Cannot get Gig 0/1 to route to gig 0/0 - Page 2

hightide185 · ‎04-17-2012

I have a problem that several have been unabvel to solve. I have gig 0/0 as my primary WAN interface and an Cellular HWIC as my backup WAN interface. Off of gig 0/1 I have a laptop and I cannot get it to route out to the internet unless I disconneect the gig 0/0, in whihc it then goes out the cellular interface. However, form the rotuer consol, I can go out gig 0/0.

Current configuration : 4484 bytes
!
! No configuration change since last restart
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CiscoDemo4GLTE
!
boot-start-marker
boot system flash:c1900-universalk9-mz.SPA.151-4.M3.10
boot-end-marker
!
!
enable secret 5 $1$RDV7$13G5jO/0bPpJiWWiDwO7S/
enable password DanAngst
!
no aaa new-model
no process cpu extended history
no process cpu autoprofile hog
!
no ipv6 cef
ip source-route
ip cef
!
!
!
!
ip dhcp pool lan0
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
dns-server 4.2.2.2
!
!
multilink bundle-name authenticated
!
chat-script ltescript "" "AT
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-3645487553
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3645487553
revocation-check none
rsakeypair TP-self-signed-3645487553
!
!
crypto pki certificate chain TP-self-signed-3645487553
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33363435 34383735 3533301E 170D3132 30343133 31363535
35305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 36343534
38373535 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100C0E1 172C26CD FE4EF183 B9B9FF39 6661A3F9 9A623B34 10F19FDB 415C3CDC
507C834F B3DC74FF 5F7B9529 7BC2107C 3646D810 2AC97239 E07F985D 3700E134
448EEA16 A1D4FFA5 62D9D204 D2004BA0 13F843E4 8E4D84BA C4B172EF 8530DE3A
DFA7AD7E 55F7F2A6 D1C9988A 15367502 A8B44E21 16228E21 E65269B4 CF230F69
B95B0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 146C09AD D15833D3 DC949C08 FDF65EA8 EA5ACA91 5C301D06
03551D0E 04160414 6C09ADD1 5833D3DC 949C08FD F65EA8EA 5ACA915C 300D0609
2A864886 F70D0101 05050003 81810032 16C06137 36204621 57635F4D F546E5FB
E3DDF625 52C9F512 0BF1910A FF1210DF F645C218 A5BDFBA3 44C66C24 969450AE
FE4382A8 BDE67BDC 5555043C 515229A7 A75DF22E AAE20FD5 BDBED744 D90710D0
DD37D67C 83472DCE CA461911 152C92F1 36642B47 49A6533C FF8F2154 A57CDFA6
9108676B 7EC7C6D9 78ADF971 1D4621
quit
license udi pid CISCO1921/K9 sn FTX160685BJ
!
!
!
!
controller Cellular 0/1
!
!
!
!
!
interface Loopback1
ip address 1.2.3.9 255.255.255.255
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
no cdp enable
no mop enabled
!
interface GigabitEthernet0/0
ip address dhcp
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
no cdp enable
!
interface GigabitEthernet0/1
ip address 10.10.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
no cdp enable
!
interface Cellular0/1/0
ip address negotiated
no ip unreachables
ip nat outside
ip virtual-reassembly in
encapsulation slip
load-interval 30
dialer in-band
dialer idle-timeout 0
dialer string ltescript
dialer watch-group 1
async mode interactive
!
ip forward-protocol nd
!
ip http server
ip http secure-server
!
ip nat inside source list 100 interface Cellular0/1/0 overload
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0 90
ip route 0.0.0.0 0.0.0.0 Cellular0/1/0 200
!
access-list 100 permit ip any any
dialer watch-list 1 ip 5.6.7.8 0.0.0.0
dialer watch-list 1 delay route-check initial 60
dialer watch-list 1 delay connect 1
!
no cdp run
route-map clear-df permit 10
set ip df 0
!
!
snmp-server community public RO
tftp-server exit
!
control-plane
!
!
!
line con 0
exec-timeout 0 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line 0/1/0
script dialer ltescript
modem InOut
no exec
rxspeed 100000000
txspeed 50000000
line vty 0 4
password cisco
login
transport input all
line vty 5 15
password cisco
login
transport input all
!
scheduler allocate 20000 1000
event manager environment cell_int Cellular0/0/0
event manager environment modem_reset_count 0
event manager environment reload_required 1
event manager environment poll_time 30
event manager environment max_pwrcycles 3
event manager directory user policy "flash:/"
event manager directory user repository flash:/
event manager scheduler script thread class N number 1
event manager policy lte_cli.tcl
event manager policy lte_recovery_v1.tcl class N
!
end

CiscoDemo4GLTE#

Peter Paluch · ‎04-17-2012

Hi Sam,

I do not personally think that it was necessary to modify the default route via Cell0/1/0 to include the IP address of the next hop, and I suggest reverting to the previous form of the command. The encapsulation on Cell0/1/0 is SLIP which means it is a point-to-point type interface. On point-to-point interfaces, there is no need to specify next hop in a static route, and instead, the static route can simply point out the interface. In your case, I even discourage using a fixed IP address in the static default route pointing out the Cell0/1/0 - in case of network address mismatch, the IP address may not actually be reachable via the Cell0/1/0.

You are saying that when you disconnect the Gi0/0, the ping dies. Does the Cell0/1/0 interface then come up? What is the output of the show ip route and show int c0/1/0? Can you at the same time ping a public IP address from the router itself?

Best regards,

Peter

hightide185 · ‎04-17-2012

I added the next to the static route on the cell interface because I was seeing no gateway of last resort when I failed over.

To answer your question, I can ping from the consol of the router to any public IP and yes the cellular interface is up. I start a ping and pull the gig 0/0 cable and can see the traffic drop and then pick up on the cellular interface. This is what I expect and want to happen from the device off gig 0/1. When I Show IP Route, I see the route pointing out the cellular intgerface when in failover mode and pointing to the gig 0/0 when in all is well mode. For some reason, when I drop the gig 0/0 no traffic can get to the internet.

hightide185 · ‎04-17-2012

Here is a new finding. If I open IE and go to you tube and stream a video and then pull gig 0/0. The video will die, but if I open a new IE Window (while gig 0/0 is down) and go to you tube I can play a new video. So that means the IP session is not moving from interface to interface. I tested this several times and I can replicate over and over.

nkarpysh · ‎04-17-2012

I guess this is specific of TCP. It establish the statefull connection. Whenever you change the outgoing interface - you also change the source ip for this connection. Thus it can't work anymore - it should be reset and started over.

Nik

HTH,
Niko

hightide185 · ‎04-18-2012

Would Stateful NAT be an option on a standalone router with two WAN interfaces?

nkarpysh · ‎04-18-2012

I guess that wont help. Idea of statefull NAT to still use same source ip. But as you have ip addresses received from different providers on your WAN interfaces - those will not be able to share the common one as it creat problem with return routing.

The only WA I see is to use some owned public ip and do NAT before leaving your WAN router. Also this IP should be announced to both providers.

Nik

HTH,
Niko