Showing results for 
Search instead for 
Did you mean: 

IP SLA with one outgoing interface

friends i have a scenario where my client has two ISPs connected


WAN Gateway 1 :  ISP A  - ISP provided 800 Series router

WAN Gateway 1 :  ISP B - ISP provided 800 Series router

I have a third router 1841 which has configured and sends all traffic to .5 as of now using a default route. Sitting on this router i can ping .5 & .7  as these interfaces and .254 goes to same switch. (please check attached topology)

I was studying about IP SLA to give ISP redundancy but i see i need two outgoing interfaces but in my case i have only one. .254 So any idea how i can achieve ISP redundancy.

Jon Marshall
VIP Community Legend

You should still be able to use IP SLA on the 1841.

You can ping an IP on the internet but you need to make sure that the ping can only be sent via the active router.

So on the 1841 you could either -

1) use a static route for the IP on the internet with the next hop of and make that a permanent route with the "permanent" keyword


2) use PBR on the 1841 to force traffic to the internet IP to use next hop IP of

what you are basically doing is making sure if the IP SLA fails then the ping being sent is not then successful via the other link or it will just switch back and forth between the two routers.

Obviously the IP you pick for your IP SLA test should not be an IP your users try to access.

Alternatively you could use an IP within the ISP network.


hi jon. thanks for the quick reply.

can you help me more with the clarification on above.

say i would ping now first thing is you asked me to configure a static (Default i believe) to send all traffic to .5 using permanent...

so is the config looks like below

#ip route permanent

#ip route 10                     <10 for manual metric, not sure if this is required>

# IP-SLA configuration to ping to <i am not sure on this config, if you have this or you can provide me, else i can do some digging>

so above makes sense or i am missing something.

The default route is not the permanent route.

It is the route to the internet IP you are using for your IP SLA and you need to test the permanent keyword because sometimes it does not work and then you need PBR.

The issue is this -

your router pings x.x.x.x on the internet and if the pings fails it uses your other default route

But if the router can ping x.x.x.x via the backup link then it tries to go back to the primary router even though it's link is still down.

So you need to make sure the ping always goes to the primary router.

You need the AD of 10 or whatever otherwise both routes are used and you only want the other route to be used if the main link goes down.