cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3134
Views
0
Helpful
13
Replies

Configuring failover/load balancing on a Cisco 2821

sifurobbie
Level 1
Level 1

I have a 2821 connected through a interface Dailer to one ISP which is operational. Through interface Fastethernet0/1/0 on a 2 port HWIC card, I require this to be connected to the second ISP. In the event of one link failing, I require the secondary link to take over. Very new to this and require assistance configuring fail over/load balancing on the 2821. The LAN side uses private IPs.

I'm guessing that a secondary default route will be required to the secondary ISP, but not sure how to configure it. Will a new access list be required? Any help will be greatly appreciated. Haven't done much to the config so far except put in the IP and description (hilighted in bold).

My current config through interface Dialer is as follows.

Current configuration : 18977 bytes

!

! Last configuration change at 14:36:51 GMT Tue Jul 13 2010 by admin

! NVRAM config last updated at 14:07:47 GMT Tue Jul 13 2010 by admin

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname gateway

!

boot-start-marker

boot-end-marker

!

logging buffered 4096

enable secret 5 $1$d1If$JX52cD9me5lGBMMG2C9id.

enable password hhhhhhh

!

no aaa new-model

clock timezone GMT 0

clock summer-time GMT recurring

network-clock-participate wic 3

dot11 syslog

!

!

ip cef

no ip dhcp use vrf connected

ip dhcp excluded-address 192.168.100.1 192.168.100.10

!

ip dhcp pool IPT

   network 192.168.100.0 255.255.255.0

   default-router 192.168.100.1

   option 150 ip 192.168.100.1

   lease infinite

!

!

ip domain name xxxxx.com

ip name-server 194.72.9.38

ip name-server 62.6.40.178

ip inspect name FW http

ip inspect name FW ftp

ip inspect name FW icmp

ip inspect name FW sip

ip inspect name FW dns

ip inspect name FW esmtp

ip inspect name FW https

ip inspect name FW imap

ip inspect name FW udp

ip inspect name FW tcp

!

multilink bundle-name authenticated

!

isdn switch-type basic-net3

!

!

trunk group  1

!

voice-card 0

no dspfarm

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

voice translation-rule 1

rule 1 /^/ /90/ type national national

rule 2 /^/ /900/ type international international

!

voice translation-rule 2

rule 1 /^890/ //

rule 2 /^308/ //

!

!

voice translation-profile INDDI

translate calling 1

translate called 2

!

!

!

crypto pki trustpoint TP-self-signed-3978284345

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-3978284345

revocation-check none

rsakeypair TP-self-signed-3978284345

!

!

crypto pki certificate chain TP-self-signed-3978284345

certificate self-signed 01

  3082024A 308201B3 A0030201 02020101 300D0609 2A864886 F70D0101 04050030

  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274

  69666963 6174652D 33393738 32383433 3435301E 170D3130 30323134 31353430

  33345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649

  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 39373832

  38343334 3530819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281

  8100F47E 6CAC1FB3 D1D29090 20AAE798 28F1267F F3E3FFD8 920FD910 A877F20E

  C1891B66 541DC6E6 63CF073B C328EC3F 96B9B401 BCB00E3B 683B9549 858BFFB5

  C4555DB9 134E1E9A 741E28CA 59D75C17 E7D15C49 C6EDD714 E28E9DAD B358AC02

  29328923 A3AE2137 5B6467E6 463D1F04 43C1AB15 B356224B A1D6A445 5D317929

  E6B70203 010001A3 72307030 0F060355 1D130101 FF040530 030101FF 301D0603

  551D1104 16301482 12676174 65776179 2E73756E 6B61722E 636F6D30 1F060355

  1D230418 30168014 7A51CB11 C0D8BB34 DDC7159C F0C40188 BF32CF30 301D0603

  551D0E04 1604147A 51CB11C0 D8BB34DD C7159CF0 C40188BF 32CF3030 0D06092A

  864886F7 0D010104 05000381 81003A6E 3CA4A6D2 F63EED35 470E634F 2EF224C2

  6F57D1EF B6342C3A 1033CF36 7FFCFAA5 7E8DFC10 75F69C8C C297CB84 03DBFBE4

  90D06CF9 49A7DEFA 7634DE2C C376DFD3 AAB04F69 A1C2E766 32DD4596 EBE0CB22

  76FC753C E87EC8D9 64D26D9E F81ABB7D F94C2FAC 9CE9E00C 4E92E476 97089440

  0D0544F3 2CA347E6 00776A43 59BE

        quit

!

!

username admin privilege 15 password 0 Sunkar2010

archive

log config

  hidekeys

!

!

!

!

!

!

!

!

interface GigabitEthernet0/0

description ** Connection to DATA LAN **

ip address 192.168.0.254 255.255.255.0

ip nat inside

ip virtual-reassembly

duplex auto

speed auto

!

interface Service-Engine0/0

ip unnumbered GigabitEthernet0/1

service-module ip address 192.168.100.2 255.255.255.0

service-module ip default-gateway 192.168.100.1

!

interface GigabitEthernet0/1

description ** Connection to Voice LAN **$ES_LAN$

ip address 192.168.100.1 255.255.255.0

ip nat inside

ip virtual-reassembly

duplex auto

speed auto

h323-gateway voip interface

h323-gateway voip bind srcaddr 192.168.100.1

!

interface FastEthernet0/1/0

description secondary ISP link

ip address x.x.x.194 255.255.255.240

duplex auto

speed auto

!

interface FastEthernet0/1/1

no ip address

shutdown

duplex auto

speed auto

!

interface ATM0/2/0

no ip address

ip nat outside

ip virtual-reassembly

no atm ilmi-keepalive

dsl operating-mode auto

pvc 0/38

  encapsulation aal5mux ppp dialer

  dialer pool-member 1

!

!

interface BRI0/3/0

no ip address

isdn switch-type basic-net3

isdn point-to-point-setup

isdn incoming-voice voice

isdn static-tei 0

trunk-group 1

!

interface BRI0/3/1

no ip address

isdn switch-type basic-net3

isdn point-to-point-setup

isdn incoming-voice voice

isdn static-tei 0

trunk-group 1

!

interface Dialer1

ip address x.x.143.238 255.255.255.248

ip access-group INBOUND in

ip nat outside

ip inspect FW out

ip virtual-reassembly

encapsulation ppp

dialer pool 1

dialer-group 1

ppp chap hostname xxxxxxx@hg28.btclick.com

ppp chap password 0 xxxxxxx

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 Dialer1

ip route 192.168.100.2 255.255.255.255 Service-Engine0/0

!

!

ip http server

ip http secure-server

ip dns server

ip nat inside source list 1 interface Dialer1 overload

ip nat inside source static 192.168.0.1 217.39.143.233

!

ip access-list extended INBOUND

remark SDM_ACL Category=17

permit ip x.x.22.160 0.0.0.31 any

permit tcp any host xx.xx.143.233 eq 443

permit tcp any host xx.xx.143.233 eq 987

permit tcp any host xx.xx.143.233 eq 1723

permit tcp any host xx.xx.143.233 eq 3389

permit tcp any host xx.xx.143.233 eq www

permit tcp any host xx.xx.143.233 eq ftp

permit tcp any range ftp-data ftp host xx.xx 143.233 range ftp-data ftp

remark Secure FTP Data Range

permit tcp any range 49152 65535 host xx.xx.143.233 range 49152 65535 log

remark SSL Control ports

permit tcp any range 989 990 host xx.xx.143.238 range 989 990 log

deny   ip any any

!

access-list 1 permit 192.168.0.0 0.0.0.255

dialer-list 1 protocol ip permit

!

!

!

!

!

tftp-server flash:P00307020200.bin

tftp-server flash:P00307020200.loads

tftp-server flash:P00307020200.sb2

tftp-server flash:P00307020200.sbn

tftp-server flash:P00403020214.bin

tftp-server flash:ATA030100SCCP040211A.zup

!

control-plane

!

!

!

voice-port 0/3/0

translation-profile incoming INDDI

compand-type a-law

cptone GB

!

voice-port 0/3/1

translation-profile incoming INDDI

compand-type a-law

cptone GB

!

!

!

!

dial-peer cor custom

name local/national

name International

name FreePhone

name Personal/pagers

name Mobile

name LocalRate

name NationalRate

name Premium

name NHS

name Operator

name DirectoryServices

name Voip

name Services

!

!

dial-peer cor list LocalNational

member local/national

!

dial-peer cor list Services

member Services

!

dial-peer cor list Voip

member Voip

!

dial-peer cor list International

member International

!

dial-peer cor list FreePhone

member FreePhone

!

dial-peer cor list PersonalPagers

member Personal/pagers

!

dial-peer cor list Mobile

member Mobile

!

dial-peer cor list LocalRate

member LocalRate

!

dial-peer cor list NationalRate

member NationalRate

!

dial-peer cor list Premium

member Premium

!

dial-peer cor list NHS

member NHS

!

dial-peer cor list Operator

member Operator

!

dial-peer cor list DirectoryServices

member DirectoryServices

!

dial-peer cor list Level0

!

dial-peer cor list Level4

member local/national

member International

member FreePhone

member Personal/pagers

member Mobile

member LocalRate

member NationalRate

member NHS

member Operator

member DirectoryServices

member Voip

member Services

!

dial-peer cor list Level3

member local/national

member International

member FreePhone

member Mobile

member LocalRate

member NationalRate

member NHS

!

dial-peer cor list Level2

member local/national

member International

member Mobile

!

dial-peer cor list Level1

member local/national

member Mobile

!

!

dial-peer voice 500 voip

description - Voicemail -

destination-pattern 500

session protocol sipv2

session target ipv4:192.168.100.2

dtmf-relay sip-notify

codec g711ulaw

no vad

!

dial-peer voice 501 voip

description - MWI on/off -

destination-pattern 50[1-2]...

session protocol sipv2

session target ipv4:192.168.100.2

dtmf-relay sip-notify

codec g711ulaw

no vad

!

dial-peer voice 1 pots

trunkgroup 1

incoming called-number .

direct-inward-dial

!

dial-peer voice 2 pots

trunkgroup 1

description - Emergency -

destination-pattern 999

forward-digits 3

!

dial-peer voice 3 pots

trunkgroup 1

description - Emergency -

destination-pattern 9112

forward-digits 3

!

dial-peer voice 4 pots

trunkgroup 1

corlist outgoing LocalNational

description - Local 8 -

destination-pattern 9[2-9].......

forward-digits 8

!

dial-peer voice 5 pots

trunkgroup 1

corlist outgoing Voip

description - VoIP -

destination-pattern 9056........

forward-digits 11

!

dial-peer voice 6 pots

trunkgroup 1

corlist outgoing LocalNational

description - National <11 -

preference 1

destination-pattern 90[1-2]T

forward-digits 10

!

dial-peer voice 7 pots

trunkgroup 1

corlist outgoing LocalNational

description - National -

destination-pattern 90[1-2].........

forward-digits 11

!

dial-peer voice 8 pots

trunkgroup 1

corlist outgoing International

description - International -

destination-pattern 900T

prefix 00

!

dial-peer voice 9 pots

trunkgroup 1

corlist outgoing Mobile

description - Mobile -

destination-pattern 907[5,7-9]........

forward-digits 11

!

dial-peer voice 10 pots

trunkgroup 1

corlist outgoing FreePhone

description - Freephone 0800 <11 -

preference 1

destination-pattern 9080T

forward-digits 10

!

dial-peer voice 11 pots

trunkgroup 1

corlist outgoing FreePhone

description - Freephone -

destination-pattern 9080........

forward-digits 11

!

dial-peer voice 12 pots

trunkgroup 1

corlist outgoing FreePhone

description - Free phone <11 -

preference 1

destination-pattern 9050T

forward-digits 10

!

dial-peer voice 13 pots

trunkgroup 1

corlist outgoing FreePhone

description - Free phone -

destination-pattern 9050........

forward-digits 11

!

dial-peer voice 14 pots

trunkgroup 1

corlist outgoing LocalRate

description - Reduced Rate -

destination-pattern 9084........

forward-digits 11

!

dial-peer voice 15 pots

trunkgroup 1

corlist outgoing NationalRate

description - National Rates -

destination-pattern 9087........

forward-digits 11

!

dial-peer voice 16 pots

trunkgroup 1

corlist outgoing Premium

description - Premium Rate <11 -

destination-pattern 9090T

forward-digits 10

!

dial-peer voice 17 pots

trunkgroup 1

corlist outgoing Premium

description - Premium Rate -

preference 1

destination-pattern 9090........

forward-digits 11

!

dial-peer voice 18 pots

trunkgroup 1

corlist outgoing Operator

description - Operator -

destination-pattern 9100

forward-digits 3

!

dial-peer voice 19 pots

trunkgroup 1

corlist outgoing DirectoryServices

description - Services -

destination-pattern 9118...

forward-digits 6

!

dial-peer voice 20 pots

trunkgroup 1

corlist outgoing Services

description - Services -

destination-pattern 9141T

prefix 141

!

dial-peer voice 21 pots

trunkgroup 1

corlist outgoing Services

description - Services -

destination-pattern 9147[1-9]

forward-digits 4

!

dial-peer voice 22 pots

trunkgroup 1

corlist outgoing NHS

description - NHS Direct -

destination-pattern

forward-digits 8

!

dial-peer voice 23 pots

trunkgroup 1

corlist outgoing NationalRate

description - Reduced Rate -

destination-pattern 9034........

forward-digits 11

!

dial-peer voice 24 pots

trunkgroup 1

corlist outgoing NationalRate

description - National Rates -

destination-pattern 9037........

forward-digits 11

!

dial-peer voice 25 pots

trunkgroup 1

corlist outgoing NationalRate

description - National Rates -

destination-pattern 9033........

forward-digits 11

!

dial-peer voice 26 pots

trunkgroup 1

corlist outgoing NationalRate

description - National Rates -

destination-pattern 9030........

forward-digits 11

!

dial-peer voice 27 pots

trunkgroup 1

corlist outgoing Services

description - Services -

destination-pattern 915[0-5]

forward-digits 3

!

dial-peer voice 28 pots

trunkgroup 1

corlist outgoing Services

description - Services -

destination-pattern 919.

forward-digits 3

!

!

!

!

telephony-service

load 7960-7940 P00307020200

max-ephones 30

max-dn 100

ip source-address 192.168.100.1 port 2000

system message xxxxxxxx plc

url services http://192.168.100.2/voiceview/common/login.do

url authentication http://192.168.100.1/CCMCIP/authenticate.asp

cnf-file location flash:

time-zone 21

time-format 24

date-format dd-mm-yy

voicemail 500

max-conferences 8 gain -6

call-forward pattern .T

moh music-on-hold.au

multicast moh 239.1.1.1 port 2000

web admin system name admin password xxxxxxxxx

dn-webedit

time-webedit

transfer-system full-consult

transfer-pattern .T

secondary-dialtone 9

directory entry 1

directory entry 2

directory entry 3

directory entry 4

create cnf-files version-stamp 7960 Feb 11 2010 09:03:29

!

!

ephone-template  20

softkeys idle  Redial Gpickup Cfwdall Newcall Join ConfList RmLstC Login Dnd

!

!

ephone-dn  1  dual-line

call-waiting ring

number 180

pickup-group 1

label

description

name

call-forward busy 500

call-forward noan 500 timeout 25

corlist incoming Level4

huntstop channel

no huntstop

!

!

ephone-dn  2  dual-line

call-waiting ring

number 181

pickup-group 1

label

description

name

call-forward busy 500

call-forward noan 500 timeout 25

corlist incoming Level4

huntstop channel

no huntstop

!

!

ephone-dn  3  dual-line

call-waiting ring

number 182

pickup-group 1

label

description

name

call-forward busy 500

call-forward noan 500 timeout 25

corlist incoming Level4

huntstop channel

no huntstop

!

!

ephone-dn  4  dual-line

call-waiting ring

number 183

pickup-group 1

label

description

name

call-forward busy 500

call-forward noan 500 timeout 25

corlist incoming Level4

huntstop channel

no huntstop

!

!

ephone-dn  5  dual-line

call-waiting ring

number 184

pickup-group 1

label Conference

description

name Conference

corlist incoming Level4

huntstop channel

no huntstop

!

!

ephone-dn  6  dual-line

call-waiting ring

number 185

pickup-group 1

label Spare

description

name Spare

call-forward busy 500

call-forward noan 500 timeout 25

corlist incoming Level4

huntstop channel

no huntstop

!

!

ephone-dn  7  dual-line

call-waiting ring

number 186

pickup-group 1

label Spare

description

name Spare

call-forward busy 500

call-forward noan 500 timeout 25

corlist incoming Level4

huntstop channel

no huntstop

!

!

ephone-dn  8  dual-line

call-waiting ring

number 187

pickup-group 1

label

description

name

call-forward busy 500

call-forward noan 500 timeout 25

corlist incoming Level4

huntstop channel

no huntstop

!

!

ephone-dn  9  dual-line

call-waiting ring

number 188

pickup-group 1

label

description

name

call-forward busy 500

call-forward noan 500 timeout 25

corlist incoming Level4

huntstop channel

no huntstop

!

!

ephone-dn  10  dual-line

call-waiting ring

number 189

pickup-group 1

label

description

name

call-forward all

call-forward busy 500

call-forward noan 500 timeout 25

corlist incoming Level4

huntstop channel

no huntstop

!

!

ephone-dn  11  dual-line

call-waiting ring

number 190

pickup-group 1

label

description

name

call-forward busy 500

call-forward noan 500 timeout 25

corlist incoming Level4

huntstop channel

no huntstop

!

!

ephone-dn  12  dual-line

call-waiting ring

number 678

pickup-group 1

label Main Number

description

name Main Number

call-forward busy 500

call-forward noan 500 timeout 25

corlist incoming Level4

huntstop channel

no huntstop

!

!

ephone-dn  13

number 199

label Fax

description

name Fax

no huntstop

hold-alert 30 originator

!

!

ephone-dn  99

number 501...

mwi on

!

!

ephone-dn  100

number 502...

mwi off

!

!

ephone  1

device-security-mode none

mac-address 0023.EBC6.D625

ephone-template 20

username "SerikU" password 180

type 7940

button  1:1

!

!

!

ephone  2

device-security-mode none

mac-address 0023.EBC6.DA85

ephone-template 20

username "jkkjkkjkjk" password

type 7940

button  1:2

!

!

!

ephone  3

device-security-mode none

mac-address 0023.EBC6.CFC2

ephone-template 20

username "N" password

type 7940

button  1:3

!

!

!

ephone  4

device-security-mode none

mac-address 0023.EBC6.D0B1

ephone-template 20

username ""

type 7940

button  1:12 2:4

!

!

!

ephone  5

device-security-mode none

mac-address 0026.0B5C.EDD1

type ata

button  1:5

!

!

!

ephone  6

device-security-mode none

mac-address 0023.EBC6.DB1D

ephone-template 20

username "User1"

type 7940

button  1:6

!

!

!

ephone  7

device-security-mode none

mac-address 0023.EBC6.D235

ephone-template 20

username "User2"

type 7940

button  1:7

!

!

!

ephone  8

device-security-mode none

mac-address 0023.EBC6.D371

ephone-template 20

username "TM" password

fastdial 1 9 name mob

speed-dial 1 "

type 7940

button  1:8

!

!

!

ephone  9

device-security-mode none

mac-address 0023.EBC6.D54A

ephone-template 20

username "TeckSK" password 188

type 7940

button  1:9

!

!

!

ephone  10

device-security-mode none

mac-address 0023.EBC6.D352

ephone-template 20

username "AH" password 1

type 7940

button  1:10

!

!

!

ephone  11

device-security-mode none

mac-address 0023.EBC6.D33B

ephone-template 20

username "RW" password 1

type 7940

button  1:11

!

!

!

ephone  12

device-security-mode none

mac-address 260B.5CED.D101

type ata

button  1:13

!

!

!

ephone  13

device-security-mode none

!

!

!

line con 0

line aux 0

line 194

no activation-character

no exec

transport preferred none

transport input all

transport output pad telnet rlogin lapb-ta mop udptn v120 ssh

line vty 0 4

password cisco

login local

transport input telnet ssh

!

scheduler allocate 20000 1000

ntp source GigabitEthernet0/1

ntp master 1

!

!

webvpn context Default_context

ssl authenticate verify all

!

no inservice

!

end

13 Replies 13

Ganesh Hariharan
VIP Alumni
VIP Alumni

I have a 2821 connected through a interface Dailer to one ISP which is operational. Through interface Fastethernet0/1/0 on a 2 port HWIC card, I require this to be connected to the second ISP. In the event of one link failing, I require the secondary link to take over. Very new to this and require assistance configuring fail over/load balancing on the 2821. The LAN side uses private IPs.

I'm guessing that a secondary default route will be required to the secondary ISP, but not sure how to configure it. Will a new access list be required? Any help will be greatly appreciated. Haven't done much to the config so far except put in the IP and description (hilighted in bold).

My current config through interface Dialer is as follows.

Current configuration : 18977 bytes

!

! Last configuration change at 14:36:51 GMT Tue Jul 13 2010 by admin

! NVRAM config last updated at 14:07:47 GMT Tue Jul 13 2010 by admin

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname gateway

!

boot-start-marker

boot-end-marker

!

logging buffered 4096

enable secret 5 $1$d1If$JX52cD9me5lGBMMG2C9id.

enable password hhhhhhh

!

no aaa new-model

clock timezone GMT 0

clock summer-time GMT recurring

network-clock-participate wic 3

dot11 syslog

!

!

ip cef

Hi,

What i would suggest configure ip sla track with dyanmic failover to secondary link in case primary goes down ,check out the below sample configuration on IP SLA

ip sla 1  < The number 1 here is arbitrary, used only to identify this sla. It is otherwise knows as the operation number>
icmp-echo "Any Ip address" < Ip address that responds to pings out on the internet>

timeout 500 < This is how long to wait for a response from the ping>

frequency 3 < This is the repeat rate for the SLA>

ip sla schedule 1 start-time now life forever < This command says "start SLA 1 now and keep it running forever>

track 1 rtr 1 reachability < This comand creates the track object "1" and monitors the SLA 1>

Now for the routing, we need to change the default route and associate it with the tracker

and then put it back with the tracking

ip route 0.0.0.0 0.0.0.0 1.1.1.1 track 1

Then we need to add our secondary route

ip route 0.0.0.0 0.0.0.0 1.1.1.2 10

Now when the ping to"Any Ip address" fails the primary route is removed and the secondary route with the higher metric becomes the default. The route will be reinstated when the connectivity is restored.

Hope to Help !!

Ganesh.H

Remember to rate the helpful post

Hi Ganesh,

Thank you for your reply. I don't have access to the 2821 right now, but have a few questions.

1. Do I need to take out any lines from my current config, add any access lists or anything else apart from adding the IP SLA commands?

2. Before adding the 2 new defaults routes

ip route 0.0.0.0 0.0.0.0 1.1.1.1 track 1

ip route 0.0.0.0 0.0.0.0 1.1.1.2 10

Do I delete the old route by doing 'no ip route 0.0.0.0 0.0.0.0 Dialer1'? Am I correct in assuming that 1.1.1.1 is the gateway of the 1st ISP and will still go through Dialer1?

Regards,

Rob

Hi Rob,

I have suggested the configuration from link failover point of view and

yes you are right first remove the existing and need to change the

default route and associate it with the tracker

no ip route 0.0.0.0 0.0.0.0 1.1.1.1 -- Old default route

and then put it back with the tracking

ip route 0.0.0.0 0.0.0.0 1.1.1.1 track 1 -- New default route

1.1.1.1 is example ip which is your primary isp dailer inetrface facing.

Hope to help !!

Ganesh.H

Remember to rate the helpful post

=====

Hi Ganesh,

So, for the new default route, do I type 'ip route 0.0.0.0 0.0.0.0 Dialer1 track 1' or replace Dialer1 with an actual IP?

Best,

Rob

Dear Ganesh,

It is right the change over will work if gateway is down.

But sometimes it's happened that Gateway is working than also Internet is not working due to some other fault on ISP site e.g DNS is down. Than how can we should proceed ?

Pls suggest.

Dear Ganesh,

It is right the change over will work if gateway is down.

But sometimes it's happened that Gateway is working than also Internet is not working due to some other fault on ISP site e.g DNS is down. Than how can we should proceed ?

Pls suggest.

Hi Dipesh,

That why i have asked to ping an ip address in internet if the ping to that ip address is not responding then secondary link  will become active and routes will diverted through secondary ISP.

Hope to Help !!

Ganesh.H

Remember to rate the helpful post

Hi, Ganesh,

That is right.

But  sometimes Internet gateway is up and pinging successfully than also internet is not working.

In this case how can we track?

Pls suggest.

Hi Ganesh,

So, for the new default route, do I type 'ip route 0.0.0.0 0.0.0.0 Dialer1 track 1' or replace Dialer1 with an actual IP?

Best,

Rob

Hi Rob,

It's up to you how to configure the route but i would suggest to point to with destiona ip address.

Hope to Help !!

Ganesh.H

Remember to rate the helpful post

Hi Ganesh,

Unfortunately it did not work with the config. I will try again by replacing Dialer1 with the actual IP address. Looking at the rest of the config for this to work, is anything else needed?

Best,

Rob

Hi Ganesh,

What about the DNS servers from the second ISP, do they need to be entered too? I have the DNS servers from the 1st ISP in at the moment (although I'm unable to ping via IP or domain name).

Regards,

Rob

hi,

The reason why ganesh had asked you to configure IP SLA is, because your isp mode of delivery is Fast ethernet.. normally ethernet interface will not put down its carrier signal down so your normal default route pointing to this isp will not be automatically removed from your routing table. so IP SLA is for just to have a failover , if you are looking out for load balancing  kindly check this link...

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_configuration_example09186a00808d2b72.shtml

Hope this will help you in resolving this issue...

Regards,

Hariharan k

Hi Hariharan,

Thanks for your input, but not exactly sure what you were responding to here? I understood why Ganesh suggested the IP SLA configuration so that's not a problem.

Best,

Rob

hello,

I have tried with ip sla that monitors the response time of a HTTP GET, since a ping could always be answered by the next hop, a dns server or any other device on the Internet but does not guarantee me "Internet service" , Web browsing.

I use the following:

!
track 100 ip sla 4900
delay down 10 up 10
!

ip sla 4900
http get http://www.av.com source-ip 190.202.86.125 name-server 200.44.32.12
timeout 7000

!

ip route 0.0.0.0 0.0.0.0 x.x.x.x  track 100

ip route 0.0.0.0 0.0.0.0 10.0.0.3 10 (float route)

!

I hope it will be useful

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco