01-30-2012 06:44 AM - edited 03-04-2019 03:04 PM
Hi All,
I am working on a multihomed network. There's a BGP session with ISP1 and I'm on the point of setting up a BGP session with another ISP2. I'll like ISP2 to be a Backup link and must only be used when ISP 1 is down.
In fact , i'll like to use ISP 2 when the ping on some internet address goes down. Cos at times the prob is not with ISP 1 but further upstream.
I intend to use PBR and IP SLA. Below is my configuration
interface FastEthernet0/0
description Connected to ISP 2
ip address 192.168.3.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet1/0
description Connected to ISP 1
ip address 192.168.2.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet2/0
ip address 192.168.20.1 255.255.255.0
ip policy route-map BACKUP
duplex auto
speed auto
router bgp 37034
no synchronization
bgp log-neighbor-changes
network 192.168.20.0
network 192.168.30.0
neighbor 192.168.2.2 remote-as 15964
neighbor 192.168.2.2 description ISP 1
neighbor 192.168.2.2 ebgp-multihop 255
neighbor 192.168.2.2 weight 100
neighbor 192.168.2.2 route-map Permit_default_route in
neighbor 192.168.3.2 remote-as 8513
neighbor 192.168.3.2 description ISP 2
neighbor 192.168.3.2 ebgp-multihop 255
neighbor 192.168.3.2 route-map Permit_default_route in
no auto-summary
route-map BACKUP permit 10
match ip address 101
set ip next-hop verify-availability 192.168.2.2 1 track 30
ip sla monitor 3
type echo protocol ipIcmpEcho 192.168.4.1
ip sla monitor schedule 3 life forever start-time now
track 30 rtr 3 reachability
access-list 101 permit ip any any
route-map Permit_default_route permit 10
match ip address 12
My real problem now is causing the router to remove the default route through ISP 1 from the routing table when the ping on 192.168.4.1 goes down so as to use the route throught ISP 2.
Thanks for your help in advance.
01-30-2012 11:47 AM
Hello
You said:
i'll like to use ISP 2 when the ping on some internet address goes down
and then I see that you monitor 192.168.4.1
This is not an Internet address as it's a private IP address and if you don't have 192.168.4.1 in the routing table (meaning unreachable) the your solution is working correct.
Do you have some kind of VPN remote site from where you should get 192.168.4.1?
Or the IP addresses are not the real used ones? Can we see an output of the routing table?
Cheers,
Calin
01-30-2012 11:05 PM
These are ip addresses are not real.
01-30-2012 11:11 PM
Hye ,
This is what the Routing Table looks like:
IBR-YDE#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 192.168.2.2 to network 0.0.0.0
C 192.168.20.0/24 is directly connected, FastEthernet2/0
C 192.168.2.0/24 is directly connected, FastEthernet1/0
C 192.168.3.0/24 is directly connected, FastEthernet0/0
B* 0.0.0.0/0 [20/0] via 192.168.2.2, 00:00:35
01-30-2012 11:25 PM
OK, now that we clarify this, I may have a solution for you:
http://www.firstdigest.com/2010/05/cisco-policy-routing-with-ip-sla/
I did this a while ago and I believe it's exactly what you need in term of IP SLA. The idea is that you have to use an IP SLA and only when the result of the IP SLA is down (meaning a deny there ! NOT, from the programming language).
Let me know if my solutions helps you!
Cheers,
Calin
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: