Re: Reliable static routing Issues (Urgent)

olakunle06 · ‎01-18-2007

I have 2 Cisco 1760 routers with 2 WIC-ENET interfaces each connected back to back to simulate 2 WAN connections b/w 2 remote sites. I'm running Cisco 12.4(12) IOS on them. I configured reliable static routing using Object tracking on them. When one of the interfaces fail, the other picks up like it's supposed to do. The issue I have is that if both interfaces fail, the routers start tracking on the Primary interface only if the Secondary interface comes up so even though the primary link comes up, the secondary one has to come up before it passes data on the primary link I need urgent help with this. Configuration is as on the Cisco site

interface Ethernet0/0

ip address 172.16.x.2 255.255.0.0

full-duplex

interface Ethernet1/0

ip address 144.32.x.2 255.255.0.0

full-duplex

ip local policy route-map MYMAP

ip route 0.0.0.0 0.0.0.0 172.16.12.1 track 123

ip route 0.0.0.0 0.0.0.x.32.8.1 254

access-list 101 permit icmp any host 160.160.160.1 echo

route-map MYMAP permit 10

match ip address 101

set ip next-hop 172.16.12.1

set interface Null0

ip sla monitor 1

type echo protocol ipIcmpEcho 160.160.160.1

timeout 1000

threshold 2

frequency 3

ip sla monitor schedule 1 life forever start-time now

Pls help

acomiskey · ‎01-18-2007

I have never tested taking both interfaces down myself, but I think it is acting the way it should, or should I say I don't think you configured it improperly. The problem is once the track goes down on primary the default route is out the secondary, the router won't know when the primary is back up.

You also have to consider that if you allow the ping reply from the secondary interface, if both interfaces are down and only secondary comes back up, the ping will succeed and the primary route will be reinstated even though the interface may still be down.

Ah, I got, create an acl denying ping reply from secondary connection, then create a static route to 160.160.160.1 towards 172.16.12.1. This will force the track ping always out primary. Make sense?

If both are down, route will be out secondary, track ping will continue to use primary route for ping, when primary comes back, the track will come back up and primary route will take over.

Also try.

"set interface Null0 Ethernet1/0" under route-map

Please rate if this helps.

sundar.palaniappan · ‎01-18-2007

Are you routing to 160.160.160.1 via 144.32.8.1? Can you add a static route to 160.160.160.1 via 172.16.12.1 and post the results.

The problem appears to be routing issue. Router should install the floating static route when the tracked IP is unreachable via the primary interface. When the connectivity is restored via the primary interface the tracked route should be re-installed irrespective of whether the secondary interface is up or not. Also, ensure the tracked IP is never learnt or routed via the secondary interface under any circumstance.

HTH

Sundar

acomiskey · ‎01-18-2007

This works for me...

ip sla monitor 25

type echo protocol ipIcmpEcho 1.1.1.1

timeout 10000

threshold 7

frequency 10

ip sla monitor schedule 25 life forever start-time now

track 123 rtr 25 reachability

delay down 60

interface FastEthernet0/0

ip address 172.31.0.5 255.255.255.252

speed auto

full-duplex

interface Serial0/0

ip address 172.26.0.14 255.255.255.252

ip access-group 120 in

interface Ethernet1/0

ip address 172.31.0.2 255.255.255.252

half-duplex

ip local policy route-map FAILOVER-POLICY

ip route 0.0.0.0 0.0.0.0 172.31.0.1 track 123

ip route 0.0.0.0 0.0.0.0 172.26.0.13 254

access-list 101 permit icmp any host 1.1.1.1 echo

access-list 120 deny icmp host 1.1.1.1 any

access-list 120 permit ip any any

route-map FAILOVER-POLICY permit 10

match ip address 101

set ip next-hop 172.31.0.1

set interface Null0 Serial0/0