Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7087
Views
37
Helpful
9
Replies

Floating Static route

Go to solution
MITCH JOHNSON
Level 1
Level 1

‎02-23-2006 01:56 PM - edited ‎03-03-2019 01:59 AM

If I have two ways to the internet and one goes down, is the only way to send users out to the internet through a floating static route? Such that,

ip route 0.0.0.0 0.0.0.0 10.10.10.1

ip route 0.0.0.0 0.0.0.0 10.200.10.1 100, where the 100 allows the static default route to be replaced when the primary route is down? How would the router know when a static route is down?

Labels:
1 Accepted Solution

Accepted Solutions

Go to solution
pkhatri
Level 11
Level 11
In response to MITCH JOHNSON

‎02-24-2006 03:13 AM

Hi,

If you are running a relatively new IOS (12.3(8)T, I believe) you can use the reliable static route backup feature. This feature allows you to detect failures downstream from your ethernet connection.

Here's a sample config:

Replace with an IP that you can ping through your main link - preferably the ISP side of the WAN link address.

interface Ethernet 0

description Main Link

ip address 10.1.1.1 255.0.0.0

!

interface Ethernet 1

description Backup Link

ip address 192.168.1.1 255.0.0.0

!

ip sla monitor 1

type echo protocol ipIcmpEcho

timeout 1000

frequency 3

threshold 2

!

ip sla monitor schedule 1 life forever start-time now

!

track 100 rtr 1 reachability

!

access list 101 permit icmp any host echo

!

route-map LOCAL_POLICY permit 10

match ip address 101

set ip next-hop 10.1.1.254

set interface null0

!

ip local policy route-map LOCAL_POLICY

!

ip route 0.0.0.0 0.0.0.0 10.1.1.254 track 100

ip route 0.0.0.0 0.0.0.0 192.168.1.254 254

Hope that helps - pls do rate the post if it does.

Paresh

View solution in original post

9 Replies 9

Go to solution
pkhatri
Level 11
Level 11

‎02-23-2006 02:10 PM

Hi,

What you have suggested is certainly one way of doing it ? The trick is to ensure that your primary static route does go down when your link breaks. With links such as ethernet links, the physical interface may remain up although the connection itself is broken. In such cases, you need to use a reliable static route backup option where you use track objects to track reachability through the link.

However, if what you have is a couple of serial links, the idea of using floating static routes will work perfectly well.

The other alternative is to run BGP with your provider.

Hope that helps - pls rate the post if it does.

Paresh

Go to solution
jarathbu
Level 1
Level 1

‎02-23-2006 02:22 PM

Hello,

If your primary default route should always reachable via a particular interface you can include that in the static route statement - so if that interface goes down - your floating static will be effective.

Hope that helps.

Regards,

James

Go to solution
MITCH JOHNSON
Level 1
Level 1
In response to jarathbu

‎02-23-2006 05:43 PM

Thanks for the input. As usual I left key information out of the question, such as the ethernet interface part. I can't use BGP as neither ISP is willing to do BGP. I guess what I'm asking is how to make ethernet interfaces know when a neighbor isn't reachable. It's not very often that an ethernet interface goes down, it's usually a serial interface further down the line that goes down, then I usually go in manualy to change the default route.

Once again, thankyou.

0 Helpful

Go to solution
pkhatri
Level 11
Level 11
In response to MITCH JOHNSON

‎02-24-2006 03:13 AM

Hi,

If you are running a relatively new IOS (12.3(8)T, I believe) you can use the reliable static route backup feature. This feature allows you to detect failures downstream from your ethernet connection.

Here's a sample config:

Replace with an IP that you can ping through your main link - preferably the ISP side of the WAN link address.

interface Ethernet 0

description Main Link

ip address 10.1.1.1 255.0.0.0

!

interface Ethernet 1

description Backup Link

ip address 192.168.1.1 255.0.0.0

!

ip sla monitor 1

type echo protocol ipIcmpEcho

timeout 1000

frequency 3

threshold 2

!

ip sla monitor schedule 1 life forever start-time now

!

track 100 rtr 1 reachability

!

access list 101 permit icmp any host echo

!

route-map LOCAL_POLICY permit 10

match ip address 101

set ip next-hop 10.1.1.254

set interface null0

!

ip local policy route-map LOCAL_POLICY

!

ip route 0.0.0.0 0.0.0.0 10.1.1.254 track 100

ip route 0.0.0.0 0.0.0.0 192.168.1.254 254

Hope that helps - pls do rate the post if it does.

Paresh

Go to solution
tin.ngo
Level 1
Level 1
In response to pkhatri

‎03-31-2006 01:10 PM

Paresh, is there a link where your example comes from explaining what each command does?

I am considering implementing the above with Serial as primary path and ethernet as secondary path with IPsec (over Internet). Just need to understand it a bit more.

0 Helpful

Go to solution
tin.ngo
Level 1
Level 1
In response to pkhatri

‎03-31-2006 04:37 PM

IOS 12.3(14)T I beleived replace "rtr" with "ip sla" command. Do you have a link with sample configuration similar to the above (i.e primary and backup link) using ip sla command instead?

If not, can you convert the above using ip sla? Thanks.

0 Helpful

Go to solution
pkhatri
Level 11
Level 11
In response to tin.ngo

‎03-31-2006 06:01 PM

Here's a config I use - you will need to adjust it for your requirements;

Replace with an IP that you can ping through your main link - preferably the ISP side of the WAN link address.

interface Ethernet 0

description Main Link

ip address 10.1.1.1 255.0.0.0

!

interface Ethernet 1

description Backup Link

ip address 192.168.1.1 255.0.0.0

!

ip sla monitor 1

type echo protocol ipIcmpEcho

timeout 1000

frequency 3

threshold 2

!

ip sla monitor schedule 1 life forever start-time now

!

track 100 rtr 1 reachability

!

access list 101 permit icmp any host echo

!

route-map LOCAL_POLICY permit 10

match ip address 101

set ip next-hop 10.1.1.254

set interface null0

!

ip local policy route-map LOCAL_POLICY

!

ip route 0.0.0.0 0.0.0.0 10.1.1.254 track 100

ip route 0.0.0.0 0.0.0.0 192.168.1.254 254

Pls do remember to rate posts.

Paresh

Go to solution
guruprasadr
Level 7
Level 7
In response to pkhatri

‎03-31-2006 11:30 PM

Hi Paresh,

I am a Guruprasad.R working as Network Administrator in Saksoft Ltd for the past 6 months. I am a new guy to the Networking world.I finished my B.Tech[Information Technology] by May 2005.

I finished my CCNA by Jan 06 and i am currently focussing on CCNP(BCMSN) paper. I used to visit discussion forums frequently. I was supposed to see that all questions were replied by you.

I am really proud of you. I have more idea and interest in the Security Environment. So, Kindly guide me in my career. Expecting you guidance, kindness and wishes to make my career the best one.

Your's Truly,

Guruprasad.R

Mail id: itguruprasad@yahoo.com

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents