Cannot get Gig 0/1 to route to gig 0/0

Unanswered Question
Apr 17th, 2012

I have a problem that several have been unabvel to solve.  I have gig 0/0 as my primary WAN interface and an Cellular HWIC as my backup WAN interface.  Off of gig 0/1 I have a laptop and I cannot get it to route out to the internet unless I disconneect the gig 0/0, in whihc it then goes out the cellular interface.  However, form the rotuer consol, I can go out gig 0/0.

Current configuration : 4484 bytes
!
! No configuration change since last restart
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CiscoDemo4GLTE
!
boot-start-marker
boot system flash:c1900-universalk9-mz.SPA.151-4.M3.10
boot-end-marker
!
!
enable secret 5 $1$RDV7$13G5jO/0bPpJiWWiDwO7S/
enable password DanAngst
!
no aaa new-model
no process cpu extended history
no process cpu autoprofile hog
!
no ipv6 cef
ip source-route
ip cef
!
!
!
!
ip dhcp pool lan0
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
dns-server 4.2.2.2
!
!
multilink bundle-name authenticated
!
chat-script ltescript "" "AT
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-3645487553
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3645487553
revocation-check none
rsakeypair TP-self-signed-3645487553
!
!
crypto pki certificate chain TP-self-signed-3645487553
certificate self-signed 01
  3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 33363435 34383735 3533301E 170D3132 30343133 31363535
  35305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 36343534
  38373535 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100C0E1 172C26CD FE4EF183 B9B9FF39 6661A3F9 9A623B34 10F19FDB 415C3CDC
  507C834F B3DC74FF 5F7B9529 7BC2107C 3646D810 2AC97239 E07F985D 3700E134
  448EEA16 A1D4FFA5 62D9D204 D2004BA0 13F843E4 8E4D84BA C4B172EF 8530DE3A
  DFA7AD7E 55F7F2A6 D1C9988A 15367502 A8B44E21 16228E21 E65269B4 CF230F69
  B95B0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
  551D2304 18301680 146C09AD D15833D3 DC949C08 FDF65EA8 EA5ACA91 5C301D06
  03551D0E 04160414 6C09ADD1 5833D3DC 949C08FD F65EA8EA 5ACA915C 300D0609
  2A864886 F70D0101 05050003 81810032 16C06137 36204621 57635F4D F546E5FB
  E3DDF625 52C9F512 0BF1910A FF1210DF F645C218 A5BDFBA3 44C66C24 969450AE
  FE4382A8 BDE67BDC 5555043C 515229A7 A75DF22E AAE20FD5 BDBED744 D90710D0
  DD37D67C 83472DCE CA461911 152C92F1 36642B47 49A6533C FF8F2154 A57CDFA6
  9108676B 7EC7C6D9 78ADF971 1D4621
        quit
license udi pid CISCO1921/K9 sn FTX160685BJ
!
!
!
!
controller Cellular 0/1
!
!
!
!
!
interface Loopback1
ip address 1.2.3.9 255.255.255.255
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
no cdp enable
no mop enabled
!
interface GigabitEthernet0/0
ip address dhcp
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
no cdp enable
!
interface GigabitEthernet0/1
ip address 10.10.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
no cdp enable
!
interface Cellular0/1/0
ip address negotiated
no ip unreachables
ip nat outside
ip virtual-reassembly in
encapsulation slip
load-interval 30
dialer in-band
dialer idle-timeout 0
dialer string ltescript
dialer watch-group 1
async mode interactive
!
ip forward-protocol nd
!
ip http server
ip http secure-server
!
ip nat inside source list 100 interface Cellular0/1/0 overload
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0 90
ip route 0.0.0.0 0.0.0.0 Cellular0/1/0 200
!
access-list 100 permit ip any any
dialer watch-list 1 ip 5.6.7.8 0.0.0.0
dialer watch-list 1 delay route-check initial 60
dialer watch-list 1 delay connect 1
!
no cdp run
route-map clear-df permit 10
set ip df 0
!
!
snmp-server community public RO
tftp-server exit
!
control-plane
!
!
!
line con 0
exec-timeout 0 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line 0/1/0
script dialer ltescript
modem InOut
no exec
rxspeed 100000000
txspeed 50000000
line vty 0 4
password cisco
login
transport input all
line vty 5 15
password cisco
login
transport input all
!
scheduler allocate 20000 1000
event manager environment cell_int Cellular0/0/0
event manager environment modem_reset_count 0
event manager environment reload_required 1
event manager environment poll_time 30
event manager environment max_pwrcycles 3
event manager directory user policy "flash:/"
event manager directory user repository flash:/
event manager scheduler script thread class N number 1
event manager policy lte_cli.tcl
event manager policy lte_recovery_v1.tcl class N
!
end

CiscoDemo4GLTE#

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 5 (1 ratings)
Edison Ortiz Tue, 04/17/2012 - 12:19

Follow Peter's suggestion. There are other missing NAT configuration in the router.

Peter Paluch Tue, 04/17/2012 - 12:07

Hello Sam,

One obvious issue that hit my eye is that the Gi0/0 is configured with ip nat inside - should it not rather be ip nat outside, assuming it is the outside interface?

In addition, the default route defined by the command

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0 90

may not be working properly, because it specifies only the egress interface and not the IP of the next hop - under certain circumstances, this static route may not work. Remove it, and replace it with the following modification:

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0 dhcp 90

This modification will force your router to create a default route using the gateway IP address obtained via DHCP on Gi0/0, and assign it the AD of 90.

Also, the NAT configuration is not correct. It does not take into account that the traffic must be NATted according to the interface it is being sent out through. Currently, everything is being NATted to the IP of the cellular interface, even if it tries to go out the Gi0/0, which is wrong.

Configure the following:

route-map NAT-Gi permit 10

  match ip address 100

  match interface Gi0/0

route-map NAT-Cell permit 10

  match ip address 100

  match interface Cellular0/1/0

no ip nat inside source list 100 interface Cell0/1/0 overload

ip nat inside source route-map NAT-Gi interface Gi0/0 overload

ip nat inside source route-map NAT-Cell interface Cell0/1/0 overload

Perform these configuration modifications, and test it out. If it does not work, please post your then-current configuration again. Thanks!

Best regards,

Peter

hightide185 Tue, 04/17/2012 - 12:39

Peter - you fixed the issue with getting out GIg 0/0 - thanks you.  However, now when I pull Gig 0/0 I do not failover to the Cellualr interface.  I tryign to have gig 0/0 be my primary WAN and the Cell be my backup/failover. 

I appreciate the help

hightide185 Tue, 04/17/2012 - 12:50

Here is the updated config

Current configuration : 4881 bytes

!

! Last configuration change at 19:36:19 UTC Tue Apr 17 2012

! NVRAM config last updated at 19:44:43 UTC Tue Apr 17 2012

! NVRAM config last updated at 19:44:43 UTC Tue Apr 17 2012

version 15.1

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname CiscoDemo4GLTE

!

boot-start-marker

boot system flash:c1900-universalk9-mz.SPA.151-4.M3.10

boot-end-marker

!

!

enable secret 5 $1$RDV7$13G5jO/0bPpJiWWiDwO7S/

enable password DanAngst

!

no aaa new-model

no process cpu extended history

no process cpu autoprofile hog

!

no ipv6 cef

ip source-route

ip cef

!

!

!

!

ip dhcp pool lan0

network 10.10.10.0 255.255.255.0

default-router 10.10.10.1

dns-server 4.2.2.2

!

!

multilink bundle-name authenticated

!

chat-script ltescript "" "AT

crypto pki token default removal timeout 0

!

crypto pki trustpoint TP-self-signed-3645487553

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-3645487553

revocation-check none

rsakeypair TP-self-signed-3645487553

!

!

crypto pki certificate chain TP-self-signed-3645487553

certificate self-signed 01

  3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030

  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274

  69666963 6174652D 33363435 34383735 3533301E 170D3132 30343133 31363535

  35305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649

  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 36343534

  38373535 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281

  8100C0E1 172C26CD FE4EF183 B9B9FF39 6661A3F9 9A623B34 10F19FDB 415C3CDC

  507C834F B3DC74FF 5F7B9529 7BC2107C 3646D810 2AC97239 E07F985D 3700E134

  448EEA16 A1D4FFA5 62D9D204 D2004BA0 13F843E4 8E4D84BA C4B172EF 8530DE3A

  DFA7AD7E 55F7F2A6 D1C9988A 15367502 A8B44E21 16228E21 E65269B4 CF230F69

  B95B0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603

  551D2304 18301680 146C09AD D15833D3 DC949C08 FDF65EA8 EA5ACA91 5C301D06

  03551D0E 04160414 6C09ADD1 5833D3DC 949C08FD F65EA8EA 5ACA915C 300D0609

  2A864886 F70D0101 05050003 81810032 16C06137 36204621 57635F4D F546E5FB

  E3DDF625 52C9F512 0BF1910A FF1210DF F645C218 A5BDFBA3 44C66C24 969450AE

  FE4382A8 BDE67BDC 5555043C 515229A7 A75DF22E AAE20FD5 BDBED744 D90710D0

  DD37D67C 83472DCE CA461911 152C92F1 36642B47 49A6533C FF8F2154 A57CDFA6

  9108676B 7EC7C6D9 78ADF971 1D4621

        quit

license udi pid CISCO1921/K9 sn FTX160685BJ

!

!

!

!

controller Cellular 0/1

!

!

!

!

!

interface Loopback1

ip address 1.2.3.9 255.255.255.255

!

interface Embedded-Service-Engine0/0

no ip address

shutdown

no cdp enable

no mop enabled

!

interface GigabitEthernet0/0

ip address dhcp

ip nat inside

ip virtual-reassembly in

duplex auto

speed auto

no cdp enable

!

interface GigabitEthernet0/1

ip address 10.10.10.1 255.255.255.0

ip nat inside

ip virtual-reassembly in

duplex auto

speed auto

no cdp enable

!

interface Cellular0/1/0

ip address negotiated

no ip unreachables

ip nat outside

ip virtual-reassembly in

encapsulation slip

load-interval 30

dialer in-band

dialer idle-timeout 0

dialer string ltescript

dialer watch-group 1

async mode interactive

!

ip forward-protocol nd

!

ip http server

ip http secure-server

!

ip nat inside source route-map NAT-Cell interface Cellular0/1/0 overload

ip nat inside source route-map NAT-Gi interface GigabitEthernet0/0 overload

ip route 0.0.0.0 0.0.0.0 Cellular0/1/0 200

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0 dhcp 90

!

access-list 100 permit ip any any

dialer watch-list 1 ip 5.6.7.8 0.0.0.0

dialer watch-list 1 delay route-check initial 60

dialer watch-list 1 delay connect 1

!

no cdp run

route-map NAT-Cell permit 10

match ip address 100

match interface Cellular0/1/0

!

route-map clear-df permit 10

set ip df 0

!

route-map NAT-Gi permit 10

match ip address 100

match interface GigabitEthernet0/0

!

!

snmp-server community public RO

tftp-server exit

!

control-plane

!

!

!

line con 0

exec-timeout 0 0

line aux 0

line 2

no activation-character

no exec

transport preferred none

transport input all

transport output pad telnet rlogin lapb-ta mop udptn v120 ssh

stopbits 1

line 0/1/0

script dialer ltescript

modem InOut

no exec

rxspeed 100000000

txspeed 50000000

line vty 0 4

password cisco

login

transport input all

line vty 5 15

password cisco

login

transport input all

!

scheduler allocate 20000 1000

event manager environment cell_int Cellular0/0/0

event manager environment modem_reset_count 0

event manager environment reload_required 1

event manager environment poll_time 30

event manager environment max_pwrcycles 3

event manager directory user policy "flash:/"

event manager directory user repository flash:/

event manager scheduler script thread class N number 1

event manager policy lte_cli.tcl

event manager policy lte_recovery_v1.tcl class N

!

end

Richard Burts Tue, 04/17/2012 - 13:22

Sam

Your updated config still seems to have ip nat inside on the Gig0/0 interface.

I suspect that the problem with failover to the cellular is caused by the fact that the static default route using Gig0/0 does not get removed from the routing table. You can verify that by causing the connection on Gig 0/0 to fail and then doing show ip route. I suspect that you will find the routing table still has the default route using Gig0/0 and not the floating static for Cellular.

This is a fairly common issue with static routes (and especially static default routes) which use Ethernet interfaces. IOS will not remove the static route unless the Ethernet interface goes line protocol down. It happens frequently that you lose connectivity through the Ethernet interface but the interface does not go line protocol down. The solution to this is to use Object Tracking to check connectivity through the interface and to force withdrawal of the route if you lose connectivity through the Ethernet interface.

HTH

Rick

hightide185 Tue, 04/17/2012 - 13:40

I fixed the NAT statement and when I pull the gig 0/0 cable my router show the cellular interface as the default.  If I ping from the console fo the router, I can get everywhere regardless of gig 0/0 up or not. 

Peter Paluch Tue, 04/17/2012 - 13:43

Sam,

So what is the current state of things after implementing all the suggested corrections?

Rick - yes, you are correct about the static route not being removed from the routing table until the egress interface comes down. However, Sam has indicated he "pulls out gi0/0" so that should definitely make the interface go line protocol down, and remove the static default route via gi0/0 from the routing table.

Best regards,

Peter

Richard Burts Tue, 04/17/2012 - 14:03

If I am understanding correctly Sam is saying that now Gig0/0 has Internet access. And if he pulls the cable for Gig0/0 that the routing table does update and the default route through the cellular interface is in the routing table. But clients connected on Gig0/0 do not have Internet access but the router console does still have Internet access. If something in what I understand is wrong please correct me.

If I am right then it points pretty clearly to an issue with address translation when Gig0/0 is going out the cellular interface.

HTH

Rick

[edit] Peter - I was not sure from the initial description that Sam was actually pulling the cable. Now that is clear.

And I still suggest that Sam think about Object Tracking as part of his solution because after he gets done testing and starts to actually use this he will encounter a failure scenario where he loses connectivity to the next hop but that the interface does not go down.

Peter Paluch Tue, 04/17/2012 - 14:24

Hi Rick,

Agreed, the object tracking is the way to go after Sam gets the basic connectivity up and running. Still, I wanted to avoid cluttering his config with fancy things before establishing the basic functionality.

Best regards,

Peter

Richard Burts Tue, 04/17/2012 - 14:35

Peter

No problem with that approach. In the early stage simple is good

HTH

Rick

hightide185 Tue, 04/17/2012 - 15:43

you guys got it.  I see the Cellular static route as my gateway of last resort but get destination unreachable on a ping.  So when everything is up,I can get on gig 0/0 but if I pull gig 0/0 and fail over to cellular, I now die.  I've been playign with the static routes to see if that is it.

hightide185 Tue, 04/17/2012 - 16:07

As it stand right now, I can route out gig 0/0 but cannot failover to the cellular interface.  If I ping from my laptop behind gig 0/1 and I pull gig 0/0, my ping dies.  Even though I see the route as going out the cellular interface.  Here is the current config.  I did change the static routes a little as inthe cellular world we really don't care about the default gateway but Cisco needs it.

Current configuration : 4895 bytes
!
! Last configuration change at 23:00:55 UTC Tue Apr 17 2012
! NVRAM config last updated at 22:58:03 UTC Tue Apr 17 2012
! NVRAM config last updated at 22:58:03 UTC Tue Apr 17 2012
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CiscoDemo4GLTE
!
boot-start-marker
boot system flash:c1900-universalk9-mz.SPA.151-4.M3.10
boot-end-marker
!
!
enable secret 5 $1$RDV7$13G5jO/0bPpJiWWiDwO7S/
enable password DanAngst
!
no aaa new-model
no process cpu extended history
no process cpu autoprofile hog
!
no ipv6 cef
ip source-route
ip cef
!
!
!
!
ip dhcp pool lan0
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
dns-server 4.2.2.2
!
!
multilink bundle-name authenticated
!
chat-script ltescript "" "AT
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-3645487553
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3645487553
revocation-check none
rsakeypair TP-self-signed-3645487553
!
!
crypto pki certificate chain TP-self-signed-3645487553
certificate self-signed 01
  3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 33363435 34383735 3533301E 170D3132 30343133 31363535
  35305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 36343534
  38373535 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100C0E1 172C26CD FE4EF183 B9B9FF39 6661A3F9 9A623B34 10F19FDB 415C3CDC
  507C834F B3DC74FF 5F7B9529 7BC2107C 3646D810 2AC97239 E07F985D 3700E134
  448EEA16 A1D4FFA5 62D9D204 D2004BA0 13F843E4 8E4D84BA C4B172EF 8530DE3A
  DFA7AD7E 55F7F2A6 D1C9988A 15367502 A8B44E21 16228E21 E65269B4 CF230F69
  B95B0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
  551D2304 18301680 146C09AD D15833D3 DC949C08 FDF65EA8 EA5ACA91 5C301D06
  03551D0E 04160414 6C09ADD1 5833D3DC 949C08FD F65EA8EA 5ACA915C 300D0609
  2A864886 F70D0101 05050003 81810032 16C06137 36204621 57635F4D F546E5FB
  E3DDF625 52C9F512 0BF1910A FF1210DF F645C218 A5BDFBA3 44C66C24 969450AE
  FE4382A8 BDE67BDC 5555043C 515229A7 A75DF22E AAE20FD5 BDBED744 D90710D0
  DD37D67C 83472DCE CA461911 152C92F1 36642B47 49A6533C FF8F2154 A57CDFA6
  9108676B 7EC7C6D9 78ADF971 1D4621
        quit
license udi pid CISCO1921/K9 sn FTX160685BJ
!
!
!
!
controller Cellular 0/1
!
!
!
!
!
interface Loopback1
ip address 1.2.3.9 255.255.255.255
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
no cdp enable
no mop enabled
!
interface GigabitEthernet0/0
ip address dhcp
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
no cdp enable
!
interface GigabitEthernet0/1
ip address 10.10.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
no cdp enable
!
interface Cellular0/1/0
ip address negotiated
no ip unreachables
ip nat outside
ip virtual-reassembly in
encapsulation slip
load-interval 30
dialer in-band
dialer idle-timeout 0
dialer string ltescript
dialer watch-group 1
async mode interactive
!
ip forward-protocol nd
!
ip http server
ip http secure-server
!
ip nat inside source route-map NAT-Cell interface Cellular0/1/0 overload
ip nat inside source route-map NAT-Gi interface GigabitEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 Cellular0/1/0 10.164.150.1 200
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0 dhcp 90
!
access-list 100 permit ip any any
dialer watch-list 1 ip 5.6.7.8 0.0.0.0
dialer watch-list 1 delay route-check initial 60
dialer watch-list 1 delay connect 1
!
no cdp run
route-map NAT-Cell permit 10
match ip address 100
match interface Cellular0/1/0
!
route-map clear-df permit 10
set ip df 0
!
route-map NAT-Gi permit 10
match ip address 100
match interface GigabitEthernet0/0
!
!
snmp-server community public RO
tftp-server exit
!
control-plane
!
!
!
line con 0
exec-timeout 0 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line 0/1/0
script dialer ltescript
modem InOut
no exec
rxspeed 100000000
txspeed 50000000
line vty 0 4
password cisco
login
transport input all
line vty 5 15
password cisco
login
transport input all
!
scheduler allocate 20000 1000
event manager environment cell_int Cellular0/0/0
event manager environment modem_reset_count 0
event manager environment reload_required 1
event manager environment poll_time 30
event manager environment max_pwrcycles 3
event manager directory user policy "flash:/"
event manager directory user repository flash:/
event manager scheduler script thread class N number 1
event manager policy lte_cli.tcl
event manager policy lte_recovery_v1.tcl class N
!
end

CiscoDemo4GLTE#

Peter Paluch Tue, 04/17/2012 - 16:47

Hi Sam,

I do not personally think that it was necessary to modify the default route via Cell0/1/0 to include the IP address of the next hop, and I suggest reverting to the previous form of the command. The encapsulation on Cell0/1/0 is SLIP which means it is a point-to-point type interface. On point-to-point interfaces, there is no need to specify next hop in a static route, and instead, the static route can simply point out the interface. In your case, I even discourage using a fixed IP address in the static default route pointing out the Cell0/1/0 - in case of network address mismatch, the IP address may not actually be reachable via the Cell0/1/0.

You are saying that when you disconnect the Gi0/0, the ping dies. Does the Cell0/1/0 interface then come up? What is the output of the show ip route and show int c0/1/0? Can you at the same time ping a public IP address from the router itself?

Best regards,

Peter

hightide185 Tue, 04/17/2012 - 17:22

I added the next to the static route on the cell interface because I was seeing no gateway of last resort when I failed over.

To answer your question, I can ping from the consol of the router to any public IP and yes the cellular interface is up.  I start a ping and pull the gig 0/0 cable and can see the traffic drop and then pick up on the cellular interface.  This is what I expect and want to happen from the device off gig 0/1.  When I Show IP Route, I see the route pointing out the cellular intgerface when in failover mode and pointing to the gig 0/0 when in all is well mode.  For some reason, when I drop the gig 0/0 no traffic can get to the internet. 

hightide185 Tue, 04/17/2012 - 18:06

Here is a new finding.  If I open IE and go to you tube and stream a video and then pull gig 0/0.  The video will die, but if I open a new IE Window (while gig 0/0 is down) and go to you tube I can play a new video.  So that means the IP session is not moving from interface to interface.  I tested this several times and I can replicate over and over.

nkarpysh Tue, 04/17/2012 - 18:35

I guess this is specific of TCP. It establish the statefull connection. Whenever you change the outgoing interface - you also change the source ip for this connection. Thus it can't work anymore - it should be reset and started over.

Nik

hightide185 Wed, 04/18/2012 - 05:43

Would Stateful NAT be an option on a standalone router with two WAN interfaces?

nkarpysh Wed, 04/18/2012 - 18:55

I guess that wont help. Idea of statefull NAT to still use same source ip. But as you have ip addresses received from different providers on your WAN interfaces - those will not be able to share the common one as it creat problem with return routing.

The only WA I see is to use some owned public ip and do NAT before leaving your WAN router. Also this IP should be announced to both providers.

Nik

Actions

Login or Register to take actions

This Discussion

Posted April 17, 2012 at 11:32 AM
Stats:
Replies:20 Avg. Rating:5
Views:970 Votes:0
Shares:0
Tags: No tags.

Discussions Leaderboard