Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1076
Views
0
Helpful
8
Replies

Redundancy in Cisco ASR1002

zekebashi
Level 4
Level 4

‎10-08-2017 03:51 PM - edited ‎03-05-2019 09:16 AM

Hello, 

 

What's the best way to create redundency when there are two ASR1002 chassis? Single ISP link with WAN/Internet connection at this time. So, the question really is what's the best way to configure two ASRs when there's a single ISP link and when there's two active/active WAN/Internet circuts/links? 

 

Thanks in advance. 

~zK 

Labels:
0 Helpful
8 Replies 8

trevor240
Level 1
Level 1

‎10-08-2017 04:50 PM

Hello,

 

To achieve full redundancy between the two ASRs is mainly to have two internet connections then configure an IP SLA pinging a known IP address such as 8.8.8.8 or 8.8.4.4

 

Then you want to configure HSRP, VRRP, or GLBP...

 

For HSRP it goes:

standby (group number between 0 and 255) ip (ip address of default gateway within subnet)

standby (group number) preempt delay minimum 10 (for a minimum of 10 seconds down time, or fine tune it to suit how long you expect to be down)

standby (group number) track 1

 

Someone else can fill in the commands for VRRP and GLBP. 

0 Helpful

trevor240
Level 1
Level 1

‎10-08-2017 04:51 PM

You can't have redundancy with one internet circuit... I have tried.

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎10-09-2017 05:47 AM

For a single ISP link, you cannot obtain full redundancy, as there's only one ISP link, but you can take advantage of both your ASRs. Assuming you have an Ethernet ISP connection, connect your ISP link to a switch, and both ASRs to that switch. Then, depending on how you "route" with your ISP, you might use a FHRP on your side or have both your router be destinations to your ISP router. To decrease the time it takes to recover if your switch fails, have two switches, with a router connected to each. If the switch with the ISP link fails, reconnect it to a port on the other switch (same VLAN).

If you have two ISP links, you can route across both of them concurrently, or make one a preferred path and the other just a warm backup.
0 Helpful

zekebashi
Level 4
Level 4
In response to Joseph W. Doherty

‎10-26-2017 04:38 PM

So, there is no redundancy or fail-over mechanism to enable or create so when one of the ASRs fails the standby takes over, correct?

 

We do have two active/active Internet/WAN links from the same ISP. Each link is connected directly to an ASR( ISP --- ASR1 & ISP ---- ASR2). Each ASR is connected to a different downstream switch, which aren't configured with FHRP. Each switch is connected to an ASA, which are configured with fail-over. The topology simply looks something like this: 

 

         ISP

           |

          /\

          /\

  ASR1  ASR2      -- No physical connection between the two ASRs

     |         |

  SW1 --  SW2    -- Switches are physically connected. 802.1q. No FHRP

    |           |

  ASA1 -- ASA2   -- ASAs are physically connected and configured for FO

    |           |

   SW1 -- SW2    -- Switches are physically connected. 802.1q. HSRP configured

 

I am tasked to redesign this topology so it can provide best redundancy solution. Any ideas?

 

Thanks.

 

 

 

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to zekebashi

‎10-27-2017 05:06 AM

"So, there is no redundancy or fail-over mechanism to enable or create so when one of the ASRs fails the standby takes over, correct?"

No, but it takes some additional work. As I mentioned, if your ISP connect is Ethernet, you could use an FHRP facing the ISP and a switch. But there are additional alternative.

If your ISP is willing to route to two IPs, you could again have a switch, and have traffic flow between your ISP and both routers concurrently.

If you fail over isn't required to be dynamic you could configured the second router to be link the first, but then you would need to repatch cables and perhaps activate an interface to bring it on-line.

If you're looking for "best" redundancy, you would want at second ISP link.
0 Helpful

zekebashi
Level 4
Level 4
In response to Joseph W. Doherty

‎11-02-2017 02:13 PM

Thanks for the info.

 

The ISP is providing us with two Ethernet links. Each link is connected to a different ASR1002 and we have FHRP configured but no SLA, which I am working on. I think the ISP has the two Ethernet hand-offs terminate into a switch on their end so that's how we have HSRP configured on the two ASRs. By the way, I inherited this network just a month ago so I don't have all the info.

 

So, it seems that the current redundancy/HA  solution is adequate except for the fact that the two Internet links are provisioned by the same ISP. Thoughts?

 

 

0 Helpful

zekebashi
Level 4
Level 4
In response to zekebashi

‎11-02-2017 02:18 PM - edited ‎11-02-2017 02:19 PM

Going back to my original question. I was thinking of an Inter-chassis redundancy and came across this link: https://www.cisco.com/c/en/us/td/docs/routers/asr1000/configuration/guide/sbcu/2_xe/sbcu_2_xe_book/sbc_interHA.pdf

 

 

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to zekebashi

‎11-03-2017 05:51 AM

Ah, but that's for special "application" redundancy. I.e. it's not a generic, all purpose, redundancy option.

Along that line of thinking would be SNAT, https://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/ios-software-releases-12-2-t/prod_white_paper0900aecd8052870b.html?dtid=osscdc000283.
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card