Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
361
Views
0
Helpful
2
Replies

IP SLA - Very obscure question!

Go to solution
Christopher Wibberley
Level 1
Level 1

‎06-11-2013 07:19 AM - edited ‎03-04-2019 08:09 PM

Hi,

I have a question about whether I can force an interface into down state if another interface is down (or a tracking object is down).

Our topology is:

CORE --- CE ROUTER 1 --- SWITCH

  |                       |

  ------ CE ROUTER 2 ------

Primary IP addressing:

[www]---CORE---140.0.0.1

140.0.0.2---CE ROUTER 1---39.0.0.1

Secondary IP addressing:

[www]---CORE---150.0.0.1

150.0.0.2---CE ROUTER 2---39.0.0.1

On the core router, we have a static route to 140.0.0.0/30 and 39.0.0.0/29 with a next hop of 140.0.0.2. These two static routes are tracked by an IP SLA that pings 140.0.0.2.

On the core router, we have a static route to 39.0.0.0/29 with a next hop of 150.0.0.2 with an AD of 100.

On the CE Router 1 (primary) we had HSRP set up that was tracked by an IP SLA that pinged 140.0.0.1. If the tracker went down, HSRP failed over. During this scenario, the IP SLA on the core router also failed, bringing down the static route to 39.0.0.0/30 through the primary line, and installed the route to 39.0.0.0/30 through the backup line (150.0.0.0/30).

That all worked fine. I have now been asked to set up HSRP on the LAN side too. I created a new tracker that tracked the line protocol of the LAN interface. I added that to the HSRP config. Now, if either the line protocol of the LAN interface fails, or (as before), if there is a WAN link failure, HSRP fails over. That works on the customer's side.

However, during a simulated LAN cable failure, HSRP goes down on the customer primary router, and fails over to the secondary router. So now, all traffic destined for the internet exits through the secondary router. However the IP SLA on the core router is still working (no WAN line failure) and so the return traffic comes back through the primary router, cannot get anywhere and is black holed.

I have got around this by changing the core router IP SLA to ping 39.0.0.1 instead, and although not test yet, should work. However, I was wondering whether there was any way around this without touching the core router? Can I set up anything on the CPE that automatically brings down the WAN interface should the LAN interface fail also, thus making the core IP SLA fail?

I've searched around but cannot find anything - has anybody got any ideas?

Thank you,

Chris.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
mfurnival
Level 4
Level 4

‎06-11-2013 08:09 AM

You could configure EEM (Embedded Event Manager) to carry out an action following an event.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
mfurnival
Level 4
Level 4

‎06-11-2013 08:09 AM

You could configure EEM (Embedded Event Manager) to carry out an action following an event.

0 Helpful

Go to solution
Christopher Wibberley
Level 1
Level 1
In response to mfurnival

‎06-11-2013 08:22 AM

Perfect, it's all sorted - thank you.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card