cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
897
Views
0
Helpful
4
Replies

Duplicate Static Routing For Failover Over GRE - Can You Help?

Matthew burnley
Level 1
Level 1

Hello Community,

I think i am going mad, i should know the answer to this but i have thought about it that much that not even the simplest things are making sense to me now, so im hopingyour wise brains can help me out.

 

I have a situation where i need to route the same IP block, a /29 via a static route to another router that is on our network, this router has a weird config where its connected to the network via two /30 GRE tunnels that are encrypted, they are two GRE tunnels that work over two WAN gateways for redundancy.  If one gateway does down then there is still a second GRE tunel up to route the /29 over.

 

To do this would i need to have 2* static routes pointing the /29 at both ends of the /30 GRE tunnel, so if one went down it could still route the /29 over the second tunnel. Or would having two static routes pointing a single /29 network to two different /30 destignations on the same router cause issues?

 

The /29 is so i can have public IP addresses on a router interface, then have 2 X default routes pointing to both ends of the /30 GRE tunnels, thats the plan anyways.

 

Is there a way to make to make this work?  will it work?

 

 

Many Thanks.

 

 

 

 

 

4 Replies 4

Hello
Yes it will work, Would you like to use both interfaces at the same time or use one as a backup?
There are few ways this can be achieved - depending on what you like to happen.

 

1) default static routing with a floating static + ip sla tracking

2 ) embedded event manager utilising ip sla tracking

3) load sharing using basic default static routing with same admin distance values.

items 1 & 3 are very straight forward item 2 is a little bit more indepth .


 

1) default static with floating statics using ip sla tracking

ip sla 1 icmp-echo (desitnation ip address) source-ip ( source ip address)
freq 5
exit
ip sla scheduled 1 start-time now life forever

track 1 ip sla 1 reachability

ip route 0.0.0.0 0.0.0.0 (ISP1) track 1
ip route 0.0.0.0 0.0.0.0 (ISP2) 250

 

Item 3 (load sharing)
ip route 0.0.0.0 0.0.0.0 (ISP1) 250
ip route 0.0.0.0 0.0.0.0 (ISP2) 250

 

res
Paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Hi Paul,

Many thanks for your reply, i forgot to mention that the router with the default routes (customer cpe) is a non cisco, its a Mikrotik but our entire core network is Cisco.  I need to put the static routes on our edge cisco device to route the IP block 194.12.30.0 /29 for example to the Mikrotik. In your example i think you explained about routing the traffic back using default routes, what about routing the /29 from our core to the customer router over the GRE tunnels?

The two GRE tunnel addresses are 178.16.0.0 /30 and 178.16.0.4/30

 

So could i have two static routes as follows on my cisco edge router,

ip route 194.12.30.0 255.255.255.248 178.16.0.2 200

ip route 194.12.30.0 255.255.255.248 178.16.0.6 200

Im sorry my knowledge of a floating static route is not as good as it should be, if i set the AD of 200 on both the statics like above, would that load balance traffic over both routes?  what would happen if 178.16.0.6 went down, would 50% of the traffic be blackholed, if indeed it was blackholed?

If you could clear that up for me i would really appreciate it.

 

Many Thanks.

Matt

Hello

With the load sharing option no traffic will be lost if one of the tunnel go down it would merely me that all traffic would use the one remaining default route.

 

res

Paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Hi

Be aware of the tunnel behavior, that is, if the tunnel destination is in the routingtable, then the router consider the tunnel is up, regardless if there is something in the transit that is broken. If this happens half of the traffic will be blackholed.

To overcome this, You can configure tunnel keep-alive. Or You can use a routingprotocol over the tunnels, then the protocol will take care of broken tunnels.

/Mikael

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco