04-29-2014 07:55 AM - edited 03-04-2019 10:52 PM
this is my config, trying to failover using WAN links between two sites , two c3750x one at each site. connected to Internet via Watcghuard XTM 505 devices and connected to each other for WAN -point to point link, that i want to use for failover.
it does failover but for some reason internet goes dead after every 30 seconds for around 30 seconds then comes on for 30 seconds and goes down after 30 seconds, its like a loop.
not sure what i am missing in config.
track 1 ip sla 1 reachability
delay down 30 up 30
!
track 2 ip sla 2 reachability
delay down 30 up 30
interface GigabitEthernet1/0/23
switchport access vlan 88
switchport mode access
!
interface GigabitEthernet1/0/24
switchport access vlan 999
switchport mode access
interface Vlan88
ip address 172.16.100.1 255.255.255.0
!
interface Vlan999
ip address 172.16.10.1 255.255.255.0
ip route 10.0.0.0 255.255.255.0 172.16.100.2 track 2
ip route 0.0.0.0 0.0.0.0 172.16.10.10 track 1
ip route 10.0.0.0 255.255.255.0 172.16.10.10 10
ip route 0.0.0.0 0.0.0.0 172.16.100.2 10
04-29-2014 08:03 AM
attached is network overview diagram, i didn't include all subnets in above config.
04-29-2014 08:37 AM
sorry missed actual sla commands.
ip sla 1
icmp-echo 8.8.8.8
frequency 10
ip sla schedule 1 life forever start-time now
ip sla 2
icmp-echo 172.16.100.1
frequency 10
ip sla schedule 2 life forever start-time now
04-29-2014 09:11 AM
04-29-2014 09:17 AM
Hi Yashton
i attached current config for both cisco switches.
you mean use like this
ip sla 1 ip address 172.16.10.10
icmp-echo 8.8.8.8
frequency 10
ip sla schedule 1 life forever start-time now
ip sla 2 ip address 172.16.100.2
icmp-echo 172.16.100.1
frequency 10
ip sla schedule 2 life forever start-time now
04-29-2014 10:53 AM
Hi,
Your sla should look like this:
ip sla 1
icmp-echo 172.16.10.10
frequency 10
ip sla schedule 1 life forever start-time now
ip sla 2
icmp-echo 172.16.100.2
frequency 10
ip sla schedule 2 life forever start-time now
04-29-2014 11:51 AM
Hi
if we pinging 172.16.10.10 that is my router IP , that will never go offiline . but instead internet itself can go down beyond router thats why we should ping external IP .
i think i need to define which route to be used for pinging 8.8.8.8
may be a static route than to tell it go out only via bham site router, for ipsla ping only.
not sure if we can tell ip sla command to use a specific gateway to ping . may be use specific interface only. that is connected to firewall.
04-29-2014 12:02 PM
hi,
if you ping 8.8.8.8 with source ip 172.16.10.1 while the line is down, you get replay?
if not you should configure the ip sla 1 with source ip address.
or try to track the line ip addrees (over the XTM).
04-29-2014 12:14 PM
i need to test that,
what if I define IP address on Interfaces for router uplink and point to point lines, instead of using VLANs for these two links. and not sure if can define interface to use in ipsla command. somehow need to restrict ipsla icmp to go out only via one route.
04-29-2014 10:24 AM
goolged around not sure if below is correct format. e.g. at site BHAM to ping 8.8.8.8 via firewall at BHAM only which have IP 172.16.10.10
ip sla 1
icmp-echo 8.8.8.8 source-ip 172.16.10.10
frequency 10
ip sla schedule 1 life forever start-time now
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide