02-19-2020 03:10 AM - edited 02-20-2020 12:30 AM
Hello experts,
I just want to verify is this setup will work properly or not.
My notebook is behind WANSW1.
Now If Te1/1/3 interface goes down on WANSW1 then which route will used to go to CoreSW1 ?
My aim is to achieve:
1. 1st route via Te1/1/3 from WANSW1 to CoreSW1
2. If Te1/1/3 on WANSW1 is down then route via WANSW2 must take priority and then the VPN tunnel.
Is it possible with this config ?
Thanks in advance
Solved! Go to Solution.
02-20-2020 03:28 AM
02-19-2020 04:33 AM
Hi,
It depends on which WANSW is the primary HSRP for your notebook notebook behind WANSW2, and how did you configure the "track 247".
Although your PC is behind WANSW2, but it doesn't mean your HSRP primary for this notebook is WANSW2.
if the current primary is WANSW1 and when the WANSW2's Te1/1/1 is just down :
1. Since there is not tracking for Te1/1/1, there is no change on HSRP role. (your trunk link is still exist, the VLAN247 is still remain UP state)
2. notebook traffic will first go to WANSW1 via layer 2, and routed by WANSW1.
3. According to the routing table of WANSW1, it forwards to 10.247.27.1 (which is on VLAN 247(?))
4. Then it looking on Spanning Tree topology, seeing that WANSW1 Te1/1/1 should be the only available link to reach another side (10.247.27.1)
5. WANSW1 forward to CoreSW1 via layer 2 (VLAN 247).
However, if the current primary is WANSW2 and when the WANSW2's Te1/1/1 is just down :
1. Since there is not tracking for Te1/1/1, there is no change on HSRP role. (your trunk link is still exist, the VLAN247 is still remain UP state)
2. notebook traffic will first go to WANSW2.
3. According to the routing table of WANSW2, it forwards to 10.247.27.1 (which is on VLAN 247(?))
4. Then it looking on Spanning Tree topology, seeing that WANSW2 TRUNK should be the only available link to reach another side (10.247.27.1)
5. WANSW2 forward to WANSW1, and forward to CoreSW1; all via layer 2 (VLAN 247).
02-19-2020 09:55 PM - edited 02-20-2020 12:31 AM
I have WANSW1 is primary and WANSW2 is secondary for HSRP.
VLAN 247 - Core SW is root of spanning tree
Tracking config both WANSW:
ip sla 247
icmp-echo 10.247.27.1 source-interface Vlan247
threshold 100
timeout 1000
frequency 3
ip sla schedule 247 life forever start-time now
Tracking config both CoreSW:
ip sla 247
icmp-echo 10.247.27.254 source-interface Vlan247
threshold 100
timeout 1000
frequency 3
ip sla schedule 247 life forever start-time now
As you wrote:
However, if the current primary is WANSW1 and when the WANSW1's Te1/1/3 is just down :
1. Since there is not tracking for Te1/1/3, there is no change on HSRP role. (your trunk link is still exist, the VLAN247 is still remain UP state) - Corerct
2. notebook traffic will first go to WANSW1 - Correct
3. According to the routing table of WANSW1, it forwards to 10.247.27.1 (which is on VLAN 247(?))- Yes but the tracking will make this route down as tracking will go down and new route from 10.99.2.5 will be installed in routing table which i dont want.
Now please let me know, if the routing will work as i need or not ? let me know if i need to change anything ?
Thanks in advance
02-19-2020 10:37 PM
02-19-2020 11:08 PM - edited 02-20-2020 02:07 AM
if i Make te1/1/3 interface down then track also goes down.
Means new orute is getting installed over 10.99.2.5 which is wrong...
02-20-2020 12:16 AM
02-20-2020 12:34 AM - edited 02-20-2020 09:38 PM
Sorry for confusion..
I updated the right layout again. WANSW1 has higher priority then WANSW2 and my notebook is also behind WANSW1.
here are the config:
WANSW1#show ip route 10.247.27.1
Routing entry for 10.247.27.0/24
Known via "connected", distance 0, metric 0 (connected, via interface)
Routing Descriptor Blocks:
* directly connected, via Vlan247
Route metric is 0, traffic share count is 1
!
interface Vlan247
ip address 10.247.27.252 255.255.255.0
standby 247 ip 10.247.27.254
standby 247 priority 110
standby 247 preempt
!
interface TenGigabitEthernet1/1/3
switchport access vlan 247
switchport mode access
spanning-tree portfast
WANSW2#show ip route 10.247.27.1
Routing entry for 10.247.27.0/24
Known via "connected", distance 0, metric 0 (connected, via interface)
Routing Descriptor Blocks:
* directly connected, via Vlan247
Route metric is 0, traffic share count is 1
!
interface Vlan247
ip address 10.247.27.253 255.255.255.0
standby 247 ip 10.247.27.254
standby 247 preempt
!
interface TenGigabitEthernet1/1/3
switchport access vlan 247
switchport mode access
spanning-tree portfast
I am testing the failover from WANSW1
WANSW1 and WANSW2 has trunk port where all vlans are allowed.
Sorry again for wrong topology
Thanks
02-20-2020 01:32 AM - edited 02-20-2020 01:34 AM
Hi,
Based on your configuration, the VLAN237 is 10.247.27.0/24 such that 10.247.27.254 &10.247.27.1 are on the same subnet.
In your IP SLA's configuration, you were monitoring reachability from 10.247.27.253 to 10.247.27.1 which are on the same subnet. Imagine your layer 2 topology for VLAN237 as follow:
If Te1/1/3 is down, your layer 2 topology will change (and of coz, the spanning tree may be re-calculated depending on the location of root switch). At this moment, your IP SLA will not OR will be down until the convergence of your STP. Your IP SLA will ultimately become UP when STP is fully convergence (even the Te1/1/3 is down).
So, the steps are still the same as follow:
Given that if the current primary is WANSW1 and when the WANSW1's Te1/1/1 is just down :
1. Since there is not tracking for Te1/1/3, there is no change on HSRP role.
2. notebook traffic will first go to WANSW1 via layer 2.
3. According to the routing table of WANSW1, it forwards to 10.247.27.1 (as your IP SLA is UP)
4. Then it looking on Spanning Tree topology, seeing that WANSW2 Te1/1/1 should be the only available link to reach another side (10.247.27.1)
5. WANSW1 forward to WANSW2 , then to CoreSW1 via layer 2 (VLAN 247).
02-20-2020 01:51 AM
Ok I will test again today evening and let you know.
Thanks for help.
02-20-2020 02:04 AM - edited 02-20-2020 02:13 AM
Hi,
The issue i am facing is:
Once i shut the interface Te1/1/3 my track 247 goes down and if it goes down then switch take the 2nd best route and that is via VPN which i dont want.
here is the screenshot
WANSW2(config)#int TenGigabitEthernet1/1/3
WANSW2(config-if)#shut
!
WANSW2#sh ip route track-table
ip route 0.0.0.0 255.255.0.0 Vlan247 name DARKFIBRE track 247 state is [down]
Thanks
02-20-2020 03:28 AM
02-20-2020 03:58 AM - edited 02-20-2020 04:03 AM
You were right.
Earlier Spanning tree root for VLAN 247 was the CoreSW1.
Now i changed it and WANSW1 is the root for vlan 247.
After change I shut down the interface on WANSW2 and track was ..
ip route 0.0.0.0 255.255.0.0 Vlan247 name DARKFIBRE track 247 state is [up]
I will again test the failover of both WAN switch in evening and let you know.
Thanks
02-20-2020 09:37 PM
Hi,
It is working now.
Failover is smooth, once I make the WANSW1 spanning tree root for vlan 247.
Thanks for your help.
02-20-2020 12:15 AM
Hello,
post the full running configs of all devices. It is unclear how your IP addressing is configured...
02-20-2020 01:26 AM
Hello
@ittechk4u1 wrote:
My notebook is behind WANSW1.
Now If Te1/1/3 interface goes down on WANSW1 then which route will used to go to CoreSW1 ?
My aim is to achieve:
1. 1st route via Te1/1/3 from WANSW1 to CoreSW1
2. If Te1/1/3 on WANSW1 is down then route via WANSW2 must take priority and then the VPN tunnel.
Is it possible with this config ?
It is possible however, looking at your topology it suggests your aim isn’t going to work as expected at this time.
The interconnection between the WANSWx devices shows a L2 interconnect however you also show HRSP i assume for internal clients, But for HRSP to function there needs to a L3 connected between the WANSWx
You also show static routing with iplsa tracking with the same default routes on each WANSWx and with HRSP suggests may have mHRSP?
For the WANSWx switchs to take the tunnel path basically as a third optimal path then you need to make sure when either their primary interface fails there is a preferred route via each WANSWx before the second defined static route you show in you diagram is preferred
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide