06-24-2014 05:42 AM - edited 03-04-2019 11:13 PM
I have an issue with a Cisco 2821, it has an ADSL2+ HWIC whose ATM interfaces is linked to dialer 1 and a Gi0/1 interface with a pppoe client which is linked to dialer 2. Both dialer interfaces are up with their respective IP addresses. If the ADSL on dialer 1 fails i want the IP SLA to kick and and replace the default route for dialer 1 with one for dialer 2.
This config works if you manually shut down the dialer 1 interface, it injects the default route for dialer 2 and then when you unshut the interface, the default route for dialer 1 comes back. The problem i have is if you take out the cable for the ATM interface and take it down, it does not take the route out the routing table and the default route for dialer2, which works if you just shut down dialer 1 does not appear.
whats the difference between shutting down dialer1 and it fails over the default route and taking the cable out then it does not?
Here is my config, i'm sure its something simple i'm doing wrong, can anyone help???
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
enable secret 5 $1$qOOJ$HV5AH6US/YZMuCGPYp3pP.
!
no aaa new-model
!
dot11 syslog
ip source-route
!
!
ip cef
ip dhcp excluded-address 192.168.0.1
!
ip dhcp pool pool1
network 192.168.0.0 255.255.255.0
default-router 192.168.0.1
dns-server 188.92.232.50 188.92.232.100
!
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
voice-card 0
no dspfarm
!
!
!
!
!
archive
log config
hidekeys
!
!
!
!
!
!
track 1 ip sla 1 reachability
!
!
!
!
interface GigabitEthernet0/0
description Gi0/30 Local LAN
ip address 192.168.0.1 255.255.255.0
ip verify unicast reverse-path
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly
no ip mroute-cache
duplex auto
speed auto
snmp trap ip verify drop-rate
no mop enabled
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 2
!
interface ATM0/2/0
description ATM0_DSL
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
logging event atm pvc state
logging event subif-link-status
no atm ilmi-keepalive
dsl operating-mode auto
dsl enable-training-log
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface Dialer1
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
keepalive 1 3
no cdp enable
ppp lcp predictive
ppp authentication pap chap callin
ppp chap hostname ********@ccsleeds.net
ppp chap password 0 ********
ppp pap sent-username *******@ccsleeds.net password 0 ********
!
interface Dialer2
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1492
encapsulation ppp
dialer pool 2
keepalive 1 3
no cdp enable
ppp lcp predictive
ppp authentication pap chap callin
ppp chap hostname **********@adsllogin.co.uk
ppp chap password 0 *********
ppp pap sent-username *********@adsllogin.co.uk password 0 ***********
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1 track 1
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 0.0.0.0 0.0.0.0 Dialer2 10
no ip http server
no ip http secure-server
!
!
ip nat inside source list 1 interface Dialer1 overload
!
ip sla 1
icmp-echo 8.8.8.8 source-interface di1
timeout 1000
threshold 100
frequency 3
ip sla schedule 1 life forever start-time now
access-list 1 permit 192.168.0.0 0.0.0.255
!
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
line aux 0
line vty 0 4
password test
login
!
scheduler allocate 20000 1000
end
Solved! Go to Solution.
06-24-2014 06:07 AM
First you only need one of these:
ip route 0.0.0.0 0.0.0.0 Dialer1 track 1
ip route 0.0.0.0 0.0.0.0 Dialer1
Not both - just leave one with track 1 at the end.
Second I suggest you use EEM with this config because when your config track 1 goes "down" and replace default route with dialer 2 track 1 is again up because 8.8.8.8 is reachable. In EEM you can go with shutting down interface.
Third don't use google dns for reachability - i use that once and they banned my ip for ICMP traffic :)
BR,
Dragan
06-24-2014 06:07 AM
First you only need one of these:
ip route 0.0.0.0 0.0.0.0 Dialer1 track 1
ip route 0.0.0.0 0.0.0.0 Dialer1
Not both - just leave one with track 1 at the end.
Second I suggest you use EEM with this config because when your config track 1 goes "down" and replace default route with dialer 2 track 1 is again up because 8.8.8.8 is reachable. In EEM you can go with shutting down interface.
Third don't use google dns for reachability - i use that once and they banned my ip for ICMP traffic :)
BR,
Dragan
06-26-2014 01:51 PM
Hi Dragan.
I found i needed both as the first one was to actually get out to google to be able to track the ip sla in the first place. I got to the bottom of this in the end, i needed a static route to point to google behind the dialer 1 interface so it could run the ip sla test even if the second dialer default route was active.
With EEM can this be used to shut and unshut interfaces incase of a failiure? For example if a leased line went down and stopped responding to ping, could i sue EEM to unshut the dialer interface and ip lsa to inject a default route for it?
Could you provide some config for how EEM could shut and unshut the interfaces?
Regards,
Matt
06-27-2014 12:06 AM
Sure that EEM can shut/unshut interface...you have "event track" in EEM for monitoring track events...for example:
event manager applet test
event track 1 state down
action 1.0 command "enable"
action 1.1 command "conf t"
action 1.2 command "interfac dialer 1"
action 1.3 command "shut"
action 1.4 syslog "Dialer 1 down!!!"
action 1.5 end
This would be an example from head :)
You would need another EEM similar to this one for unshutting interface with "event track 1 state up" for bringing interface up again.
Again as I said you would need to test this before putting in production and you would maybe need to tweak this a little bit acording to your needs...
BR,
Dragan
06-27-2014 05:37 AM
you need to remove one entry, it will work
no ip route 0.0.0.0 0.0.0.0 Dialer1
HTH
kazim
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: