Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
420
Views
3
Helpful
6
Replies

SG300 multiple default gateways

Go to solution
PabloJulian
Level 1
Level 1

‎03-08-2024 09:45 AM

Hello all,

I have an issue that is very similar to this https://community.cisco.com/t5/switches-small-business/sg300-issues-with-routes/m-p/2538028#M13074

Basically, I am trying to add redundant default gateways, but only one route will be active. Both gateways are reachable.

The SG300 is in L3 mode, with an interface 10.100.1.3 / 24; there are other subnets that can successfully route to this subnet, and can actually ping the gateways.

There are two gateways: 10.100.1.2 and .4; when I add the first one, the route shows in the route map:

ip route 0.0.0.0 /0 10.100.1.2 metric 1

But when I add the 2nd, the route does not show:

ip route 0.0.0.0 /0 10.100.1.4 metric 2

And if I force my first gateway to go down, the SG300 will not acknowledge the existence of the 2nd route using 10.100.1.4, and will simply stop routing.

My question is: in theory, this should work (multiple routes to the same network, using gateways with different metrics). Is this something that will work? If so, how? I want to know if it is even possible before we invest in other solutions.

Thanks all,

 

Pablo

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
liviu.gheorghe
Spotlight
Spotlight
In response to PabloJulian

‎03-11-2024 06:28 AM

Thank you LG for your detailed response. I tried your suggestion, and unfortunately it doesn't work - only the route with the lowest metric gets added to the RIB, even though the actual gateway is powered off. 

Just to be super clear - I was suggesting to test when the interface to the first gateway is down - disconnect the cable. In this case you can be sure that the route would be deleted from the RIB.

It looks like the SG300 is not probing the gateway to see if it's reachable, and then switch to the other route if the GW is not available.

The device is not probing to see if the next hop is reachable, no device does that for static routes. This happens only with dunamic routing protocols.

As far as you know, is there any way to make that happen on an SG300?

Unfortunately the SG300 only supports static routes.

Regards, LG
*** Please Rate All Helpful Responses ***

View solution in original post

6 Replies 6

Go to solution
KJK99
Level 3
Level 3

‎03-08-2024 09:07 PM - edited ‎03-10-2024 03:54 PM

Deleted

Kris K

Go to solution
liviu.gheorghe
Spotlight
Spotlight

‎03-09-2024 01:34 AM

As a general rule, when there are multiple routes to a destination, a router applies the following procedure to select the best route and insert it in the routing table (RIB):

1. it checks the prefix length and will alway select the longest match - for example if you have a route 172.16.0.0/16 and another 172.16.0.0/24, the later will be inserted in the RIB.

2. if all routes have the same prefix length, the router checks the Administrative Distance (AD) of the route. The Ad is a measure of the trustworthiness of the routing protocol that announced the route - link state routing protocols like OSPF have lower AD, 110, than distance-vector protocols like RIP, 120. Static routes have an AD of 1 fro example.

3. if the prefix length and the AD of a route are the same, only then the router checks the metric of the route and will select the one with the lowest metric ti insert it in the RIB. If multiple routes have the same metric, they all make it to the RIB - by default 4, but you can configure it to a higher value.

In case you have different metrics for the routes, it's not wrong you are seeing only one in the RIB - the one with the lowest metric.

You can test if the second route, the one with a higher metric, gets inserted in the RIB by shutting down the interface (or unplug the cable) through which it knows the next hop of the route. 

Hope this helps.

Regards, LG
*** Please Rate All Helpful Responses ***

Go to solution
PabloJulian
Level 1
Level 1
In response to liviu.gheorghe

‎03-11-2024 05:38 AM

Thank you LG for your detailed response. I tried your suggestion, and unfortunately it doesn't work - only the route with the lowest metric gets added to the RIB, even though the actual gateway is powered off. 

It looks like the SG300 is not probing the gateway to see if it's reachable, and then switch to the other route if the GW is not available.

As far as you know, is there any way to make that happen on an SG300?

Thank you,

 

Pablo

0 Helpful

Go to solution
liviu.gheorghe
Spotlight
Spotlight
In response to PabloJulian

‎03-11-2024 06:28 AM

Thank you LG for your detailed response. I tried your suggestion, and unfortunately it doesn't work - only the route with the lowest metric gets added to the RIB, even though the actual gateway is powered off. 

Just to be super clear - I was suggesting to test when the interface to the first gateway is down - disconnect the cable. In this case you can be sure that the route would be deleted from the RIB.

It looks like the SG300 is not probing the gateway to see if it's reachable, and then switch to the other route if the GW is not available.

The device is not probing to see if the next hop is reachable, no device does that for static routes. This happens only with dunamic routing protocols.

As far as you know, is there any way to make that happen on an SG300?

Unfortunately the SG300 only supports static routes.

Regards, LG
*** Please Rate All Helpful Responses ***

Go to solution
KJK99
Level 3
Level 3

‎03-17-2024 02:58 PM

@PabloJulian 

I’ve just implemented a solution for this issue. Previously, I had one Internet gateway active and the other one was cold-standby. Only one of them, pfSense, could’ve been set up for HA so I have replaced the other one with a second pfSense. Having two pfSense firewalls, I set them up for HA and assigned a virtual IP to them. I’ve used this VIP to replaced the two default routes that I had on my CBS350 with a single default route. pfSense uses CARP to manage VIPs and this protocol is similar to VRRP. In this new two Internet gateway setup, the backup gateway is hot-standby. Failovers from one gateway to the other are very smooth.

Kris K
0 Helpful

Go to solution
liviu.gheorghe
Spotlight
Spotlight
In response to KJK99

‎03-17-2024 03:10 PM

Nice workaround.

Regards, LG
*** Please Rate All Helpful Responses ***
0 Helpful
Customers Also Viewed These Support Documents