Dialer1 254

ip sla 1

icmp-echo x.x.x.z  source-interface Dialer0

ip sla schedule 1 life forever start-time now

logging esm config

access-list 1 permit any

access-list 120 permit icmp any host x.x.x.z

dialer-list 1 protocol ip permit

no cdp run

!

!

!

!

route-map track-primary-if permit 10

match ip address 120

set interface Dialer0

!

!

control-plane

!

!

line con 0

login local

no modem enable

line aux 0

line 3

exec-timeout 0 0

script dialer internet

modem InOut

no exec

transport input all

speed 237000

line vty 0 4

privilege level 15

login local

transport input telnet ssh

!

end

Hi Kerime;

Here is my working config:

track 1 ip sla 1
!
!
ip local policy route-map track-primary-if
ip slow-converge
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0 track 1
ip route 0.0.0.0 0.0.0.0 Cellular0 10
ip route 78.189.xx.xx 255.255.255.255 Dialer0
!
ip sla 1
icmp-echo 78.189.xx.xx source-interface Dialer0
timeout 1000
frequency 2
ip sla schedule 1 life forever start-time now
access-list 1 permit 192.168.35.0 0.0.0.255
access-list 110 permit icmp any host 78.189.xxx.xxx
dialer-list 1 protocol ip permit
!
!
!
!
route-map cell permit 10
match ip address 1
match interface Cellular0
!
route-map track-primary-if permit 10
match ip address 110
set interface Dialer0
!
route-map adsl permit 10
match ip address 1
match interface Dialer0
!

Hi I arrange right IP to track, everything is fine now.

Thank you all

Review Cisco Networking for a $25 gift card