Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1345
Views
0
Helpful
11
Replies

Two ISP's with failover and port services directing

Michael Durham
Level 4
Level 4

‎12-22-2023 12:31 PM

This is going to be complicated!!! Thanks in advance for any help you can provide. There are several goals within my request for assistance.

I am trying to set up Internet service provider failover on my Cisco C2901 router running IOS 15.7(3)M5. I have done this in the past but I am forgetting something this time. Here is my config

C2901 g0/1 -----> g1/0/44 C3750v2 g1/0/45 -----> T-Mobile Business Internet Router (vlan 479)
g0/0.12 -----> g1/0/47 C3750v2 g1/0/48 -----> f0/48 C2960 f0/46 ---> g0/8 C2960 g0/2 ----> T-Mobile Home Internet Router (vlan 12)

The T-Mobile Business connection on vlan 479 works perfectly and is my main internet connection. It also has a static public IP address. However, every once in a while it quits working and I end up with no internet.

Right now the C3750v2 switch will automatically reset the T-Mobile Business router by powering off and on the port it is connected to as its a PoE device. Most of the time the internet comes back up within 3-4 minutes. But when it does not come back up within 5 minutes, I want my router to switch over to the backup T-Mobile Home internet service. Its is strange that from the very same cell tower, the business service may go down while the home service does not and vice versa.

The problem that I am having is that I cannot ping out the T-Mobile Home internet service from the C2901 router or the C3750v2 switch but I can from both C2960 switches.

To make this a little more complex, I would like to set up ALL streaming video services and port 80 surfing always go out the T-Mobile Home internet as its 250-300Mbs download speed and the T-Mobile Business internet is 15-30Mbs download. The reason such a difference is that the Business internet has a static public IP address and that service is on a slower network on this cell tower. Lastly, should the T-Mobile Home internet service go down for more than a minute, I would then like all traffic to go out the Business service until the Home service is restored. Then all streaming and surfing would be redirected back to the T-Mobile Home internet service. Sadly, there is no cable service here any more.

I have not even tried configuring the port directing for the streaming audi/video or surfing out the T-Mobile Home service and I will need lots of help with that too.

T-Mobile Home Internet is on 192.168.12.1 (T-Mobile Home router)
T-Mobile Business Internet is on 166.123.456.789 (T-Mobile Business router with static public IP addres)

The T-Mobile Business internet is on vlan 479 and connects to port g1/0/45 on the C3750v2 switch which then connects to the C2901 router's g0/1 port from the C3750v2's g1/0/44 port. No other ports on the C3750v2 switch are configured in the 479 vlan

The C2901 router's port g0/0 has several sub-interfaces for each of my networks. The T-Mobile Home internet service is on port g0/0.12 and connects to the C3750v2 on port g1/0/47. Port g1/0/47 is a trunk port and it does include vlan 12.

The C3750v2 switch port g1/0/48 then connects to the first C2960 switch on port fa0/48 and is also a trunk port with vlan 12 included.

The first C2960 switch port fa0/46 then connects to the second C2960 switch on port g0/8 which is a trunk port wil vlan 12 included.

The second C2960 switch port g0/2 connects to the T-Mobile Home Internet router.

Below are the configs for each router or switch with only the necessary information shown:

CISCO C2901 ROUTER
!
interface GigabitEthernet0/1
description T-Mobile Business Internet Connection Static IP
ip address 166.123.456.789 255.255.255.252
ip access-group Protect-T-Mobile in
ip mtu 1428
ip nat outside
ip virtual-reassembly in
no ip route-cache
duplex auto
speed auto
!
interface GigabitEthernet0/0.12
description T-Mobile Home Internet Connection
encapsulation dot1Q 12
ip address 192.168.12.123 255.255.255.0
ip mtu 1428
ip nat outside
ip virtual-reassembly in
no ip route-cache
!
ip nat inside source list 151 interface GigabitEthernet0/1 overload
ip route 0.0.0.0 0.0.0.0 166.123.456.788
!
access-list 151 permit ip 10.0.0.0 0.255.255.255 any
access-list 151 permit ip 172.16.0.0 0.15.255.255 any
access-list 151 permit ip 192.168.0.0 0.0.255.255 any
access-list 151 permit ip 172.17.0.0 0.0.0.255 any
!

CISCO C3750v2
!
interface GigabitEthernet1/0/44
description Connects to C2901 router's port g0/1
switchport access vlan 479
switchport mode access
switchport nonegotiate
spanning-tree portfast
!
interface GigabitEthernet1/0/45
description Connection to T-Mobile Business Internet
switchport access vlan 479
switchport mode access
switchport nonegotiate
spanning-tree portfast
!
interface GigabitEthernet1/0/47
description Shop Cisco C2901 CME router port g0/0.x
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10,12,17,50,69,110,169,234
switchport mode trunk
switchport nonegotiate
spanning-tree portfast
!
interface GigabitEthernet1/0/48
description - Connects to House Switch C2960 (first one) port f0/48
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10,12,13,17,50,69,110,169,234
switchport mode trunk
switchport nonegotiate
spanning-tree portfast
!
track 100 ip sla 100 reachability
delay down 10 up 60
!
ip sla 100
icmp-echo 4.2.2.2
threshold 750
timeout 900
frequency 15
ip sla schedule 100 life forever start-time now
ip sla reaction-configuration 100 react timeout threshold-type immediate
ip sla enable reaction-alerts
!
event manager applet reset_interface
****This is being fixed later*****
event ipsla operation-id 100 reaction-type timeout
action 1 if $_ipsla_condition eq "Occurred"
action 2 cli command "conf t"
action 3 cli command "interface gi1/0/45"
action 4 cli command "shut"
action 5 wait 10
action 6 cli command "no shut"
action 7 cli command "end"
!

CISCO C2960 First One
!
interface FastEthernet0/46
description Connecto to Second C2960 switch port g0/8
switchport trunk allowed vlan 10,12,234
switchport mode trunk
switchport nonegotiate
spanning-tree portfast
!
interface FastEthernet0/48
description BLUE - Connects to Shop Switch C3750v2 port g1/0/48
switchport trunk allowed vlan 10,12,13,17,50,69,110,169,234
switchport mode trunk
switchport nonegotiate
spanning-tree portfast
!

CISCO C2960 Second One
!
interface GigabitEthernet0/2
description Steve's T-Mobile Home Internet Access
switchport access vlan 12
switchport mode access
switchport nonegotiate
spanning-tree portfast
!
interface GigabitEthernet0/8
description WHITE - Connection to First C2960 switch port f0/46
switchport trunk allowed vlan 10,12,234
switchport mode trunk
switchport nonegotiate
spanning-tree portfast
!

Labels:
0 Helpful
11 Replies 11

Michael Durham
Level 4
Level 4
In response to MHM Cisco World

‎12-22-2023 02:53 PM

True but before that I need to be able to reach the T-Mobile Home Internet router from my Cisco C2901.

0 Helpful

Georg Pauwen
VIP
VIP

‎12-22-2023 01:19 PM

Hello,

can you provide a schematic drawing of your setup, showing all devices involved and how they are connected, and which includes the current and the desired situation ?

0 Helpful

Michael Durham
Level 4
Level 4
In response to Georg Pauwen

‎12-22-2023 02:55 PM

See above, no new devices will be added, just correct configurations....

0 Helpful

Michael Durham
Level 4
Level 4

‎12-22-2023 02:51 PM

2023 Home Topology.jpg

0 Helpful

Michael Durham
Level 4
Level 4
In response to Michael Durham

‎12-22-2023 02:54 PM

I know that I need to add an IP SLA and TRACKING config for one thing once I can ping both T-Mobile routers from the C2901.  

0 Helpful

paul driver
VIP
VIP

‎12-22-2023 03:31 PM

Hello

@Michael Durham wrote:

I want my router to switch over to the backup T-Mobile Home internet service.

I would like to set up ALL streaming video services and port 80 surfing always go out the T-Mobile Home internet as its 250-300Mbs download speed and the T-Mobile Business internet is 15-30Mbs download.

I would then like all traffic to go out the Business service until the Home service is restored. Then all streaming and surfing would be redirected back to the T-Mobile Home internet service. Sadly, there is no cable service here any more.

This does sound achievable using some policy based routing (PBR), Network translation and IPSLA tracking but first of all the topology diagram you posted doesn't seem to represent your network as a whole, I do not see any representation for your LAN traffic apart from an acl 151 permitting certain private subnets ( is this your lan ip range?) and have another acl (Protect-T-Mobile) which you do not show.


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Michael Durham
Level 4
Level 4
In response to paul driver

‎12-23-2023 08:46 AM

The Protect-T-Mobile just protects the network from outside attacks on the public IP interface.  No need for protection on the T-Mobile Home network interface as its IP is 192.168.12.x

Not sure what else you are asking for.  My internal networks are 10.10.10.x, 10.110.0.x 192.168.50.x 192.168.69.x, 192.168.169.x, 192.168.234.x.  Let me know what specific config info you need and I will post.  

0 Helpful

Michael Durham
Level 4
Level 4
In response to Michael Durham

‎12-26-2023 07:33 AM

My first goal is to be able to ping each T-Mobile router (Home & Business) from my C2901 router.  Then I can work on automatically switching services and shaping the specific traffic.  Right now I can only ping the T-Mobile Business router from the C2901.  What info do you need from me to help get the ping to the T-Mobile Home router at 192.168.12.1?

0 Helpful

paul driver
VIP
VIP

‎12-27-2023 03:54 AM

Hello
as i have already stated you do not show the whole network - what device is performing inter-vlan routing by the looks of it it isnt the 2900 rtr 

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

paul driver
VIP
VIP

‎12-27-2023 03:56 AM - edited ‎12-27-2023 03:58 AM

Hello
Ca you confirm what device is performing inter-vlan routing by the looks of it it isnt the 2900 rtr  or the 3750?
I only see a subinterface for vlan12 on the rtr but you show multiple vlans on the 3750

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Customers Also Viewed These Support Documents