09-16-2008 03:49 AM - edited 03-04-2019 03:13 AM
I have a problem with eigrp failover path. When the primary link goes down the failover routemap configuration should become active and work as backup but it doesn't. When we try to do a failover test it doesn't work, any idea.
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
service compress-config
!
hostname lon-wmi-kct-core1
!
boot-start-marker
boot-end-marker
!
!
redundancy
mode sso
enable secret 5....
enable password 7 ....
!
aaa new-model
aaa authentication login default group tacacs+ line
aaa authorization exec default group tacacs+ local if-authenticated
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
aaa accounting network default start-stop group tacacs+
!
aaa session-id common
clock timezone GMT 0
clock summer-time BST recurring last Sun Mar 1:00 last Sun Oct 1:00
vtp domain test
vtp mode transparent
ip subnet-zero
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
power redundancy-mode redundant
!
!
!
vlan internal allocation policy ascending
!
vlan 6
name Root-DCs
!
vlan 7
name DTA
!
vlan 8
name kensington
!
vlan 10
name Verizon-PIP-Internet
!
vlan 11
name kensington-servers
!
vlan 12
name WME
!
...
...
...
..
interface Vlan1
no ip address
!
interface Vlan6
description VLAN for AD Root Domain Controllers
ip address 10.139.129.129 255.255.255.240
!
interface Vlan7
description Vlan for DTA London Environment
ip address 10.139.64.1 255.255.255.224
!
interface Vlan8
description Connection to WMUK
ip address 194.x.x.67 255.255.255.0
!
interface Vlan10
description Connection to Verizon PIP Network and Internet
ip address 10.135.254.33 255.255.255.248
!
interface Vlan11
description VLAN - Kensington-1
ip address 10.139.65.1 255.255.255.0
!
interface Vlan12
description WME Connection on KCT Ground Floor
ip address 10.139.66.1 255.255.255.224
ip policy route-map 100MB_PIP_CKT
!
router eigrp 22
redistribute static
network 10.135.254.32 0.0.0.15
network 10.139.55.0 0.0.0.255
network 10.139.118.0 0.0.1.255
network 10.139.129.128 0.0.0.15
network 10.0.0.0
network 193.185.212.0
network 194.60.216.0
no auto-summary
!
ip route 10.139.55.0 255.255.255.0 194.60.216.137
ip route 10.139.118.0 255.255.254.0 194.60.216.17
ip route 10.139.120.0 255.255.255.0 194.60.216.4
ip route 193.185.212.0 255.255.255.0 194.60.216.137
no ip http server
!
!
logging 194.60.216.200
access-list 199 permit ip 10.139.66.0 0.0.0.31 any
!
route-map 100MB_PIP_CKT permit 10
match ip address 199
set ip next-hop 10.135.254.36 10.135.254.37
!
snmp-server community ..... RO
snmp-server community .... RO
09-16-2008 04:24 AM
why u have for each network static and eigrp route and then u redistributed the static to eigrp???
secondly
try this way
route-map 100MB_PIP_CKT permit 10
match ip address 199
set ip next-hop 10.135.254.36
route-map 100MB_PIP_CKT permit 20
match ip address 199
set ip next-hop 10.135.254.37
good luck
if helpful Rate
09-16-2008 04:27 AM
We have two upstream routers 10.135.254.36 [100Mbps link] and 10.135.254.37 [34Mbps link].
For this traffic the 10.135.254.36 - this is the preferred route and only if 10.135.254.36 is not available should it ever use the 10.135.254.37 route.
Would it work with what you told me earlier by septrating.
09-16-2008 04:34 AM
try it
it is designed for this goal mostly
the sequence number represent which route map line will be taken first
so if sequence number line 10 didnt work because of the next hop down it will go to next sequece number her we have 20
good luck
09-16-2008 04:49 AM
will try this in the evening when the users are gone home.
09-16-2008 05:06 AM
Nishit
I believe that there is an aspect of what you are trying to do that you have not understood well. And that aspect will prevent the solution suggested by Marwan from working.
If we look at your logic in the route map:
set ip next-hop 10.135.254.36 10.135.254.37
we see that both addresses are in the same subnet and that subnet is on VLAN 10. If the device at 10.135.254.36 becomes unavailable and stops responding, then your router/switch will not know that. As long as the address is connected within an interface that is up/up the router/switch will assume that the address is reachable and will continue to use it. Separating it into 2 route map instances as suggested by Marwan will not change this behavior.
The solution is to use something like Object Tracking (perhaps using sla or rtr) to detect whether the particular address is responding.
HTH
Rick
09-16-2008 07:08 AM
Hello Rick,
excellent observation.
until an ARP entry is present for the next-hop without additiona config the switch cannot realize it is down.
inside the route-map the following command can be used to reference the tracked object:
set ip next-hop verify-availability
To configure policy routing to verify the reachability of the next hop of a route map before the router performs policy routing to that next hop, use the set ip next-hop verify-availability command in route-map configuration mode. To disable this function, use the no form of this command.
set ip next-hop verify-availability [next-hop-address sequence track object]
no set ip next-hop verify-availability [next-hop-address sequence track object]
see
http://www.cisco.com/en/US/docs/ios/iproute/command/reference/irp_pi2.html#wp1012541
this is supported in Native IOS mode and in routers.
Hope to help
Giuseppe
09-16-2008 12:59 PM
Giuseppe
Thank you for filling in some gaps in my explanation. The verify-availability and the track object are the specific to which I was generally referring.
HTH
Rick
09-17-2008 12:23 AM
The switch does not recognise set ip next-hop verify-availability
Here's the version we are running:
Cisco IOS Software, Catalyst 4000 L3 Switch Software (cat4000-I5S-M), Version 12.2(25)EWA5, RELEASE SOFTWARE (fc1)
09-18-2008 08:04 AM
Hello Patel,
unfortunately this switch is end of sale so I don't know if you can upgrade to a release that support a basic verify availability to solve your issue.
However I've noticed that you could see if to use the EIGRP variance to have a weighted load-balancing with more traffic going to the router with a 100 Mbps uplink and a quarter of traffic going to router with a 34 Mbps link this would require to extend EIGRP to the two routers and to see if it possible to get this.
Hope to help
Giuseppe
09-18-2008 08:23 AM
If only use the link as a failover, all the traffice go via primary connection, so if the primary link fails then the back should come up and pass the traffic via seconday link.
AT present the secondary link is failing to come up when the primary link fails.
Need to find the correct config solution.
09-18-2008 09:13 AM
Nishit
Giuseppe and I have given you the correct config solution for your issue. If the current switch software does not recognize it then you need to either find a version of software for that switch that will recogniaze it or you need to get a different switch.
There is a corect config solution but your current switch implementation does not support it.
HTH
Rick
09-17-2008 12:24 AM
The switch does not recognise set ip next-hop verify-availability
Here's the version we are running:
Cisco IOS Software, Catalyst 4000 L3 Switch Software (cat4000-I5S-M), Version 12.2(25)EWA5, RELEASE SOFTWARE (fc1)
09-17-2008 12:32 AM
really impresive !!
5+ for both of you Giuseppe and Rick :)
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: