12-17-2023 07:01 AM - last edited on 12-18-2023 01:12 PM by Translator
SIT Router (Active Router)
SIT DMZ (Standby router)
Configuration:
SIT (Active)
int g0/0/1.20
standby 2 ip 10.16.0.254
standby 2 priority 110
standby 2 preempt
standby track s0/1/0
int g0/0/1.10
standby 1 ip 10.17.0.254
standby 1 priority 110
standby 1 preempt
standby track s0/1/0
DMZ (Standby)
int g0/0/1.20
standby 2 ip 10.16.0.254
standby 2 preempt
standby track s0/1/0
int g0/0/1.10
standby 1 ip 10.17.0.254
standby 1 preempt
standby track s0/1/0
The traffic is supposed to flow from SDM PC to SIT PC via SIT Router(Active), However it is flowing to (SIT DMZ).
How do I correct this?
From the diagram below, the red arrows with cross is what is happening when packets are returning, which is not supposed to be. The correct traffic flow should be the orange arrows.
Please help to solve.
Solved! Go to Solution.
12-17-2023 09:15 AM - edited 12-17-2023 09:15 AM
Hello @212935n
It seems like the traffic is taking the path through the DMZ router instead of the SIT router as concerned the "return trafic".
On the router where there the 2 serial links towards SIT and DMZ router, add floating static routes. Add an administrative distance of 10 on the static route pointing DMZ ROUTER and let to default (1) the other static route towards SIT ROUTER.
Floating static routes are used in scenarios wherein the static route is configured with a higher Administrative Distance than the preferred route so that the best path is chosen for the packet to traverse towards its destination.
12-17-2023 07:08 AM
this design will generate Asymmetric traffic Flow,
you need make Two sided HSRP
you need to config HSRP with track
the Side that face router config the router with static route toward VIP of HSRP
this solve your asymmetric traffic.
MHM
12-17-2023 07:10 AM
12-17-2023 07:18 AM
12-17-2023 02:33 PM
12-17-2023 08:01 PM
Using static
Yes you need.
Also as I mention you need defualt route toward HSRP VIP group 1
Using ospf
And for ospf with hsrp we can not control traffic and you always face asymmetric traffic except if you use EEM to change ospf metric with status of active/standby of HSRP.
MHM
12-17-2023 09:54 PM - last edited on 12-18-2023 01:38 PM by Translator
for static the floating route not help you in this case
M02@rt37 can you more elaborate how it solve asymmetric routing here ?
for my suggestion
this lab simply the config one static route in R3 toward HSRP VIP of R1/R2
and you can see the traceroute detect the change of active and standby and show only one and same one hop either R1 or R2
for OSPF, I dont have PKT, can you check if
event
command is accept or not, as I know the PKT is not capable for EEM
sorry
MHM
12-17-2023 09:15 AM - edited 12-17-2023 09:15 AM
Hello @212935n
It seems like the traffic is taking the path through the DMZ router instead of the SIT router as concerned the "return trafic".
On the router where there the 2 serial links towards SIT and DMZ router, add floating static routes. Add an administrative distance of 10 on the static route pointing DMZ ROUTER and let to default (1) the other static route towards SIT ROUTER.
Floating static routes are used in scenarios wherein the static route is configured with a higher Administrative Distance than the preferred route so that the best path is chosen for the packet to traverse towards its destination.
12-17-2023 02:21 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide