Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Static backup route when there is an SVI connected route?

Hi,

until now, a customer had his 2 main sites connected via an MPLS cloud, who belongs and is managed by their ISP.

A number of other smaller remote sites are also meshed through this cloud.

Recently, the customer had the opportunity to have the 2 main sites connected through a direct dual fiber link (provided by another ISP).

No L3 routing here, just a straight L1 direct connection.

See attached network diagram.

Here's what we would like to achieve:

1)Use the new fiber link as an L2 trunk between the 2 sites.

2)Use the former L3 MPLS path as a backup link, if the fiber etherchannel goes down.

Step 1 is no problem.

Step 2 doesn't work, because even with the etherchannel going down, either 3750's still see the SVI interface corresponding to the remote site as "up".

Since this SVI stays up, it's considered by the switch as a directly connected connected route, so the default external route will not be used.

In other words, we are trying somehow to make the state of the SVI dependent of the state of the etherchannel.

For example, as soon as we administratively shutdown the other sites's corresponding SVI, then the default route is used to reach the other site.

I know that we could do L3 routing instead of L2 trunking, and then it would be much simpler to make the backup path work.

But for several reasons like e.g. disaster recovery, customer wants each sites's vlans propagated to the other one.

Does somebody have a brilliant idea on how to make the backup route work?

Thanks in advance.

JG.

15 REPLIES
Hall of Fame Super Blue

Re: Static backup route when there is an SVI connected route?

I haven't used this on a 3750 so you would need to test it but you could try using PBR with multiple tracking. The basic idea is you use ICMP to check the status of the SVI interface so from Site A you would ping the SVI of vlan on Site B. If the etherchannel fails then the ping should fail and you can then use a different route.

You will need to use the Routing SDM template on your 3750's to use PBR. As i say, i haven't used this on 3750's so please test.

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gtpbrtrk.html

Jon

New Member

Re: Static backup route when there is an SVI connected route?

Thanks for the suggestion..but am I mistaken by thinking that even like that, both SVI's on both 3750's will still remain up? And that because of this, no different route will be ever installed because of the (svi's) directly connected ones?

Unless PBR is capable of doing such smart things as administratively shutting down an SVI?

Creating a track object for the state of the etherchannel is not a problem, but that doesn't help us much.

Jose.

Hall of Fame Super Bronze

Re: Static backup route when there is an SVI connected route?

A SVI only remains up when a switchport is up/up and part of the Vlan the SVI represents.

I recommend having only the Vlan the SVI represents on that etherchannel and under no other switchport.

HTH,

__

Edison.

Hall of Fame Super Blue

Re: Static backup route when there is an SVI connected route?

Hi Edison

Think that may be the issue. If you only have the SVI on the etherchannel then you may as well route the link because you can't extend a layer 2 vlan across the link anymore.

Jon

Hall of Fame Super Blue

Re: Static backup route when there is an SVI connected route?

Edison

Just ignore me, i'm having a moment ! I mistakenly read the diagram as needing switchports in both sites in both vlans.

Jon

Hall of Fame Super Bronze

Re: Static backup route when there is an SVI connected route?

Edison

Just ignore me,

Done ;)

Hall of Fame Super Blue

Re: Static backup route when there is an SVI connected route?

Jose

I think i may not be understanding your setup properly. My understanding was that when the etherchannel went down it did not fail over to other route because the local SVI was still up.

I was suggesting tracking the remote SVI. If the etherchannel goes down then you will not be able to ping site B's SVI because as you have already said the failover isn't working.

So when you can't ping the remote SVI you can then switch routes. Have i misunderstood ?

Jon

New Member

Re: Static backup route when there is an SVI connected route?

Hi Jon,

"I think i may not be understanding your setup properly. My understanding was that when the etherchannel went down it did not fail over to other route because the local SVI was still up."

Well, on both 3750's, the local AND remote SVI's are present. So on 3750-A, vlan2 (local) and vlan3 (remote) are present. And vice-versa. This is what makes inter-vlan (and so inter-site) routing possible. But on site A for example, if I take down the portchannel, the vlan3 SVI stays up from the switch's perspective, hence the external route is not considered. The same on site B, where vlan2 SVI will stay up.

Are we on the same page?

Regarding Edison's input, that's a good point.

But I tried the following on site A:

Verified that there are no switchports assigned to vlan3 (corresponding to site B) on 3750-A, leaving only the 2 trunked fiber ports. Then I took the etherchannel down, hoping that indeed vlan3 SVI would go down. But surprise, it remained up! I waited quite a while, thinking that there could be some timeout that I was unaware off...but no way.

Thx,

Jose.

Hall of Fame Super Blue

Re: Static backup route when there is an SVI connected route?

"Are we on the same page?"

We are now :-). Apologies Jose, this is one thread i wish i hadn't got involved in !!

Edison's point is indeed a good one, when you took down the etherchannel did you verify that both individual links shutdown as well ?

Jon

New Member

Re: Static backup route when there is an SVI connected route?

Yes of course, both ports are down, and so does the etherchannel after that.

3750-A#sh int po5

Port-channel5 is down, line protocol is down (notconnect)

3750-A#sh int vl3

Vlan3 is up, line protocol is up

Hall of Fame Super Bronze

Re: Static backup route when there is an SVI connected route?

Make sure you don't have any other trunking switchport on that switch with that Vlan in forwarding state.

You need to manually prune that Vlan on those switchports, if that's the case.

__

Edison.

New Member

Re: Static backup route when there is an SVI connected route?

Hi Jon,

"I think i may not be understanding your setup properly. My understanding was that when the etherchannel went down it did not fail over to other route because the local SVI was still up."

Well, on both 3750's, the local AND remote SVI's are present. So on 3750-A, vlan2 (local) and vlan3 (remote) are present. And vice-versa. This is what makes inter-vlan (and so inter-site) routing possible. But on site A for example, if I take down the portchannel, the vlan3 SVI stays up from the switch's perspective, hence the external route is not considered. The same on site B, where vlan2 SVI will stay up.

Are we on the same page?

Regarding Edison's input, that's a good point.

But I tried the following on site A:

Verified that there are no switchports assigned to vlan3 (corresponding to site B) on 3750-A, leaving only the 2 trunked fiber ports. Then I took the etherchannel down, hoping that indeed vlan3 SVI would go down. But surprise, it remained up! I waited quite a while, thinking that there could be some timeout that I was unaware off...but no way.

Thx,

Jose.

Hall of Fame Super Bronze

Re: Static backup route when there is an SVI connected route?

Make sure you don't have any other trunking switchport on that switch with that Vlan in forwarding state.

You need to manually prune that Vlan on those switchports, if that's the case.

__

Edison.

New Member

Re: Static backup route when there is an SVI connected route?

Hi guys,

Edison was right, there were some other trunked ports with no pruning.

However, in the meantime, customer confirmed his mandatory need to have some static access ports in each site, pertaining to the opposite site's vlan (Jon was also correct assuming that this was a requirement:-)

So I'm back at the starting point.

I'm beginning to think that there is no native possibility in the IOS to achieve the L3 route failover automatically.

Maybe the only way would be some kind of snmp monitoring of the etherchannes state, who could ultimately trigger some kind of external scripted action that would be sent to the 3750's (shutdown the SVI for instance).

Jose.

Hall of Fame Super Blue

Re: Static backup route when there is an SVI connected route?

Jose

I looked into using EEM (Embedded Event Manager) to automatically shutdown the local SVI if the etherchannel fails but unless your switches are 3750 Metro switches you cannot run EEM.

I also did some investigating in the forums. You may want to cross post this query into the Network Management forum as there are a number of SNMP experts there who may have an approach to this.

Other than that i guess the only way to go is L3.

Jon

285
Views
0
Helpful
15
Replies