Re: Configuring failover links in a 3750 (SAME IP with Different VLAN)

FRKH9521 · ‎03-18-2021

Hello ,

Need Help.

i my office same ISP 2 Link terminate on Fiber Media with different VLAN ( ISP give me 2 VLAN and Single IP ) . i need to configure fail-over on single same ip .
if one link down , automatically shift on other link .

Georg Pauwen · ‎03-18-2021

Hello,

what you could do is configure the same IP address on both interfaces, but keep one interface 'shut', then use an IP SLA and two simple EEM scripts to shut/no shut the respective interfaces. The configuration would look like below:

track 1 ip sla 1 reachability
!
interface Vlan100
description Link to Primary ISP
ip address 100.100.100.1 255.255.255.252
!
interface Vlan200
description Link to Secondary ISP
ip address 100.100.100.1 255.255.255.252
shut
!
ip sla 1
icmp-echo 8.8.8.8 source-interface Vlan100
frequency 5
!
ip sla schedule 1 start-time now life forever
!
event manager applet ISP_FAILOVER_1_DOWN
event track 1 state down
action 1.0 cli command "enable"
action 2.0 cli command "conf t"
action 3.0 cli command "interface Vlan 100"
action 4.0 cli command "shut"
action 5.0 cli command "exit"
action 6.0 cli command "interface Vlan 200"
action 7.0 cli command "no shut"
action 8.0 cli command "end"
!
event manager applet ISP_FAILOVER_1_UP
event track 1 state up
action 1.0 cli command "enable"
action 2.0 cli command "conf t"
action 3.0 cli command "interface Vlan 200"
action 4.0 cli command "shut"
action 5.0 cli command "exit"
action 6.0 cli command "interface Vlan 100"
action 7.0 cli command "no shut"
action 8.0 cli command "end"

FRKH9521 · ‎03-18-2021

Thank you so much for your help , would to like to tell me IP SLA configuration need at ISP side router also ??? or just need configuration at my end. need urgent reply please

Georg Pauwen · ‎03-19-2021

Hello,

what does your topology look like ? Is the switch directly connected to both ISPs (that is how I understood your post), or is there a router between your switch and both ISPs ?

paul driver · ‎03-19-2021

Hello
@Georg Pauwen Applying the same ip address to two SVi's at the same time wont work, youll need to amend your EEM script to accomodate your Suggestion

@FRKH9521 Can you elaborate on why you require two vlans with the same ip address , this isnt really a viable solution for resiliency

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Georg Pauwen · ‎03-19-2021

@paul driver

--> Applying the same ip address to two SVi's at the same time wont work, youll need to amend your EEM script to accomodate your Suggestion

In which IOS version(s) and on which device(s) does this not work ? What is your exact error message ?

interface Vlan100
ip address 100.100.100.1 255.255.255.0
!
interface Vlan200
ip address 100.100.100.1 255.255.255.0
shutdown

paul driver · ‎03-19-2021

Hello @Georg Pauwen

Two things i was refering to:
Duplication of the same ip address on two interfaces in the same device at the same time won’t work as the software will complain about it unless that is they are in different rib tables (vrf) or you have one of the interfaces shutdown which you do so apologies for that I didn’t see the shutdown statement.

The eem script , not sure event track works on the 3750's, I think ive tried this in the past and it would except it maybe you can confirm this, As I don’t have any access at present to validate but the main thing is if youve got the source interface in a admin down state after an ipsla failure how can it be used with ipsla to be brought back up again?

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

FRKH9521 · ‎03-19-2021

Is the switch directly connected to both ISPs (that is how I understood your post),

ANSWER : YES Directly connected

paul driver · ‎03-19-2021

Hello

If they are directly connected via access ports related to L3 svi's You could potentially use flex-link for the redundancy.

example:
int vlan 100
description ISP's vlan
ip address 100.100.100.1 255.255.255.252

int x/x
description ISP1
switchport mode access
switchport access vlan 100
switchport backup interface y/y preemption delay 20
switchport backup interface y/y preemption force

int y/y
description ISP2
switchport mode access
switchport access vlan 100

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Giuseppe Larosa · ‎03-19-2021

Hello @FRKH9521 ,

how are the physical interfaces configured ?

if you have untagged frames you can use a single SVI VLAN 100 and avoid all the issues that arise with two SVIs having the same IP address,

You need to use two SVIs only if the SP handoffs are two 802.1Q trunks one passing VLAN 100 and the other passing VLAN 200.

Hope to help

Giuseppe