Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3911
Views
0
Helpful
8
Replies

Conditionally shutting down an interface

xtraman297
Level 1
Level 1

‎08-29-2011 04:41 AM - edited ‎03-04-2019 01:26 PM

I have a lan network with two routers, each with its own wan exit and its own different lan ip address. all the econputers have a pimary and secondary ip address. should one router's lan interface fails the computers are supposed to switch to their secondary ip address. I am looking for a solution to the scenerio when one of the routers wan interface fails. specifically I want to set the routers uo so that shuld the wan interface of one of the routers go down the lan interface of this router wil go down ad well. can it be done?

Labels:
0 Helpful
8 Replies 8

cadet alain
VIP Alumni
VIP Alumni

‎08-29-2011 04:55 AM

Hi ,

Why don't you just configure same subnet  for lan interfaces on both routers and configure HSRP with interface tracking ?

http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094e8c.shtml

Regards.

Alain.

Don't forget to rate helpful posts.
0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame

‎08-29-2011 05:02 AM

Are you running HSRP on the LAN interfaces of your routers ? If so then then you need to use HSRP tracking and you track the WAN interface on the primary router eg.

router1

=====

int fa0/0

ip address 192.168.5.2 255.255.255.0

standby 10 ip 192.168.5.1

standby 10 priority 110

standby 10 preempt

standby 10 track s0/0  20  <-- s0/0 is the WAN interface on this router

router2

======

int fa0/0

ip address 192.168.5.3 255.255.255.0

standby 10 ip 192.168.5.1

standby 10 priority 100

standby 10 preempt

int the above router1 is the HSRP active. If the s0/0 interface goes down the priority is decremented by 20 so the priority goes from 110 to 90.  router2 has a priority of 100 so it will preempt and become the active router.

If the s0/0 inteface on router1 comes back up then it will become the active HSRP router again.

Jon

0 Helpful

Ronit Bhattacharjee
Level 1
Level 1

‎08-29-2011 05:15 AM

This is a bad design. As cadet already said, just use the same subnet on the LAN interface of both routers and use HSRP/VRRP or GLBP.

You have an option to track the WAN interface in these protocols to trigger the HSRP on the LAN to switch over

0 Helpful

xtraman297
Level 1
Level 1

‎08-29-2011 07:18 AM

hsrp/glbp is by far a better solution, I agree. But i have several problems.

I must use two different ip segments because I use two different applications each requiering different firewalls rules. I have no control over the firewall, and what I have just written has been dictated to me.

Each of my routers connects to a different router on the far end, both of whom connect to a firewall from a differnent eth.

The firewall has anti-spoofing enabled. Normally I would have done nat, on the router but I am using an application that requires end to end connectivity in a way that does not allow me to do so.

Each of the routers on the far end directly connects to a server. Each one of these servers is relevent to only one of the applications I must use in my lan. I do have two wan lines and my boss has asked me to find a way so that each applicaions has a redundancy and using secondary ip addresses on the computers on was the best I could come up with.

I appriciate your input and if you could offer me a solution I'de be greatfull.

0 Helpful

cadet alain
VIP Alumni
VIP Alumni
In response to xtraman297

‎08-29-2011 10:47 AM

Hi,

could you post a topology diagram because because a picture is worth a thousand words sometimes ans also because I really don't get the complete picture right now

Regards.

Alain.

Don't forget to rate helpful posts.
0 Helpful

xtraman297
Level 1
Level 1
In response to cadet alain

‎08-29-2011 03:47 PM

this topology needs to work vice verca. while each of the pc's goes throght an other router when the first one fails.

0 Helpful

muca
Level 3
Level 3
In response to xtraman297

‎08-29-2011 09:25 PM

Hi,

Yes it can be done. You can use EEM.

It depends on the IOS version you are runnning.

Would be something similar to this:

event manager session cli username "yourusername"

event manager applet local-int-down

event tag shutdown syslog pattern "LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/2, changed state to down"

action 1 cli command "enable"

action 2 cli command "conf t"

action 3 cli command "interface gi0/0"

action 4 cli command "shut"

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6555/ps6815/config_guide_eem_configuration_for_cisco_integrated_services_router_platforms.html

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6550/prod_qas0900aecd803b1169_ps6815_Products_Q_and_A_Item.html

0 Helpful

xtraman297
Level 1
Level 1
In response to xtraman297

‎08-29-2011 11:26 PM

Thankyou! that was very helpfull.

Does anybody knows what IOS version I must have to successfully run applet eem?

0 Helpful
Customers Also Viewed These Support Documents