Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Configuring Redundancy on 3 LINKS

What i want to achieve:

1. User 1,2,and 3 will be accessing the server resource from different locations

2.  User 1, will use link A as its Primary link, B as secondary, C as  tertiary such that in the event of A failing it will automatically  switch over to B. IF B fails it will use link C.

3. The scenario 2 above is applicable to user 2 and 3

24 REPLIES

Configuring Redundancy on 3 LINKS

It would help if you could tell us what the links are. What type of connection are they? Are they same or different ISPs? What routing protocol?

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***
New Member

Re: Configuring Redundancy on 3 LINKS

Thanks Mr. John,

the three links are all different links (ISP)

No routing protocol ,only static routes

the issue is on how to setup the 3 or more users to failover the 3 linsk automatically

eg:

ip route 1.1.1.2 255.0.0.0 4.4.4.3 track 15

ip route 1.1.1.2 255.0.0.0 3.3.3.2 5

ip route 1.1.1.2.255.0.0.0 2.2.2.1 10

User1 Ip:1.1.1.2 Gw 1.1.1.1

user2 ip:1.1.1.3 Gw 1.1.1.1

User3 ip:1.1.1.4 Gw 1.1.1.1

Re: Configuring Redundancy on 3 LINKS

Hi Jude,

It looks like all three users are from same subnet. I think that PBR should do the job.

Best Regards

Please rate all helpful posts and close solved questions

Best Regards Please rate all helpful posts and close solved questions

Re: Configuring Redundancy on 3 LINKS

Hello

First of all this is a duplicate posting but its just been renamed so can you please close one of them

https://supportforums.cisco.com/thread/2263023


Regarding you query:

Try using ip sla to track your router interfaces

From R2 perspective (if i have the ip addressing corect) -  Also this will then need to be duplcated on R1 but obvisouly the addressing needs to be change to accomodate.

Ip sla 1

Icmp-echo 2.2.2.1 source-ip 2.2.2.2

Freq 5

Timeout 2000

Ip sla scheduled 1 start now lifetime forever

Ip sla 2
Icmp-echo 3.3.3.2 source-ip 3.3.3.3
Freq 5
Timeout 2000
Ip sla scheduled 2 start now lifetime forever

Track 1 rtr 1
Track 2 rtr 2

ip route 10.1.1.2.255.0.0.0 2.2.2.1 250 track 1

ip route 10.1.1.2 255.0.0.0 3.3.3.2 251 track 2

Ip route 10.1.1.2 255.0.0.0 4.4.4.3 252


Res
Paul

Sent from Cisco Technical Support iPad App

Please don't forget to rate any posts that have been helpful. Thanks.
New Member

Re: Configuring Redundancy on 3 LINKS

thanks.

that means i should have three (3) sets of IP SLAs for the three  (3) Users ?

sorry, i did not get the comment you made above '' it should be duplicated on R1''

or could you please  highlight more on the comment above "

From R2 perspective (if i have the ip addressing corect) -  Also this  will then need to be duplcated on R1 but obvisouly the addressing needs  to be change to accomodate. ""

thanks

Re: Configuring Redundancy on 3 LINKS

Hi Jude,

I dont think Paul's solution is correct. Yes, it offers redundancy but host A, B and C will always use same link. If all links are working all hosts will use link A, if A fails they will use link B and link C will be last option.

As I understand your request, you want each host use different link if all links are working and each link will be backup for other links from user's point of view.

I think this can be done only with Policy Based Routing.

Best Regards

Please rate all helpful posts and close solved questions

Best Regards Please rate all helpful posts and close solved questions
New Member

Re: Configuring Redundancy on 3 LINKS

Hi Blau,

you got the point quite correct.

could you please help with the config to achieve this .

Re: Configuring Redundancy on 3 LINKS

Hi Jude,

this should do the trick, I didnt see IP plan in your diagram so I just made up my own. This PBR configuration should work regardles of your routing configuration.

10.0.0.0/24 - subnet where three hosts reside

10.255.255.10/24 - ip address of server

       .1   10.10.10.0/24   .2 -

R1 - .1   10.20.20.0/24   .2 - R2

       .1   10.30.30.0/24   .2 -

R1 configuration

interface XYZ

description link to server

ip address 10.255.255.1 255.255.255.0

ip policy route-map RM_PBR

!

ip access-list extended HOST_A

permit ip host 10.255.255.10 host 10.0.0.1

ip access-list extended HOST_B

permit ip host 10.255.255.10 host 10.0.0.2

ip access-list extended HOST_C

permit ip host 10.255.255.10 host 10.0.0.3

!

route-map RM_PBR permit 10

match ip address HOST_A

set ip next-hop 10.10.10.2 10.20.20.2 10.30.30.2

!

route-map RM_PBR permit 20

match ip address HOST_B

set ip next-hop 10.20.20.2 10.30.30.2 10.10.10.2

!

route-map RM_PBR permit 30

match ip address HOST_C

set ip next-hop 10.30.30.2 10.10.10.2 10.20.20.2

R2 configuration

interface XYZ

ip address 10.0.0.254 255.255.255.0

ip policy route-map RM_PBR

!

ip access-list extended HOST_A

permit ip host 10.0.0.1 host 10.255.255.10

ip access-list extended HOST_B

permit ip host 10.0.0.2 host 10.255.255.10

ip access-list extended HOST_C

permit ip host 10.0.0.3 host 10.255.255.10

!

route-map RM_PBR permit 10

match ip address HOST_A

set ip next-hop 10.10.10.1 10.20.20.1 10.30.30.1

!

route-map RM_PBR permit 20

match ip address HOST_B

set ip next-hop 10.20.20.1 10.30.30.1 10.10.10.1

!

route-map RM_PBR permit 30

match ip address HOST_C

set ip next-hop 10.30.30.1 10.10.10.1 10.20.20.1

Best Regards

Please rate all helpful posts and close solved questions

Best Regards Please rate all helpful posts and close solved questions
New Member

Re: Configuring Redundancy on 3 LINKS

....But do i still need the ' ip route with tracking on the router , or the PBR above is all that is needed ?

Re: Configuring Redundancy on 3 LINKS

of course you still need to configure ip routing (static routes with tracking or IGP, lets say OSPF with different cost for each link). PBR will only take of specific traffic matched by ACLs referenced in route map.

Best Regards

Please rate all helpful posts and close solved questions

Best Regards Please rate all helpful posts and close solved questions
New Member

Re: Configuring Redundancy on 3 LINKS

Ok.

Basically i have this also configured in addition to the IP SLA

USER1

=======

ip route 1.1.1.2 255.0.0.0 4.4.4.3 track 15

ip route 1.1.1.2 255.0.0.0 3.3.3.2 5

ip route 1.1.1.2.255.0.0.0 2.2.2.1 10

USER 2

===================================================

ip route 1.1.1.3 255.0.0.0 3.3.3.2 track 20

ip route 1.1.1.3 255.0.0.0 2.2.2.1 15

ip route 1.1.1.3 255.0.0.0 4.4.4.4 10

USER3

==================================================

ip route 1.1.1.4 255.0.0.0 2.2.2.1 track 30

ip route 1.1.1.4 255.0.0.0 4.4.4.3 25

ip route 1.1.1.4 255.0.0.0 3.3.3.2 15

  IP SLA

User1 IP SLA

------------

ip sla 15

icmp-echo 4.4.4.3 source-ip 4.4.4.4

timeout 120

threshold 100

ip sla shedule 15 life forever start-time now

track 15 rtr 15

track 15 ip sla reachability

User2  IP SLA

Let me know if the IP SLA is not needed ?

thanks.

Re: Configuring Redundancy on 3 LINKS

Let me know if the IP SLA is not needed ?

The answer is, it depends. What type of links do you have between R1 and R2? Lets say if link A fail, will line protocol on matching interfaces go down? If not corrupted next-hops will stay in routing table so PBR will still use them and traffic will be blackholed.

IP SLA is good solution to track reachability of next hops if or you can some other workaround.

Do you use these links only for traffic between server and specific hosts or it will also be use to transport some other traffic, what routing protocol do you use in your domain?

Best Regards

Please rate all helpful posts and close solved questions

Best Regards Please rate all helpful posts and close solved questions
New Member

Re: Configuring Redundancy on 3 LINKS

.... Yes for Server and specific hosts

----- No routing protocol in use for now. just the static routes.

thanks

Re: Configuring Redundancy on 3 LINKS

ok, if these three links are dedicated only to traffic between server and three hosts, PBR should do the trick. In other thread you mentioned that cat6 cable connect R1 and R2 routers IP SLA should be used to verify next hops reachability.

Best Regards

Please rate all helpful posts and close solved questions

Best Regards Please rate all helpful posts and close solved questions

Re: Configuring Redundancy on 3 LINKS

Hello

Then just to rectify my config to acheive the PBR you wish - you would still require ip sla relating you your 3 static's routes but with the same admin distance values.

server                          R1                          R2             Users

10.1.1.1                    link 1 - 2.2.2.1     -     2.2.2.2          1.1.1.0/24

                                link 3 - 3.3.3..1   -      3.3.3.2          

                                link 3 - 4.4.4.1    -      4.4.4.2

R1

ip sla 1

icmp-echo 2.2.2.2 source-ip 2.2.2.1

timeout 2000

frequency 5

ip sla schedule 1 life forever start-time now

ip sla 2

icmp-echo 3.3.3.2 source-ip 3.3.3.1

timeout 2000

frequency 5

ip sla schedule 2 life forever start-time now

ip sla 3

icmp-echo 4.4.4.2 source-ip 4.4.4.1

timeout 2000

frequency 5

ip sla schedule 3 life forever start-time now

track 1 rtr 1

track 2 rtr 2

track 3 rtr 3

ip route 1.1.1.0 255.255.255.0 2.2.2.2 250 track 1

ip route 1.1.1.0 255.255.255.0 3.3.3.3 250 track 2

ip route 1.1.1.0 255.255.255.0 4.4.4.4 250 track 3

access-list 102 permit ip any host 1.1.1.4

access-list 103 permit ip any host 1.1.1.5

access-list 104 permit ip any host 1.1.1.6

route-map PBR permit 10

match ip address 102

set ip next-hop 2.2.2.2 3.3.3.2 4.4.4.2

set ip next-hop verify-availability

route-map PBR permit 20

match ip address 103

set ip next-hop 3.3.3.2 4.4.4.2 2.2.2.2

set ip next-hop verify-availability

route-map PBR permit 30

match ip address 104

set ip next-hop 4.4.4.2 2.2.2.2 3.3.3.2

set ip next-hop verify-availability

.

interface xxx

Description server facing interface

ip policy route-map PBR

R2

ip sla 1

icmp-echo 2.2.2.1 source-ip 2.2.2.2

timeout 2000

frequency 5

ip sla schedule 1 life forever start-time now

ip sla 2

icmp-echo 3.3.3.1 source-ip 3.3.3.2

timeout 2000

frequency 5

ip sla schedule 2 life forever start-time now

ip sla 3

icmp-echo 4.4.4.1 source-ip 4.4.4.2

timeout 2000

frequency 5

ip sla schedule 3 life forever start-time now

track 1 rtr 1

track 2 rtr 2

track 3 rtr 3

ip route 10.1.1.0 255.255.255.0 2.2.2.1 250 track 1

ip route 10.1.1.0 255.255.255.0 3.3.3.1 250 track 2

ip route 10.1.1.0 255.255.255.0 4.4.4.1 250 track 3

access-list 102 permit ip host 1.1.1.4 any

access-list 103 permit ip host 1.1.1.5 any

access-list 104 permit ip host 1.1.1.6 any

route-map PBR permit 10

match ip address 102

set ip next-hop 2.2.2.1 3.3.3.1 4.4.4.1

set ip next-hop verify-availability

route-map PBR permit 20

match ip address 103

set ip next-hop 3.3.3.1 4.4.4.1 2.2.2.1

set ip next-hop verify-availability

route-map PBR permit 30

match ip address 104

set ip next-hop 4.4.4.1 2.2.2.1 3.3.3.1

set ip next-hop verify-availability

interface xxx

Description User facing interface

ip policy route-map PBR

res

Paul

Please don't forget to rate any posts that have been helpful. Thanks.
New Member

Re: Configuring Redundancy on 3 LINKS

Hello Paul,

The config is actually runing however, there's a flaw in the setup.

a tracert from the User to the server and from ther server to the user shows that the route path is not consistent.

A trace to from Server to User would pass through Link A

on coming back it uses Link B.

Re: Configuring Redundancy on 3 LINKS

Hi,

Can you upload your config so we know what are we looking at?

Problem with tracert dont have to be necessarily a problem.

I am sure you know how tracert is working. It is series of pings with incrementing value of TTL in each step.

PBR is working only for traffic which is received via interface where PBR route map is applied. When you execute tracert command, lets say from host1 to server, according to your diagram, ICMP echo packets in second step will not be policy routed. Reason for this is simple. Packets are send with TTL value 2, when packets arrive to R2, they are surely policy routed and sent to R1 via according link and TTL value is decremented to 1. After packets are received on R1, TTL is decremented to 0 so they will not be sent to final destination, but instead ICMP messages with TTL expired will be sent to source host. And this is problem, this answer can be dropped or sent back via another link because these answer will not be policy routed because they were not received via interface where PBR route map is applied. Answers are generated locally by router so local routing table is used to send answer.

Please make sure that this is not case before blaming PBR to not work

Best Regards

Please rate all helpful posts and close solved questions

Best Regards Please rate all helpful posts and close solved questions
New Member

Re: Configuring Redundancy on 3 LINKS

R1#sh run

Building configuration...

!

interface GigabitEthernet0/0

description link to Server_LAN

ip address 10.255.255.1 255.255.255.0

ip policy route-map KUMASI

duplex auto

speed auto

media-type rj45

!

interface GigabitEthernet0/1

no ip address

shutdown

duplex auto

speed auto

media-type rj45

!

interface GigabitEthernet0/0/0

no ip address

shutdown

negotiation auto

!

interface GigabitEthernet0/1/0

no ip address

shutdown

negotiation auto

!

interface FastEthernet0/2/0

description Link B

ip address 10.20.20.1 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet0/2/1

description Link A

ip address 10.10.10.1 255.255.255.0

duplex auto

speed auto

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 10.10.10.2

ip route 0.0.0.0 0.0.0.0 10.20.20.2 5

no ip http server

no ip http secure-server

!

!

!

ip access-list extended User_1

permit ip host 10.255.255.10 host 10.40.10.2

ip access-list extended User_2

permit ip host 10.255.255.10 host 172.16.20.2

route-map KUMASI permit 10

match ip address User_1

set ip next-hop 10.10.10.2 10.20.20.2 10.30.30.2

!

route-map KUMASI permit 20

match ip address User_2

set ip next-hop 10.20.20.2 10.30.30.2 10.10.10.2

end

R2 CONFIG

R2#sh run

Building configuration...

!

track 1 rtr 1 reachability

!

track 2 rtr 2 reachability

!

track 3 rtr 3 reachability

!

track 4 rtr 4 reachability

interface FastEthernet0/0

description Connection to LAN

ip address 10.30.30.1 255.255.255.0

ip policy route-map KUMASI

duplex auto

speed auto

!

interface FastEthernet0/0.10

description User1 VLAN

encapsulation dot1Q 10

ip address 10.40.10.1 255.255.255.0

!

interface FastEthernet0/0.20

description User2 VLAN

encapsulation dot1Q 20

ip address 172.16.20.1 255.255.255.0

!

interface FastEthernet0/0.30

description User3 VLAN

encapsulation dot1Q 30

ip address 192.168.10.1 255.255.255.0

!

interface FastEthernet0/1

ip address 10.10.10.2 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet0/3/0

description Link B

ip address 10.20.20.2 255.255.255.0

duplex auto

speed auto

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 10.20.20.1

ip route 0.0.0.0 0.0.0.0 10.10.10.1

!

!

no ip http server

no ip http secure-server

!

ip access-list extended User_1

permit ip host 10.40.10.2 host 10.255.255.10

ip access-list extended User_2

permit ip host 172.16.20.2 host 10.255.255.10

!

ip sla 1

icmp-echo 10.10.10.1 source-ip 10.10.10.2

timeout 100

frequency 3

ip sla schedule 1 life forever start-time now

ip sla 2

icmp-echo 10.20.20.1 source-ip 10.20.20.2

timeout 100

frequency 3

ip sla schedule 2 life forever start-time now

ip sla 3

icmp-echo 10.10.10.1 source-ip 10.10.10.2

timeout 100

frequency 3

ip sla schedule 3 life forever start-time now

ip sla 4

icmp-echo 10.20.20.1 source-ip 10.20.20.2

timeout 100

frequency 3

ip sla schedule 4 life forever start-time now

!

route-map KUMASI permit 10

match ip address User_1

set ip next-hop 10.10.10.1 10.20.20.1 10.30.30.1

!

route-map KUMASI permit 20

match ip address User_2

set ip next-hop 10.20.20.1 10.30.30.1 10.10.10.1

!

Re: Configuring Redundancy on 3 LINKS

Hello

This config you have just posted doesn't resemble the diagram you posted earlier.

R1

1) R1 default routes have different admin values  ( these should be the same) Also you haven't enable tracking on these static's of either router

2) These static routes should applied as
ip route track 1

ip route track 2

ip route track 3

3) You also have to link Just 2 links to either router instead of 3 as per diagram

4) in your diagram and you 2ND post you have a switch separating R2 and the users are all in the same subnet - however in your last post you have enabled inter vlan routing on R2 and the users are now in different subnet's.and directly connected to the router

So in summary it looks like you have merge BLAUs configuration with mine and not followed the instructions we supplied.

The config I supplied was based on the information you originally posted, I have since labbed this up and it works accordingly,  So looking at your last post I guess this is why you are getting a different output than you should .

res

Paul

Please don't forget to rate any posts that have been helpful.

Thanks.

Please don't forget to rate any posts that have been helpful. Thanks.
New Member

Re: Configuring Redundancy on 3 LINKS

... Yes i had to change the admin values just to accommodate certain things

i have also separated the users on R2 in a different subnet with inter vlan routing because of the number of ports on the router.

my router had limited number of ports hence the reduction in the number of  links

New Member

Re: Configuring Redundancy on 3 LINKS

.... The traffic from the user ends follow separate path as configured.

however the traffic from the server end returns via link A instead of Link B

this is the route pattern:

S*   0.0.0.0/0 [250/0] via 10.20.20.2

               [250/0] via 10.10.10.2

New Member

Re: Configuring Redundancy on 3 LINKS

Hello Blau,

the failover solution is working very fine , with user taking their respective path to reach the server.

however there is an issue with the return path of traffic.

as the traffic tend to use a different route from server to users

could it be that the route map is not intelligent enough to route traffic back via thesame route they came from.

Re: Configuring Redundancy on 3 LINKS

Hi,

route-map is doing exactly what you told it. make sure that you configured initial and response traffic to take the same path.

If you paste here configurations from both routers we can check that with you.

Best Regards

Please rate all helpful posts and close solved questions

Best Regards Please rate all helpful posts and close solved questions
New Member

Re: Configuring Redundancy on 3 LINKS

.... You mean thesame config should exist in the two routers ?

Sorry, which of the configs should be on R1 ?

942
Views
0
Helpful
24
Replies
CreatePlease to create content