Solved: Dual Internet in a active passive setup.

Mike Buyarski · ‎07-29-2019

I am trying to setup a config where i can have both my wired (primary) and Cellular (backup) connection in a active/passive setup to where is the wired connection drops it will swing over to the cellular then back to wired when wired is back up.

right now what i have works to a point, it simply does NOT swing back to the wired connection when the wired connection comes back up. I of course want it on the wired as much as i can to not use to much data on the cellular data.

Notes:

cisco 892fsp IOS ver 15.6(3)M5

vlan 15 is for the cellular connection.

gig8 is the wired connection.

/////////config////////////

ip nat inside source route-map CELLNAT interface Vlan15 overload

ip nat inside source route-map WIREDNAT interface GigabitEthernet8 overload

.........

ip route 0.0.0.0 0.0.0.0 "Wired Gateway" track 1

ip route 0.0.0.0 0.0.0.0 Vlan15 250

.......

ip sla 1

icmp-echo 8.8.8.8 source-interface GigabitEthernet8

threshold 15

timeout 2000

frequency 3

ip sla schedule 1 life forever start-time now

.......

route-map WIREDNAT permit 11

match ip address 102

match interface GigabitEthernet8

!

route-map CELLNAT permit 10

match ip address 102

match interface Vlan15

.........

access-list 102 permit ip "internal ip 1" any

access-list 102 permit ip "internal ip 2" any

access-list 102 permit ip "internal ip 3" any

Seb Rupik · ‎07-30-2019

Hi there,

From the config you have supplied you are missing a track statement. You should have:

!
track 1 ip sla 1 reachability
!

Can you supply the output of sh track and sh ip route, for each of the follow states:

ISP1 up, ISP2 up

ISP1 down, ISP2 up

ISP1 back up, ISP2 up

cheers,

Seb.

View solution in original post

Seb Rupik · ‎07-30-2019

Hi there,

From the config you have supplied you are missing a track statement. You should have:

!
track 1 ip sla 1 reachability
!

Can you supply the output of sh track and sh ip route, for each of the follow states:

ISP1 up, ISP2 up

ISP1 down, ISP2 up

ISP1 back up, ISP2 up

cheers,

Seb.

Mike Buyarski · ‎07-30-2019

OK i did update the config, but we will not know until the main connection drops out. i will do this config to a few of them i have to maybe increase the number this is configured on.

Seb Rupik · ‎07-30-2019

If the track statement was missing, its inclusion should fix your problem.

Mike Buyarski · ‎08-01-2019

Based on recent events adding that line has allowed it to work as we wanted.

paul driver · ‎07-30-2019

Hello

@Mike Buyarski wrote:

right now what i have works to a point, it simply does NOT swing back to the wired connection when the wired connection comes back up. I of course want it on the wired as much as i can to not use to much data on the cellular data.

.......

ip sla 1

icmp-echo 8.8.8.8 source-interface GigabitEthernet8

Possible the reason is you ip sla address your monitoring is still reachable after failure , try changing this to a more specific address to gig8 which can reach like its next-hop interface ip address

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Mike Buyarski · ‎07-30-2019

I choose 8.8.8.8 since that is the one what seems to work best for us. i can't use the gateway since that most of the time is accessible during an outage. usually i can't find a further upstream from that connection IP i can use.