Solved: "Redundant" WAN connections in a colo...

rudepeople · ‎08-23-2019

We installed an ISR4321k9 in a colo today and the guy doing the physical install was informed we were given a redundant network connection, so clickclick, we're connected to two WAN ports!

Trouble is, they only gave us a /28 subnet with addresses "172.8.0.36" through "172.8.0.46". (Obviously fake IPs are fake).

Of course I'm programming this remotely, which is a lot like changing a tire while driving down the freeway.

The trouble I'm having is this; I'm trying to follow this doc about fail-over internet connections, but when I try to set the WAN1 IP, I get this:

% 172.8.0.32 overlaps with GigabitEthernet0/0/0

Now, I'm not entirely sure where 172.8.0.32 came from, our gateway is 172.8.0.33, and I specifically used the command "ip address 172.8.0.37 255.255.255.240"...
I suspect its not working by design (why the crap would I have redundant wan connections on the same subnet to begin with?) but I really need some redundancy in this router... any suggestions?

Richard Burts · ‎08-23-2019

where it comes from is that 172.8.0.32 is the subnet of the address that you are attempting to configure. And sure enough it does overlap with the existing subnet on Gig 0/0/0.

In my experience when an ISP gives you a subnet that large they are expecting one of two things:

1) they are expecting that you will have more than one router connecting in that subnet.

2) they are expecting that you will use that subnet (or most of it) for address translation.

As far as I can tell you are not doing either of these.

Cisco IOS does not support having two routed ports on the same router to be in the same IP subnet. There is a way to get two interfaces connected if you see much benefit in that physical redundancy. But it makes the config more complex, and it uses only a single IP address. You could configure Integrated Routing and Bridging. You would remove the IP address from both interfaces, you would enable bridging on both interfaces, you would configure a Bridged Virtual Interface and assign the IP address to the BVI. This would allow your router to have two physical interfaces connected to the ISP, sharing a single IP address. In your perspective is that benefit worth the effort? My suggestion is to take a closer look at the agreement with the ISP and get a better understanding of what they intended this "redundant network connection" to accomplish.

HTH

Rick

HTH

Rick

View solution in original post

Richard Burts · ‎08-23-2019

where it comes from is that 172.8.0.32 is the subnet of the address that you are attempting to configure. And sure enough it does overlap with the existing subnet on Gig 0/0/0.

In my experience when an ISP gives you a subnet that large they are expecting one of two things:

1) they are expecting that you will have more than one router connecting in that subnet.

2) they are expecting that you will use that subnet (or most of it) for address translation.

As far as I can tell you are not doing either of these.

Cisco IOS does not support having two routed ports on the same router to be in the same IP subnet. There is a way to get two interfaces connected if you see much benefit in that physical redundancy. But it makes the config more complex, and it uses only a single IP address. You could configure Integrated Routing and Bridging. You would remove the IP address from both interfaces, you would enable bridging on both interfaces, you would configure a Bridged Virtual Interface and assign the IP address to the BVI. This would allow your router to have two physical interfaces connected to the ISP, sharing a single IP address. In your perspective is that benefit worth the effort? My suggestion is to take a closer look at the agreement with the ISP and get a better understanding of what they intended this "redundant network connection" to accomplish.

HTH

Rick

HTH

Rick

rudepeople · ‎08-26-2019

Yeah. I think you're right about the expectation for us to have dual routers. Maybe I'll set that up some day, but right now, it doesn't make much sense to have that much redundancy. I think we'll just operate as is, and look into a spare router in the distant future for... I dunno... load balancing?

I've shutdown the second "WAN" interface, no sense leaving it active when it literally does nothing.

Richard Burts · ‎08-26-2019

Thanks for the information. I agree that in the short term that shutting down the second WAN interface is the reasonable thing to do. Some time in the future you can plan for a second router and if you implement a second router you might use it for load balancing or perhaps just for redundancy. In the mean time you have plenty of addresses if you need to do additional address translation, or need to have static nat to make some resource inside your network available from the outside.

Thank you for marking this question as solved. This will help other participants in the community to identify discussions which have helpful information.

HTH

Rick

HTH

Rick