Hi all !!
Could someone help me with a simple configuration of a 2801 Router. I have 2 internet providers with static ip's connected to F0/0 and F0/1 and one Vlan for LAN area. I would like to configure the router to use one primary line and just in case to use the back-up line. What should i use ?
This is how i configured:
ip address 192.168.8.10 255.255.255.0
ip nat outside
ip address 192.168.2.10 255.255.255.0
ip nat outside
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip route 0.0.0.0 0.0.0.0 192.168.8.1
ip route 0.0.0.0 0.0.0.0 192.168.2.1 10
ip nat inside source route-map ISP2 interface FastEthernet0/1 overload
ip nat inside source route-map ISP1 interface FastEthernet0/0 overload
access-list 100 permit ip 192.168.1.0 0.0.0.255 any
route-map ISP2 permit 10
match ip address 100
match interface FastEthernet0/1
route-map ISP1 permit 10
match ip address 100
match interface FastEthernet0/0
Now if detects that it hasn't cable link on the FastEthernet interfaces it's working. I'm using 2 wireless gateways to acces the internet each one connected on the 2 FaEth for simulating the providers. If i simulate an issue on the provider ( i've removed the sim from the wireless gateway) it doesn't pass on the second isp.
I haved trying to configure with "IP Service Level Agreements " for failover / load balancing but the command "ip sla" is incomplete. I can't make an update of the IOS because the customer do not have an Service Contract with Cisco.
There is another way to configure it?
Thanks in advance !
What configuration should i make further ?
You can try with an EEM script, but considering you want advanced features, you should have the rightly licensed system to use them.
1. Cisco IOS Software, 2801 Software (C2801-IPBASE-M), Version 12.4(16b), RELEASE S
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2007 by Cisco Systems, Inc.
Compiled Thu 20-Dec-07 03:43 by prod_rel_team
ROM: System Bootstrap, Version 12.4(13r)T, RELEASE SOFTWARE (fc1)
System returned to ROM by power-on
System image file is "flash:c2801-ipbase-mz.124-16b.bin"
Cisco 2801 (revision 7.0) with 114688K/16384K bytes of memory.
Processor board ID FCZ123212X3
6 FastEthernet interfaces
DRAM configuration is 64 bits wide with parity disabled.
191K bytes of NVRAM.
62720K bytes of ATA CompactFlash (Read/Write)
Configuration register is 0x2102
2. ip sla ?- monitor ? - key-chain / responder ...
it doesn't have "operation-number"
3. it doesn't have "rtr" command
he doesn't want to use PBR he only wants to use IP SLA to detect a failure on the ISP side to track the primary static route.
Toma, can you take a look here: http://www.cisco.com/en/US/docs/ios/12_4/ip_sla/configuration/guide/hsicmp.html#wp1049823
As I told up here in the post the IOS that i have doesn't have all IP SLA options . The ip sla monitor operation-number
command is missing. I've search a lot on the internet and I've read also on that link that you've send it to me but it doesn't help me because of the IOS version that is on the router. I can't make an update of the IOS because the customer do not have an Service Contract with Cisco.
yes indeed then in this case as Paolo stated you can use a EEM script to ping the ISP and according to result flush the primary static route from RIB.
I verified on Cisco feature Navigator and you can do EEM v1.0 with IPBASE.
To track the primary connection you must use IP SLA .
First configure the track to check if the primary ISP is up.
track 10 ip sla 1 reachability
delay down 10 up 10
Configure the object .
ip sla 1
icmp-echo 220.127.116.11 source-ip
ip sla schedule 1 life forever start-time now
Now , the routes
ip route 0.0.0.0 0.0.0.0
ip route 0.0.0.0 0.0.0.0
Hope this helps .
As I told upper in this post ..the IOS doesn't have IP SLA , IP SLA MONITOR, RTR commands complete.
I must configure something like : sending packets ( ex. icmp packets ) to an ip from the internet ( ex. google 18.104.22.168 ) and if the packets can't be sent than the router to use the backup interface. When receives replies form a specified public ip address on the first interface that should go back to it and have the connection up on the primary interface.
The only way to know if a connection more than 1 hop away it down, or something at Layer 3 is down, while Layer 2 is still up, it to use SLA / EEM, which isn't supported in ipbase image.
If this customer has multiple routers, then you might want to use another router that has a higher feature set in this location , and swap the devices. Other than that, i highly doubt if someone will come up with a solution that would be manageable and supportable.
it can be made something like a policy rules ?... if the packets can't be send to a specifed ip address that the interface to be shut down and then it will detect a failover .. and it will use the backup interface.
1. There is no such solution available in the base image to detect this at Layer - 3 or higher. There could be if you used the PPP protocol for example end to end , but if your isp isn't using that, then it won't work.
2. If we shut down interface 1, then how will we ever know that the ISP Service / connection via interface 1 is working fine at a later point in time, so that we can "no shut" it and bring it back up.
What i mean to say is, lets say Fa0/0 is up/up and so is Fa0/1.
The internet connection via Fa0/0 goes down. Interface is up/up. Lets say we have a mechanism to detect it. Say, we shut the interface. Now, how will that mechanism tell us if the connection is back up, when the "test packets" that need to go out of interface Fa0/0 can't go out because it's shut. It's going to be in permanent shut mode unless manually no shut.
For this we actually remove routes pointing to that interface / or change AD etc, but never "shut" it.
I will search more and if I will not find a proper solution .. I will try to follow the procedure with the IOS updating ..
If I will find a "gate out" i will posted here