Solved: how to use same ip pool on two sides

luqman_khalid · ‎12-11-2019

Please find the picture.

how can i access/use LAN public IPs (configured on Site A) to use on site B , if both internet connection on Site A are down.

#bgp

#redundancy

Georg Pauwen · ‎12-11-2019

Hello,

in your drawing, you have the below:

Site A
LAN IP = 221.120.24.192/26

Site B
LAN IP = 221.120.214.192.26

Since you are saying you are using the SAME address pool, I suppose the third octet should be the same, and this is a typo ?

Either way, if you are using the exact same addresses on both sides, your best option is probably to configure two IP SLAs on the Site A router and and EEM script that implements NAT when both Internet connections are down.

Post the full running config of the Site A router, so we can fill in the bits and pieces.

View solution in original post

balaji.bandi · ‎12-11-2019

Is the traffic coming from inside or outside LAN ?

Hope you already running the IGP between the side as per the Link ?

how is your external routing ? BGP ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

luqman_khalid · ‎12-11-2019

1. External routing is through BGP.

2. inside the link between site A and B , i am planning to use iBGP.

3. Public IP is assigned to LAN side through internet links of fiber and DRS .

Georg Pauwen · ‎12-11-2019

Hello,

in your drawing, you have the below:

Site A
LAN IP = 221.120.24.192/26

Site B
LAN IP = 221.120.214.192.26

Since you are saying you are using the SAME address pool, I suppose the third octet should be the same, and this is a typo ?

Either way, if you are using the exact same addresses on both sides, your best option is probably to configure two IP SLAs on the Site A router and and EEM script that implements NAT when both Internet connections are down.

Post the full running config of the Site A router, so we can fill in the bits and pieces.

luqman_khalid · ‎12-11-2019

i have attached configuration of both sites A and B.

and there is no typo. Please suggest possible solution.

Georg Pauwen · ‎12-11-2019

Hello,

your original post was about using the same IP pool on both sides. If what you have posted is not a typo, where are the same IP addresses configured ?

I was about to lab this, but there are some inconsistencies:

Site A router has configured 221.120.214.177 as neighbor, there is no corresponding IP address on the Site B router. In fact, your Site B router as no LAN IP address at all. The fiber link is between 192.168.1.2 and 192.168.1.3. What is the LAN IP adress for Site B supposed to be ?

Also, the Site A router has Vlan 1 configured with IP address 221.120.212.65/32, while in your drawing, it is 221.120.24.192/26. Which one is it ?

Post the correct confiigurations with the correct IP addresses you actually want to use, including the iBGP link between both routers. Based on that, we can suggest a solution.

luqman_khalid · ‎12-11-2019

sorry i forget to mention Site B is not still configured, i want to configured both sites as per my drawing and scenario but still not configured both site.

Thanks for your help.

i will ask if there is any problem.

balaji.bandi · ‎12-11-2019

@Georg Pauwen suggested, your configuration is incompleted - i have looked at the both the config - i have seen only static route towards outside, ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Georg Pauwen · ‎12-12-2019

Hello,

I think there might be an even easier way to accomplish what you want, and it doesn't involve NAT. Basically, you still configure 2 IP SLAs on the Site A router, if both ISPs are down, the BGP neighbors to the ISPs will be removed, and a default route to Site B will be installed. Also, a ping to Site B will be sent, which causes the Site B router to run an EEM script that installs a static host route to the server on Site A. You don't need NAT, since the static host route will override everything else.

The configs would look like this (important parts marked in bold). I have not configured the eBGP neighbors on the Site B router, since no information has been given.

Site A Router

track 1 ip sla 1 reachability
track 2 ip sla 2 reachability
track 3 list boolean or
object 1
object 2
!
interface Loopback1
ip address 1.1.1.1 255.255.255.255
!
interface GigabitEthernet0/0
description *** internet on fiber *** VLAN# 502
ip address 221.120.214.178 255.255.255.252
duplex auto
speed auto
!
interface GigabitEthernet0/1
description *** internet on DRS Link VLAN#1065 ****
ip address 58.181.114.170 255.255.255.252
duplex auto
speed auto
!
interface GigabitEthernet0/1/0
description *** Fiber up Link1 ****
ip address 192.168.1.2 255.255.255.0
no negotiation auto
!
interface GigabitEthernet0/0/0
description *** To customer LAN Switch over VLAN 1 ***
no ip address
!
interface GigabitEthernet0/0/1
no ip address
!
interface GigabitEthernet0/0/2
no ip address
!
interface GigabitEthernet0/0/3
no ip address
!
interface Vlan1
description *** Customer LAN 1 ***
ip address 221.120.212.65 255.255.255.252
!
router bgp 65468
bgp log-neighbor-changes
neighbor 58.181.114.169 remote-as 17557
neighbor 221.120.214.177 remote-as 17557
neighbor 192.168.1.3 remote-as 65468
neighbor 192.168.1.3 next-hop-self
!
address-family ipv4
network 221.120.212.64 mask 255.255.255.252
network 221.120.214.192 mask 255.255.255.192
redistribute static
neighbor 58.181.114.169 activate
neighbor 58.181.114.169 weight 100
neighbor 58.181.114.169 allowas-in
neighbor 58.181.114.169 soft-reconfiguration inbound
neighbor 221.120.214.177 activate
neighbor 221.120.214.177 weight 200
neighbor 221.120.214.177 allowas-in
neighbor 221.120.214.177 soft-reconfiguration inbound
exit-address-family
!
ip forward-protocol nd
!

ip route 221.120.214.192 255.255.255.192 221.120.212.66
!
ip sla 1
icmp-echo 8.8.8.8 source-interface GigabitEthernet0/0
frequency 5
!
ip sla schedule 1 life forever start-time now
!
ip sla 2
icmp-echo 8.8.8.8 source-interface GigabitEthernet0/1
frequency 5
!
ip sla schedule 2 life forever start-time now
!
event manager applet ISP_DOWN
event track 3 state down
action 1.0 cli command "enable"
action 2.0 cli command "conf t"
action 3.0 cli command "router bgp 65468"
action 4.0 cli command "no neighbor 58.181.114.169 remote-as 17557"
action 5.0 cli command "no neighbor 221.120.214.177 remote-as 17557"
action 6.0 cli command "exit"
action 7.0 cli command "ip route 0.0.0.0 0.0.0.0 192.168.1.3"
action 8.0 cli command "end"
action 9.0 cli command "ping 192.168.1.3 repeat 1"
!
event manager applet ISP_UP
event track 3 state up
action 1.0 cli command "enable"
action 2.0 cli command "conf t"
action 3.0 cli command "router bgp 65468"
action 4.0 cli command "neighbor 58.181.114.169 remote-as 17557"
action 5.0 cli command "neighbor 221.120.214.177 remote-as 17557"
action 6.0 cli command "exit"
action 7.0 cli command "no ip route 0.0.0.0 0.0.0.0 192.168.1.3"
action 8.0 cli command "end"
action 9.0 cli command "ping 192.168.1.3 source Loopback 1 repeat 1"

Site B Router

interface GigabitEthernet0/0
description *** internet on fiber link VLan # 733 ***
ip address 58.181.114.78 255.255.255.252
duplex auto
speed auto
!
interface GigabitEthernet0/1
description *** internet on DRS link VLAN# 779 ***
ip address 119.159.232.130 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/0/1
no ip address
shutdown
duplex auto
speed auto
!
interface GigabitEthernet0/1/0
description *** Fiber up Link ****
ip address 192.168.1.3 255.255.255.0
media-type sfp
!
router bgp 65468
neighbor 192.168.1.2 remote-as 65468
neighbor 192.168.1.2 next-hop-self
!
ip forward-protocol nd
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip route 0.0.0.0 0.0.0.0 119.159.232.129
ip route 0.0.0.0 0.0.0.0 58.181.114.77
!
event manager applet ISP_SITE_A_DOWN
event syslog pattern "echo reply sent, src 192.168.1.3, dst 192.168.1.2"
action 1.0 cli command "enable"
action 2.0 cli command "conf t"
action 3.0 cli command "ip route 221.120.24.193 255.255.255.255 192.168.1.2"
action 4.0 cli command "end"

!

event manager applet ISP_SITE_A_UP
event syslog pattern "echo reply sent, src 192.168.1.3, dst 1.1.1.1"
action 1.0 cli command "enable"
action 2.0 cli command "conf t"
action 3.0 cli command "no ip route 221.120.24.193 255.255.255.255 192.168.1.2"
action 4.0 cli command "end"

luqman_khalid · ‎12-12-2019

thanks let me complete configuration then i will give my feedback.
thanks for your help