Solved: WAN failover - Teleco Cloud issues

Steve Coady · ‎08-19-2013

Hello

I have (15) sites around the country

Each site has a Telco WAN link

Eachs site has a secondary link over Cable.

The (2) links have an VRRP config between them to facilitate failover.

The WAN router monitors the WAN interface and if it goes down, then the VRRP initiates the failover to the Cable link.

Once the Telco WAN link comes back, it resumes as priority.

(CER router)

interface Multilink1

description connection to TELCO Circuit

bandwidth 3072

ip address 172.16.a.y 255.255.255.252

ppp chap hostname (name)

ppp multilink

ppp multilink group 1

no cdp enable

service-policy output COS_Profile

!

interface GigabitEthernet0/0 - This interface connects to my HE switch. The Cable link is also connected to my HE switch.

description connection to customer LAN

ip address 192.168.a.101 255.255.255.0

no ip redirects

no ip proxy-arp

ip flow ingress

duplex full

speed 100

vrrp 1 ip 192.168.a.1

vrrp 1 priority 105

vrrp 1 track 202

ip sla 2

icmp-echo 172.16.a.z (PER router) source-interface Multilink1

frequency 10

ip sla schedule 2 life forever start-time now

See attached for topology.

PROBLEM:

When the WAN link drops due to a problem farther into the Telco cloud, the VRRP failover never initiates the failover.

QUESTION

What other options are there in the WAN router to config to monitor other than the interface to detect a WAN outage?

Can BGP updates be monitored

sMc

mfurnival · ‎08-19-2013

This document gives the available options for VRRP tracking:

http://www.cisco.com/en/US/docs/ios-xml/ios/ipapp_fhrp/configuration/12-4/fhp-vrrp.html#GUID-2711A06C-2B31-4C7A-B895-28F1A532C106

Tracking the remote end of your WAN link is not ideal as it won't detect a BGP issue or problems further in the cloud. Try tracking a route received from your primary provider with the "track ip route" command.

View solution in original post

mfurnival · ‎08-19-2013

This document gives the available options for VRRP tracking:

http://www.cisco.com/en/US/docs/ios-xml/ios/ipapp_fhrp/configuration/12-4/fhp-vrrp.html#GUID-2711A06C-2B31-4C7A-B895-28F1A532C106

Tracking the remote end of your WAN link is not ideal as it won't detect a BGP issue or problems further in the cloud. Try tracking a route received from your primary provider with the "track ip route" command.

Steve Coady · ‎08-19-2013

mfurnival

Thankyou for the reply. I will followup with that.

sMc

John Blakley · ‎08-19-2013

Steve,

In this scenario, it's going to be difficult to determine when to roll over if the PE is up. I'm not sure how you're set up, but what would you like to monitor past the PE, that would be reliable enough, and you'd be willing to fail over if it were to go down? I'm assuming that your Netgate is still tied to your mpls cloud as well?

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

Steve Coady · ‎08-19-2013

John

The Netgate passes traffic across the Cable connection to an AVPN VIG which put the traffic back on my AVPN link.

sMc

Steve Coady · ‎08-19-2013

My thought is:

If the PE-CE link is compromised other than a direct down link, then the routing updates should timeout or be affected somehow.

Can i monitor routing protocol table times/timeouts and use that to initiate the VRRP faoilover?

sMc