Solved: Configuring routing to switch between EIGRP and static

mrazillard1 · ‎02-08-2018

Hi,

In a nutshell, I have two routers (R1 and R2). There are two paths between the two: one is a point to point VPN using static routes, and the other is EIGRP via a couple other hops.

...sorry for the oversimplification....

Basically, I want traffic to ALWAYS prefer the EIGRP path in both directions, UNLESS the interface on R2 is down, and then prefer the VPN path in both directions.(until that interface comes back online.) Right now I have to perform this switch manually:

To use the VPN:

on R1:

static route pointing all 192.168.1.0/24 traffic out the VPN

R1# sh ip route 192.168.1.0/24

192.168.1.0/24, ubest/mbest: 1/0

*via <VPN IP>, [1/0], 1w3d, static

on R2:

-disable the EIGRP facing interface

To use the EIGRP path:

On R1:

remove the Static route

R1# no ip route 192.168.1.0/24 <VPN IP>

On R2:

enable the EIGRP facing interface

I can't seem to get this to work using routing, but I'm probably over-complicating it. Any suggestions would be most appreciated, thanks!

Georg Pauwen · ‎02-08-2018

Hello,

you can try to influence the metrics, but why not use an SLA and configure failover routes ?

View solution in original post

Georg Pauwen · ‎02-08-2018

Hello,

you can try to influence the metrics, but why not use an SLA and configure failover routes ?

mrazillard1 · ‎02-08-2018

I had not ever used IP SLA before, but reading over it, it looks like that may be a good option. I will look into that as well, thank you.

mrazillard1 · ‎02-08-2018

So, one question... I haven't actually deployed this yet, Still working on drawing it out...

I've got the configs mapped out to setup IP SLA on R2:

R2# int Gi0/0/0

R2# desc PRIMARY LINK

R2# ip add 192.168.3.1 255.255.255.252

R2# int Gi0/1

R2# desc SECONDARY LINK

R2# ip add 192.168.2.1 255.255.255.252

R2# track 10 ip sla 1 reachability

R2# ip sla 1

R2# icmp-echo 192.168.3.2 source-ip 192.168.3.1

R2# ip sla schedule 1 life forever start-time now

R2# ip route 0.0.0.0 0.0.0.0 192.168.3.2 track 10

R2# ip route 0.0.0.0 0.0.0.0 192.168.2.2 10

I see how this will influence the default route for traffic leaving R2. But I'm not sure about how to configure this on R1. Currently, if both paths are up, on R1 I have two routes to get to 192.168.1.0/24

-static route pointing to the VPN IP

-dynamically learned EIGRP route.

If I leave it like this, traffic will always prefer the VPN route back to 192.168.1.0/24, even if it comes in via the EIGRP route.

Do I need to configure a similar SLA setup on R1 as well using the 192.168.1.0/24 route instead of the 0.0.0.0 route?

mrazillard1 · ‎02-09-2018

So SLA's ended up working great for this problem. I set it up on both routers. Thanks for the suggestion!

Joseph W. Doherty · ‎02-08-2018

If you provide your static route a higher metric than EIGRP, it should become a "floating static", which means the EIGRP route will override, if its present. If not present, then the static will be used.

Geog's suggestion of using SLA could be used if you wanted the static to take precedence over EIGRP. The SLA test would "pull" the static if it fails.

Another approach would be to use EIGRP across the VPN tunnel, and set its delay so it appears inferior to the other path.

mrazillard1 · ‎02-08-2018

I had been trying to manipulate the metrics on the R1 side where the static route is built, with some success, but was having troubles getting it to work on the R2 side. Perhaps I could try a combination... configure SLA on R2 and modify the metrics on R1... I will test that out as well, thanks!

mrazillard1 · ‎02-08-2018

Also, our ASA doesn't currently support EIGRP... That would be a solution, but probably not an option at this time...