Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1095
Views
0
Helpful
3
Replies

Wan Failover With IP SLA

plussier1
Level 1
Level 1

‎03-08-2016 06:54 PM - edited ‎03-05-2019 03:31 AM

Hi,

I setup an IP SLA on my Cisco 881G Router to have automatic WAN Failover in case that Internet goes down on my primary ISP.

I put the goole DNS 8.8.8.8 to verify the status of the primary ISP (WAN-1)

When you first power up the Router every thing is Working.

Sh track 10

 Reachability is Up

If i unplug the Cat5e cable on Wan-1, the Reachability goes down and the router shitch by itself on WAN-2.

The issues is when I plug back the Cat5e cable on the WAN-1 interface, the Reachability never change back to UP and the Router Stay on the WAN-2 (backup) to able all the Router user to access Internet.

When the Router in on Backup (Wan-2) i tried this command

ping 8.8.8.8 source fastEthernet 4, but i have 100% packet lost. The only address that respond to ping is the Gateway address of the Interface.

What I need to do if i want the IP SLA roule to switch back on WAN-1 when I ping DNS 8.8.8.8.

Please see a part of my router config bellow. ( Take in note that i also have DMVPN tunnel ans Site-to-Site IP-sec VPN on this router.

ip sla auto discovery
ip sla 1
icmp-echo 8.8.8.8 source-interface FastEthernet4
timeout 6000
frequency 10
ip sla schedule 1 life forever start-time now

track 10 ip sla 1 reachability

ip route 0.0.0.0 0.0.0.0 70.81.120.1 track 10
ip route 0.0.0.0 0.0.0.0 Dialer1 5

Thank You!

Patrick Lussier

Labels:
0 Helpful
3 Replies 3

Milos Megis
Level 3
Level 3

‎03-08-2016 11:24 PM

Hi,
try put smaller administrative distance to route "ip route 0.0.0.0 0.0.0.0 70.81.120.1 track 10".
Because you specified AD=5 for "ip route 0.0.0.0 0.0.0.0 Dialer1 5" but this is default for static routes.
So now both routes have same AD (and it should perform load balance between them).

Second thing is, that I don´t recommend use 8.8.8.8 as target for IP SLA.
Google can evaluate this as attack and this IP address then can stop respond even if your line to ISP is working.

At the end, if you cannot ping 8.8.8.8 via second provider, it is possible that he can block ICMP traffic.
Consider use target IP address which is accesible via both providers.

0 Helpful

plussier1
Level 1
Level 1
In response to Milos Megis

‎03-09-2016 06:27 AM

Hi, I will try that tonight and I will let you know.

What is the best address to ping as target for IP SLA ?

ISP DNS ?

Thank You !

Patrick

0 Helpful

Milos Megis
Level 3
Level 3
In response to plussier1

‎03-10-2016 12:43 AM

At first sorry for bad information.
You cannot use destination IP address which is reachable from both providers, othervise following will happen:
1st link fail, track object go to down state, second link/path will be activated.
Then, public IP address become live again so track object go to UP state and first path will be activated again but 1st provider is always down, so this will repeat in a round.

I think (but I am not sure) that best way is to use some IP address of some device of 1st provider. But you will have to configure also static route to that IP address "ip route pinged_ip_address 255.255.255.255 interface_name_for_1st_provider next_hop_ip".
This record is more specific than default route, so will be evaluated before default route.

0 Helpful
Customers Also Viewed These Support Documents