cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
483
Views
0
Helpful
9
Replies

Basic fundamental query on Ethernet & Serial Interfaces

fortis123
Level 1
Level 1

Hello,

I have a basic query on difference between serial & ethernet. Iam aware of how they work and bits will be transmitted over the interface. But in practical.. now a days most clients prefer to go with the Ethernet handoff from ISP (like cablevision) than using an additional router on external zone with Serial interfaces.

For ex: if I have one link with Ethernet hand-off and another link with Serial i/f for ISPs, then even Ethernet hand off ISP has infrastructural issues, that will not make the ethernet i/f on my end 'down' and will not cause automatic failover to happen(hope my statement makes some sense).

Also, lets say,in an OSPF environment, if I have a Ethernet hand off to ASA from ISP, and incase the IPS having issues, only because of the reason the next hop of ASA is reachable (route outside 0.0.0.0 0.0.0.0 x.x.x.x 1) and connected via ethernet i/f, the backup route will not be used/installed in the LAN core routing table.

So my basic question is... Serial interface are more sensitive in detecting loss of signal than Ethernet..?

I do have some idea, but wanted to hear from Gurus in the Forum.

Thank you in advance for your time...

MS

9 Replies 9

paolo bevilacqua
Hall of Fame
Hall of Fame

Hi, the most correct approach is not to use physical status of interfaces to determine network availability. This because especially with ethernet "hand-offs" the interface cna be perfectly working yet the network is broek somewhere else.

To do that you use the "ip sla" feature that allows you to define a monitored object for tracking via ping or other method. When the object goes down, a "floating" static route is usually activated.

Hope this helps, please rate post if it does!

Hi Paolo,

Thats perfect and Iam infact thinking in the same direction. But here is the question..

BO core (ospf) ---> ASA (ospf) --> ISP ethernet hand off

BO core has default static route to PIX for internet. ASA has route outside stmt.

BO core (ospf)--> HQ core (ospf) --> ASA --> ISP.

Now using the 'sla' configs, will it possible to route the Internet traffic via HQ incase BO internet has issues.

I know this can be done with 2 ISPs to ASA at BO. But routing the traffic via internal LAN and to core using 'SLA'... not sure..

please suggest..

thank you

MS

Sure, one way would be BO has static default route tied to track. When tracking fails, a default route from HQ kicks in.

There can be more ways, this one seems simpler.

Thank you... need suggestion in config..

1.BO: 4500 with OSPF enabled and static

0.0.0.0 0.0.0.0 10.20.20.5 (ASA inside

IP)

2.ASA also OSPF enabled with network

stmt network 10.20.20.5

255.255.255.255 area x (same area as

4500)and static route 0.0.0.0 0.0.0.0

1.1.1.1 --> cable modem static IP

3.4500 <--p2p gig link --> HQ site via

OSPF. HQ has another big internet pipe.

HQ6500 with Area '0' except for the

Interface connecting to 4500 (same area as

4500). So 6500 acting as ABR.

4.6500 also has another gig link to BO#2

having same kind setup as BO , but on BO#2

PIX we have enabled defaul-information

originate metric-type 1. So BO#2 core

switch has default floating route pointing

to another location with big interent pipe.

5. Enabling 'defaul-information' on BO ASA

injecting default route from it own route

stmt and BO#2 PIX also. Not sure but I

might need route-map to control

the 'route' injection.

6. Can you put the configuration on ASA/PIX

to route the internet automatically to

backup path incase if the primary path

fails..?

Thank you

MS

Hi, I would avoid any addiotional ospf config on the ASA, because these are weak in that. One thing you need is set PBR (ip local policy) on the router with track, because you need the probe packet to always take the same route. The rest is just having the alternate default being sent with an higher metric.

Hi paolo,

Sounds like wonderful idea and I would like to try that. Will you please shoot me some configuration example on this.

Thank you

MS

Can't reach the router where I have a similar setup. I will forward when I have access again.

Fantastic. I will wait on it.

rgds

MS

Hi,

just wanted to let you all know that, I have implemented in my clients network environment the object tracking feature for internet access. THis was done yesterday. Tests were successful..so its working.

Thank you all for your time and suggestions.

regards

MS

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: