cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
8105
Views
0
Helpful
11
Replies

How to track default route

Kesar123456
Level 1
Level 1

Hello,

We have both internet Circuit and MPLS Circuit terminating on same router at one of the location.. Problem is that when internet circuit goes down.

Users are not able to access internet, however they can access it Via MPLS circuit.

So is there any way to automate it.

On Router we default route pointing ASA.

ip route 0.0.0.0 0.0.0.0 10.50.1.1

And on ASA we have default route towards Service Provider gateway.

route outside 0.0.0.0 0.0.0.0 *.*.*.*

        

Arun

11 Replies 11

Julio Carvajal
VIP Alumni
VIP Alumni

Hello Arun,

Yes, it is you can use SLA for this...

So which device is the one connecting to both the internet circuit and the MPLS network, is it the ASA or the router??

This because the configuration will change from one box to the other, ( If it;s the router what model you have and what version)

Regards

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Router and model is 2821.

c2800nm-advipservicesk9-mz.124-8a.bin

ASA is behind Router.

Hello,

Got it but who is the one connecting to the MPLS and internet?

Is it the router or the ASA??

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

As I understand it, Arun stated that both terminate on the router.

So my interpretation of this is:
MPLS direct to the router. And from the ASA to the router.

Then the ASA has the link to the ISP.

This is the reason I only specified config for router (IMHO only config required is on the router), based on my understanding of the question, please correct me if I got it wrong :-)

Sent from Cisco Technical Support iPhone App

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

Hello Bilal,

Well let's confirm it;

If that is correct then your configuration is good,

Just make sure you have reachability via the ASA to 8.8.8.8.

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Helllo
This sla config is tracking an Internet addresss so given that both links will be able to see this address it may be wise to track the wan next hop address or
the line- protocol of the link instead


track 1 interface xx ip routing (this will track both the line protocol and the IP address)

Res
Paul

Sent from Cisco Technical Support iPad App


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Hello Paul,

Not sure that I think the same way, I mean even if we have both ways to get to that destination only one will be used ( based on the (AD)..

So with the configuration provided before we are going to be good, I mean your's is another way to do it but what Bilal and I have suggested is also accurate

Regards

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Bilal Nawaz
VIP Alumni
VIP Alumni

On the router you can have 2 static routes but one will be active - the other will be standby. (floating static route)

Router Config:

ip sla monitor 1

type echo protocol ipIcmpEcho 8.8.8.8

frequency 5

ip sla monitor schedule 1 life forever start-time now

!

track 1 rtr 1 reachability

!       

interface FastEthernet0/0

ip address 10.50.1.2 255.255.255.0

duplex auto

speed auto

!

ip route 0.0.0.0 0.0.0.0 10.50.1.1 track 1 (THE MAIN ROUTE - OUT THE ASA) PRIMARY ROUTE

ip route 0.0.0.0 0.0.0.0 100.100.100.1 2 (Metric of 2 - which is less prefered OUT THE MPLS) SECONDARY ROUTE

So you have two default routes - the one with the track command is primary - it has a metric of 1 but is being tracked!

The sla and track will ping 8.8.8.8 and if successful it will install this in the routing table. If it cant get to 8.8.8.8 it is removed and therefore the second static route will be your default route. This 8.8.8.8 address can be any internet address you wish. Or can be your service providers interface. Depends where you determine the point of failiure should be with your tracking.

Track and SLA commands vary from IOS versions.

You can see my working example I tested in a lab couple of days ago:

https://supportforums.cisco.com/message/3900451#3900451

I hope this helps.

Please rate useful posts and remember to mark any solved questions as answered. Thank you.

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

Hi,

I'm interested on this topic (although it passed few years).

The configuration above is when 1 router has 2 default routes to ISP (or internet).

If I have 2 routers, running on OSPF protocol each other (and become neighbor each other) and each router has its own default routes, does it possible to apply default route tracking configuration?

The goal is when the internet on router A is down, then the default route would change to router B (the internet pass to router B).

Thank you.

Arie

My question here: The primary default route is not in the routing table as long as I can reach 8.8.8.8 right? If so How can I reach 8.8.8.8 if the default route is not installed in the first place?

Regards

Hi All,

 

I was trying to find some tracking code on Google when I dropped into this thread.  Figured I could through in some general information.  IP SLA and Tracking code vary a bit between IOS but they are somewhat consistent, look up the specific configurations for the code you are using though.  

 

To answer the one question, if you are using OSPF on two different routers and pointing those to two different ISPs, most likely you are injecting a default route from both routers into OSPF.  If you are doing this, the redistribution from static to OSPF only occurs if the static route is present in the routing table.  IP SLA and tracking can remove that static route from existing in the routing table, so doing so, deletes the redistributed route into OSPF.  Therefore traffic should flow to the other router which, presumably, still has the other ISP connection up.  The same principle applies to a single router and multiple static default routes.  You can remove the static route and send traffic out the other ISP.  

 

First thing we do is configure the IP SLA.  I would recommend always pointing that to your next hop address, the other end of your Public /30 IPs for example or if you are running something like DHCP or PPPoE finding out the next hop IP address and configuring your IP SLA to point to that.  

 

config t

ip sla 500
 icmp-echo 10.10.13.1 source-ip 10.10.13.3
 frequency 5
 ip sla schedule 500 life forever start-time now
end

wr

 

The 10.10.13.1 in this case is just my upstream router in a lab I'm running, my interface is .3, the interconnect is a /24.  This would never happen in real life but this is the lab.  This SLA is fairly basic, it just says, ping this IP address (10.10.13.1) every 5 seconds (frequency).  Then, start this IP SLA now, and run it forever.  

 

R3#show ip sla summary
*500 icmp-echo 10.10.13.1 RTT=16 OK 2 seconds ago

 

You can run the above commands and see that the IP SLA is in operation.  And that you can ping the specified interface.  So more or less this shows that we have Layer 3 connectivity to our upstream ISP.  Another helpful command is the show ip sla configuration command:

 

R3#show ip sla configuration 500
IP SLAs Infrastructure Engine-III
Entry number: 500
Owner:
Tag:
Operation timeout (milliseconds): 5000
Type of operation to perform: icmp-echo
Target address/Source address: 10.10.13.1/10.10.13.3
Type Of Service parameter: 0x0
Request size (ARR data portion): 28
Verify data: No
Vrf Name:
Schedule:
Operation frequency (seconds): 5 (not considered if randomly scheduled)
Next Scheduled Start Time: Start Time already passed
Group Scheduled : FALSE
Randomly Scheduled : FALSE
Life (seconds): Forever
Entry Ageout (seconds): never
Recurring (Starting Everyday): FALSE
Status of entry (SNMP RowStatus): Active
Threshold (milliseconds): 5000
Distribution Statistics:
Number of statistic hours kept: 2
Number of statistic distribution buckets kept: 1
Statistic distribution interval (milliseconds): 20
Enhanced History:
History Statistics:
Number of history Lives kept: 0
Number of history Buckets kept: 15
History Filter Type: None

 

So now we have the IP SLA in operation.  Now we need to track when it is working and when it isn't working.  In comes the tracking objet.  I used IP SLA 500, so I'll use the tracking 500 as well to keep it consistant in the configurations.

 

config t

 track 500 ip sla 500 reachability
 default-state up
 delay down 2 up 90

end

wr

 

Assign track 500, to IP SLA 500.  The default state is up, I'm doing that because I don't want to kill connectivity if there's a questionable situation where the IP SLA might be up or might not be up.  I'm then saying delay by 2 seconds before taking the action on down, and delay by 90 seconds before taking action on up.  This is mostly to prevent any kind of flapping on the ISP part from bringing up traffic too soon on the link.  I only want to start sending traffic over my primary ISP, if I'm sure the primary ISP is stable.

 

R3#show track 500
Track 500
IP SLA 500 reachability
Reachability is Up
3 changes, last change 00:08:48
Delay up 90 secs, down 2 secs
Latest operation return code: OK
Latest RTT (millisecs) 20
Tracked by:
STATIC-IP-ROUTING 0

 

When this is applied and you are watching the console or have terminal monitoring enable you should also see the log message of the tracking session coming up:

 

*Nov 19 20:04:38.791: %TRACKING-5-STATE: 500 ip sla 500 reachability Down->Up

 

Now we have the IP SLA monitoring the next hop interface, and we have created a tracking 'session' relating to that IP SLA.  We are actively monitoring ("tracking") when we have upstream connectivity to our upstream next hop.  Now we apply that to our routes.  

 

config t

 ip route 0.0.0.0 0.0.0.0 10.10.13.1 track 500

 ip route 0.0.0.0 0.0.0.0 10.10.35.3 250

end

wr

 

So the above sample code is very basic.  We are putting two default routes into the routing table.  One has the default static route Administrative Distance of 1, while the other I've configured for an AD of 250.  The 250 default static route is usually refered to as a floating default route.  Which is to say, it doesn't show up in the routing table as long as their is a better default route (with a lower Administrative Distance) in the routing table.  That more prefered route is the first route entered.  The first default route though is associated with tracking object 500.  It only gets entered into the routing table if the tracking object is up, which is based on the IP SLA pinging the upstream next-hop.  If the next-hop isn't reachable this route gets pulled out of the routing table.  Then the floating static gets inserted into the routing table.  

 

Generally I wouldn't roll something this simple out entirely.  I would have 2 IP SLAs for both upstream ISPs, and a tracking object for each IP SLA.  I would associate both default routes with a tracking object.  If for no other reason as I want logs for when my ISPs are going up and down with appropiate time-stamps.  

Doing this same thing in multiple router environments is just adding the redistribution into your IGP of choice.

 

 

 

 

Review Cisco Networking for a $25 gift card