Dual WAN links failover and failback

P12Technologies · ‎09-19-2012

Hi

I have a 1921 router with two wan interface configured, one is primary and the other is standby or backup in case the primary goes down, I was able to configure links to failover from primary to backup once there primary is down, but how do I configure to make sure when primary is up it failbak to to it.

I am using the ip sla reachability and the track command to failover as follows

ip sla 1

icmp-echo x.x.x.x source-interface FastEthernet0/0/0

ip sla schedule 1 life forever start-time now

ip sla 2

icmp-echo y.y.y.y source-interface FastEthernet0/0/0

ip sla schedule 2 life forever start-time now

ip sla 3

icmp-echo w.w.w.w source-interface FastEthernet0/0/1

ip sla schedule 3 life forever start-time now

ip sla 4

icmp-echo z.z.z.z source-interface FastEthernet0/0/1

ip sla schedule 4 life forever start-time now

track 1 ip sla 1 reachability

delay down 10 up 15

!

track 2 ip sla 2 reachability

delay down 10 up 15

!

track 3 ip sla 3 reachability

delay down 10 up 15

!

track 4 ip sla 4 reachability

delay down 10 up 15

!

track 10 list boolean or

object 1

object 2

!

track 20 list boolean or

object 3

object 4

ip route 0.0.0.0 0.0.0.0 a.a.a.a 10 track 10

ip route 0.0.0.0 0.0.0.0 b.b.b.b 20 track 20

this makes failover works.

i need help in making failback to primary interface possible

primary interface is FastEthernet0/0/0

Thanks

Giuseppe Larosa · ‎09-19-2012

Hello Nasser,

as far as I see you should be able to restore primary route with current configuration

>>

ip route 0.0.0.0 0.0.0.0 a.a.a.a <<10 >>track 10

ip route 0.0.0.0 0.0.0.0 b.b.b.b >>20<< track 20

the first 10 in first static route is the administrative distance when the tracked object is fine and it is less then that of the secondary static route (20)

Have you tested primary link restore?

The reference document for this kind of configuration is the following

http://www.cisco.com/en/US/docs/ios/12_3/12_3x/12_3xe/feature/guide/dbackupx.html

Hope to help

Giuseppe

P12Technologies · ‎09-19-2012

thanks Giuseppe for your reply if you see my post I have the same configuration for ip route as you mentioned this will make failover works but it does not work with failback when primary interface is up again the only route that is active is the route for backup interface, my special case is that I am pinging IPs outside ISPs subnets. so if primary is down then there is no route active for the IPs that I track using primary link because default route is sending it to backup link, and will always be considered down

Giuseppe Larosa · ‎09-19-2012

Hello Nasser,

in this case you need to add more specific routes for the destinations of IP SLA1 and IP SLA2 using the primary link to solve this catch22 issue

In other words you need to use the primary link for IP SLA1 and IP SLA2 when the primary link is up.

Other possible solution explained in the document I have linked is the use of PBR for locally originated packets. This is probably the better solution.

Example with local PBR

! IP SLA traffic defined in ACL 101

access list 101 permit icmp any host 172.16.23.7 echo

route map MY-LOCAL-POLICY permit 10

 match ip address 101

 set interface fas0/0/0

ip local policy route-map MY-LOCAL-POLICY

Hope to help

Giuseppe