Solved: Cisco 2821 3 Wic - Page 2

jangydb98 · ‎02-08-2017

Hello,

I have a Cisco 2821 with 3 wic, 2 wic adsl and 1 wic eth. I need to configure the two adsl wics in load balancing and failover and in case of all the two adsl don't work, all the traffic must be routed on the eth wic wan.

The IOS version is 12.4

Can You help me?

Thanks

Salve,
ho un router Cisco 2821 con 3 interfacce wic, di cui due adsl e una wan. Avrei la necessità di far lavorare le due wic adsl in load balancing e fail over e, in caso nessuna delle due linee funzioni, il traffico esca sulla wan eth.
C'è qualcuno che mi può dare la configurazione?

La versione dell'os è la 12.4.

Grazie

Georg Pauwen · ‎07-29-2017

Hello,

this is possibly due to the fact that your router does all the name lookups. You might be better of setting your clients to DHCP, and configure a DHCP pool on the router:

ip dhcp excluded-address 10.0.1.254
!
ip dhcp pool LAN
network 10.0.1.0 /24
default-router 10.0.1.254
dns-server 8.8.8.8 8.8.4.4

jangydb98 · ‎07-29-2017

hello,

ok I try it, but if I put manually the dns server 8.8.8.8 in the devices the problem persist, is it normally?

I try with dhcp server but the problem doesn't solve

Thanks

Building configuration...

Current configuration : 4270 bytes
!
! Last configuration change at 18:28:27 UTC Sat Jul 29 2017 by admin
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname jjjjjjj
!
boot-start-marker
boot-end-marker
!
enable password iiiiiiii
!
no aaa new-model
!
!
dot11 syslog
ip source-route
!
!
ip cef
ip dhcp excluded-address 10.0.1.254
ip dhcp excluded-address 10.0.1.191
!
ip dhcp pool LAN
network 10.0.1.0 255.255.255.0
default-router 10.0.1.254
dns-server 8.8.8.8 208.67.222.222
!
!
ip domain name hhhhhh.local
ip name-server 8.8.8.8
ip name-server 208.67.222.222
ip name-server 8.8.4.4
ip name-server 208.67.220.220
!
multilink bundle-name authenticated
!
!
!
!
!
!
license udi pid CISCO2821 sn ggggggggg
username admin privilege 15 secret 5 ffffffffff
redundancy
!
!
ip ssh version 2
!
track 1 ip sla 1 reachability
delay down 10 up 10
!
track 2 ip sla 2 reachability
delay down 10 up 10
!
track 11 list boolean and
object 1
object 2
!
!
!
!
!
!
!
interface GigabitEthernet0/0
ip address 10.0.1.254 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
interface GigabitEthernet0/1
ip address e.e.e.e 255.255.255.248
ip nat outside
no ip virtual-reassembly
duplex auto
speed auto
!
interface ATM0/0/0
no ip address
no atm ilmi-keepalive
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface ATM0/1/0
no ip address
no atm ilmi-keepalive
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 2
!
!
interface Dialer0
ip address negotiated
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname @alicebiz.routed
ppp chap password 0 @alicebiz.routed
no cdp enable
!
interface Dialer1
ip address negotiated
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip tcp header-compression
dialer pool 2
dialer-group 2
ppp authentication chap pap callin
ppp chap hostname @alicebiz.routed
ppp chap password 0 @alicebiz.routed
no cdp enable
!
ip local policy route-map IPSLA
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip dns server
ip nat translation timeout 420
ip nat translation tcp-timeout 120
ip nat translation pptp-timeout 420
ip nat translation udp-timeout 120
ip nat translation finrst-timeout 300
ip nat translation syn-timeout 120
ip nat translation icmp-timeout 120
ip nat translation max-entries 5000
ip nat inside source route-map BACKUP interface GigabitEthernet0/1 overload
ip nat inside source route-map DIAL0 interface Dialer0 overload
ip nat inside source route-map DIAL1 interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 Dialer0 track 1
ip route 0.0.0.0 0.0.0.0 Dialer1 track 2
ip route 0.0.0.0 0.0.0.0 d.d.d.d(gateway ip) 10
!
ip access-list extended SLA1
permit icmp any host 8.8.4.4 echo
permit udp host b.b.b.b eq 22 any
permit tcp host b.b.b.b eq 22 any
ip access-list extended SLA2
permit icmp any host 4.2.2.2 echo
permit udp host a.a.a.a eq 22 any
permit tcp host a.a.a.a eq 22 any
!
ip sla auto discovery
ip sla 1
icmp-echo 8.8.4.4 source-interface Dialer0
threshold 500
frequency 5
ip sla schedule 1 life forever start-time now
ip sla 2
icmp-echo 4.2.2.2 source-interface Dialer1
threshold 500
frequency 5
ip sla schedule 2 life forever start-time now
access-list 1 permit 10.0.1.0 0.0.0.255
access-list 5 permit 10.0.1.0 0.0.0.255
access-list 8 permit 10.0.1.0 0.0.0.255
access-list 15 permit 10.0.1.150
access-list 15 permit 10.0.1.191
access-list 20 permit 10.0.1.0 0.0.0.255
!
!
!
route-map BACKUP permit 10
match ip address 1
match interface GigabitEthernet0/1
!
route-map DIAL0 permit 10
match ip address 1
match interface Dialer0
!
route-map DIAL1 permit 10
match ip address 1
match interface Dialer1
!
route-map IPSLA permit 10
match ip address SLA1
set interface Dialer0
!
route-map IPSLA permit 20
match ip address SLA2
set interface Dialer1
!
route-map WWW permit 10
match ip address 100
set interface Dialer0
!
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
access-class 8 in
exec-timeout 5 0
login local
transport input ssh
!
scheduler allocate 20000 1000
end

Georg Pauwen · ‎07-29-2017

Hello,

it shouldn't make a difference. That said, I checked your configuration again and saw that you have 'ip dns server' configured globally. Try and remove that from your configuration:

Router(config)#no ip dns server

jangydb98 · ‎07-29-2017

Hello,

without dns server, the 8/10 of requests of resolving are timed-out.

If I disable the load balancing all work normally

thanks

Georg Pauwen · ‎07-29-2017

Hello,

I don't remember all the specifics of the original problem, but where did you apply route map WWW ? I don't see it applied anywhere...

jangydb98 · ‎07-29-2017

Hello,

The original problem was 2 connection with load balance (adsl Wic) and a backup on eth 0/1.

If I apply route-map WWW on eth0/0 (lan) dns and ftp work well, but the load balance and fail over don't work and all traffic go out only with dial 0

Thanks

Georg Pauwen · ‎07-29-2017

OK. I would go back to the original config where you had a success rate of 8/10, and check what happens if you flush the DNS cache on your client:

C:\windows\system32>ipconfig /flushdns

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

jangydb98 · ‎02-12-2017

Hello,

I had tried the config but when i disconnect the dsl on wic 0 all the connection go down and don't go on the second dsl wic.

Can you help me?

Thanks

Georg Pauwen · ‎02-12-2017

Hello,

can you post the configuration you have now ? I'll have a look...

jangydb98 · ‎02-12-2017

Hello,

this is the configuration.

Thanks

Georg Pauwen · ‎02-12-2017

Hello,

try and add this to your access list 1:

access-list 1 permit 192.168.1.0 0.0.0.255

jangydb98 · ‎02-12-2017

Hello,

ok tomorrow I will try this configuration.

I can try the configuration of the dsl connections without the connection on the ethernet?

Thanks

Georg Pauwen · ‎02-12-2017

Hello,

you can test without the Ethernet connection, obviously the failover will not work properly without anything being actually connected to GigabitEthernet0/1...

jangydb98 · ‎02-12-2017

Hello,

Ok, thanks

jangydb98 · ‎03-09-2017

Hi,

sorry for delay. I tried today the configuration, but I have the same problem.

It seems to be a memory problem. I attach the output of my terminal connection.

Thanks and bye.