1941 Auto failover and load balance

rsjavahar · ‎02-06-2014

HI ...

I have configured 1941-sec router for my client 3 months back for Autofailover and Load balance. it worked well. but from past 20days .. auto failover is working .. one the 1st ISP cable physically disconnects.. and not able to access the device from remotely thorugh 1st ISP... here i am adding the configuration ...

XXX.YYY.ZZZ,,, is primary ISP

XXX.XXX.XXX....secondary ISP

thanks in advance

RSJ

#sh run

boot-start-marker

boot-end-marker

!

enable password <removed>

!

no aaa new-model

!

ip cef

!

ip dhcp excluded-address 192.168.1.151

ip dhcp excluded-address 192.168.1.1

!

ip dhcp pool satwic

network 192.168.1.0 255.255.255.0

default-router 192.168.1.1

dns-server 8.8.8.8 4.4.4.4 XXX.YYY.190.180 XXX.XXX.244.3

!

ip name-server 8.8.8.8

ip name-server 4.4.4.4

no ipv6 cef

!

multilink bundle-name authenticated

!

crypto pki trustpoint TP-self-signed-3334084634

license udi pid CISCO1941/K9 sn ABCDEF123456

!

username <REMOVED> privilege 15 password 0 <REMOVED>

!

redundancy

!

track 1 ip sla 1 reachability

delay down 9 up 10

!

track 2 ip sla 2 reachability

delay down 9 up 10

!

interface Embedded-Service-Engine0/0

no ip address

shutdown

!

interface GigabitEthernet0/0

ip address XXX.YYY.ZZZ.74 255.255.255.252

ip nat outside

ip virtual-reassembly in

duplex auto

speed auto

!

interface GigabitEthernet0/1

ip address 192.168.1.1 255.255.255.0

ip flow ingress

ip nat inside

ip virtual-reassembly in

duplex auto

speed auto

!

interface FastEthernet0/1/0

ip address XXX.XXX.XXX.114 255.255.255.224

ip nat outside

ip virtual-reassembly in

duplex auto

speed auto

!

ip forward-protocol nd

!

ip http server

ip http authentication local

ip http secure-server

ip flow-top-talkers

top 20

sort-by bytes

!

ip nat inside source route-map isp1 interface GigabitEthernet0/0 overload

ip nat inside source route-map isp2 interface FastEthernet0/1/0 overload

ip nat inside source static 192.168.1.100 XXX.YYY.ZZZ.96

ip route 0.0.0.0 0.0.0.0 XXX.YYY.ZZZ.73 track 1

ip route 0.0.0.0 0.0.0.0 XXX.XXX.XXX.97 track 2

ip route 0.0.0.0 0.0.0.0 XXX.YYY.ZZZ.73

ip route 0.0.0.0 0.0.0.0 XXX.XXX.XXX.97

!

ip sla auto discovery

ip sla 1

icmp-echo XXX.YYY.ZZZ.73 source-interface GigabitEthernet0/0

frequency 5000

threshold 2

ip sla schedule 1 life forever start-time now

ip sla 2

icmp-echo XXX.XXX.XXX.97 source-interface FastEthernet0/1/0

frequency 5000

threshold 2

ip sla schedule 2 life forever start-time now

access-list 100 permit ip 192.168.1.0 0.0.0.255 any

!

route-map isp2 permit 10

match ip address 100

match interface FastEthernet0/1/0

!

route-map isp1 permit 10

match ip address 100

match interface GigabitEthernet0/0

!

snmp-server ifindex persist

snmp-server enable traps entity-sensor threshold

!

control-plane

!

line con 0

line aux 0

line 2

no activation-character

no exec

transport preferred none

transport input all

transport output pad telnet rlogin lapb-ta mop udptn v120 ssh

stopbits 1

line vty 0 4

password <REMOVED>

login

transport input all

!

scheduler allocate 20000 1000

!

end

cadet alain · ‎02-06-2014

Hi,

So when primary path is down what happens that you find unusual? You can't do what from outside ?

Regards

Alain

Don't forget to rate helpful posts.

rsjavahar · ‎02-06-2014

Hi Alain

if primary goes down.. secondary is not comming up automatically, ifi remove the primary cable then only the secondary line will come......

if both links are up i am not able to access the device through the primary link...

thanks in advance

RSJ

cadet alain · ‎02-06-2014

Hi,

first do this:

no ip route 0.0.0.0 0.0.0.0 XXX.YYY.ZZZ.73

no ip route 0.0.0.0 0.0.0.0 XXX.XXX.XXX.97

then take primary down and tell us if secondary comes up now and if not post sh track 1 and sh track 2 output

Regards

Alain

Don't forget to rate helpful posts.

rsjavahar · ‎02-06-2014

HI

Please find the out put

1). after no default route

XXXX_RTR#sh track

Track 1

IP SLA 1 reachability

Reachability is Up

14 changes, last change 05:27:47

Delay up 10 secs, down 9 secs

Latest operation return code: OK

Latest RTT (millisecs) 1

Tracked by:

STATIC-IP-ROUTING 0

Track 2

IP SLA 2 reachability

Reachability is Up

4 changes, last change 3w2d

Delay up 10 secs, down 9 secs

Latest operation return code: OK

Latest RTT (millisecs) 1

Tracked by:

STATIC-IP-ROUTING 0

2). with default route

XXXXXX_RTR#sh track

Track 1

IP SLA 1 reachability

Reachability is Up

10 changes, last change 05:27:47

Delay up 10 secs, down 9 secs

Latest operation return code: OK

Latest RTT (millisecs) 1

Tracked by:

STATIC-IP-ROUTING 0

Track 2

IP SLA 2 reachability

Reachability is Up

4 changes, last change 3w2d

Delay up 10 secs, down 9 secs

Latest operation return code: OK

Latest RTT (millisecs) 1

Tracked by:

STATIC-IP-ROUTING 0

Thanks in advance

cadet alain · ‎02-06-2014

Hi,

That's not exactly what I asked.

Did you clear the 2 static routes without the track command ?

Then when bringing down primary, did you see the track object 1 go down ?

If not then can you do this and tell us if it solves your problem:

no ip sla 1

ip sla 1

icmp-echob8.8.8.8 source-interface GigabitEthernet0/0

frequency 5000

threshold 2

ip sla schedule 1 life forever start-time now

no ip sla 2

ip sla 2

icmp-echo 8.8.4.4 source-interface FastEthernet0/1/0

frequency 5000

threshold 2

ip sla schedule 2 life forever start-time now

access-list 101 permit icmp any host 8.8.8.8 echo

access-list 102 permit icmp any host 8.8.4.4 echo

route-map SLA p 10

match ip add 101

set ip next-hop XXX.YYY.ZZZ.73

route-map SLA p 20

match ip add 102

set ip next-hop XXX.XXX.XXX.97

ip local policy route-map SLA

Regards

Alain

Don't forget to rate helpful posts.