Re: WAN link failover by DNS tracking

Arup Dutta · ‎05-02-2011

Hi All,

I want to configure link fail over by DNS tracking.i have two WAN link i want if ISP1 link is goes down then ISP2 became prepared to take over ISP1 and it should vise versa .when both link is up with in this time my server traffic should pass through ISP1 and local user traffic should pass through ISP2.

I want router track only DNS(4.2.2.2 or my ISP DNS) so that router can feel the DNS are not answering so need to switch over another ISP.

Thnx and regards,

Arup

mrdogantr · ‎05-02-2011

Hi Arup,

You can try config below.

ip sla 10

icmp-echo 4.4.2.2

timeout 1000

frequency 3

ip sla schedule 10 life forever start-time now

track 10 ip sla 10 reachability

ip route 4.4.2.2 255.255.255.255 {ISP1 ip}

ip route 0.0.0.0 0.0.0.0 {ISP1 ip} track 10

ip route 0.0.0.0 0.0.0.0 {ISP2 ip} 20

hth

Muammer

Arup Dutta · ‎05-02-2011

Hi thnx for youe reply i am sending my configurarion plz check if has any

error please mention

Regards,

Arup

On Tue, May 3, 2011 at 11:57 AM, mrdogantr <

mrdogantr · ‎05-02-2011

Hi Arup,

Can you change "4.2.2.2" in ip sla configs.

ip route 4.4.2.2 255.255.255.255 a.b.c.d ----ISP1

ip sla 1

icmp-echo 4.2.2.2

timeout 500

threshold 3

frequency 5

ip sla schedule 1 life forever start-time now

ip sla 2

icmp-echo 4.2.2.2

timeout 500

threshold 3

frequency 5

ip sla schedule 2 life forever start-time now

access-list 150 permit ip 10.128.195.0 0.0.0.3 any

access-list 150 permit ip 10.128.193.0 0.0.0.15 any

route-map indiaisp1 permit 10

match ip address 150

set ip next-hop verify-availability 4.2.2.2 1 track 101

set ip next-hop verify-availability 4.2.2.2 2 track 102

hth

Muammer

Arup Dutta · ‎05-02-2011

Hi waht type of changes is need please mention

Regards,

Arup

On Tue, May 3, 2011 at 12:22 PM, mrdogantr <

mrdogantr · ‎05-03-2011

4.4.2.2 instead of 4.2.2.2

Arup Dutta · ‎05-03-2011

Hi,

failover not occoring when i manually discunnect WAN link from MUX(outside)

but it happen when i disconnect linkfrom MUX(inside for lan)

Router not comprehend DNS track

Please help

Rgd,

Arup

On Tue, May 3, 2011 at 12:33 PM, mrdogantr <

mrdogantr · ‎05-03-2011

i think you have nat problem. can you tray config below.

ip sla 10

icmp-echo 4.4.2.2

timeout 1000

frequency 3

ip sla schedule 10 life forever start-time now

track 10 ip sla 10 reachability

ip route 4.4.2.2 255.255.255.255 {ISP1 ip}

ip route 0.0.0.0 0.0.0.0 {ISP1 ip} track 10

ip route 0.0.0.0 0.0.0.0 {ISP2 ip} 20

access-list 150 permit ip 10.128.195.0 0.0.0.3 any

access-list 150 permit ip 10.128.193.0 0.0.0.15 any

route-map isp1 permit 10

match interface FastEthernet0/1

route-map isp2 permit 10

match interface FastEthernet0/0/0

route-map nat1 permit 10

match ip address 150

match interface FastEthernet0/1

route-map nat2 permit 10

match ip address 150

match interface FastEthernet0/0/0

ip nat inside source route-map nat1 interface FastEthernet0/1 overload

ip nat inside source route-map nat2 interface FastEthernet0/0/0 overload

hth

Muammer

Arup Dutta · ‎05-03-2011

Hi,

Actually i have one DMZ location there is need one-to-one (static NAT)

and local user nating are happening into firewall.

DMZ ip address 10.128.192.68 (WEB server) .

primarily ISP 1 is dedicated for Local user and ISP2 is for WEB server.

now the condition is if any one ISP goes down then link fail over happen and

active ISP is take care all function

this is my scenario

Please help

regards,

Arup

On Tue, May 3, 2011 at 1:03 PM, mrdogantr <

Arup Dutta · ‎05-03-2011

please find the attach file and correct if has any error.

this text file show you actual scenario

Regards,

Arup

On Tue, May 3, 2011 at 1:03 PM, mrdogantr <