Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Default Static Route Failover

We have a dedicated T3 (se 1/0) and two back up T1s (se 0/0/0 and se 0/1/0). The previous engineer added static routes like so:

Cisco IOS Software, 3800 Software (C3845-IPBASE-M), Version 12.4(3h), RELEASE SOFTWARE (fc2)

#show ip int brief

Interface                  IP-Address      OK? Method Status                Protocol

GigabitEthernet0/0         207.1X.162.129  YES NVRAM  up                    up     

GigabitEthernet0/1         10.143.199.1    YES NVRAM  administratively down down   

Serial0/0/0                1X0.81.61.46    YES NVRAM  up                    up     

Serial0/1/0                160.81.X7.170   YES NVRAM  up                    up     

Serial1/0                  1X0.81.76.26    YES NVRAM  up                    up     

ip route 0.0.0.0 0.0.0.0 Serial1/0

ip route 0.0.0.0 0.0.0.0 1X0.81.X6.25 5

ip route 6X.41.1X8.253 255.255.255.255 Null0

Our issue is that when the t3 link fails the Internet fails over to the two t1s, when the t3 link comes back up I have to manually shut the T1s interfaces to fail the route back over to the t3. My question is what is the best way to solve this problem so the routes will fail over automatically back to the t3 when the link comes back up.

I have a read a little about IP SLAs but not sure if that is the way to go. I also do not see that command in this IOS so what IOS do i need to go to? Or can this be done another way using IPBASE?

Thanks

20 REPLIES
New Member

Default Static Route Failover

Please post the results of : sh ip route

New Member

Default Static Route Failover

Gateway of last resort is 0.0.0.0 to network 0.0.0.0

     64.0.0.0/32 is subnetted, 1 subnets

S       64.41.168.253 is directly connected, Null0

     160.81.0.0/16 is variably subnetted, 3 subnets, 2 masks

C       160.81.X7.128/25 is directly connected, Serial0/1/0

C       1X0.81.76.24/30 is directly connected, Serial1/0

C       1X0.81.61.0/25 is directly connected, Serial0/0/0

     207.1X.162.0/25 is subnetted, 1 subnets

C       207.1X.162.128 is directly connected, GigabitEthernet0/0

S*   0.0.0.0/0 is directly connected, Serial1/0

New Member

Default Static Route Failover

I am not an expert at this stuff, but after looking at your config I am not sure how both Ts are used in the failover. Are they bonded?

I would setup two static default routes. The first to your T3 via: 1X0.81.76.24/30. Then the second to the other T1s IP with a higher Administrative Distance.

Example for the two routes:

ip route 0.0.0.0 0.0.0.0 1X0.81.76.24/30 240 nameofconnection(T3)

ip route 0.0.0.0 0.0.0.0 160.81.X7.128/25 250 nameofconnection(T1s)

The router will use the smaller AD when all circuits are up..

my 2 cents

New Member

Default Static Route Failover

They are bonded.

New Member

Re: Default Static Route Failover

ok. What is the next hop for the bonded IPs? Use that for the second static route.

New Member

Re: Default Static Route Failover

Use the same higher AD for the second static (250)? Also should I leave the loop prevention (null0) on the route? Or is that even needed in this case?

New Member

Default Static Route Failover

To be honest I am not sure why you have the route to null0. I just read that is to put packets in the bucket of no routes are found. Seems to be common practice, I don't use it and have a failry complex network.

The default Administrative Distance is 1 for static routes. If you are using routing protocols they each have thier own AD much higher. Since I only see static routing, you could do this and it shoud work fine:

ip route 0.0.0.0 0.0.0.0 1X0.81.76.24/30 nameofconnection(T3)

ip route 0.0.0.0 0.0.0.0 160.81.X7.128/25 5 nameofconnection(T1s)

Again, my solution only routes to one T1, I am unclear how yours are setup. Typically there are only two IPs on bonded Ts, one at each end.

New Member

Default Static Route Failover

Please don't remove the null route till you investigate what that subnet is it is tossing

Re: Default Static Route Failover

Backup route will only work when primary interface goes down . In case link is up and outage next in ISP it wont detect failure.

Yes IP SLA can be used config will look like-

interface ethernet 0
description primary-link
ip address 10.1.1.1 255.0.0.0


interface ethernet 1
description backup-link
ip address 10.2.2.2 255.0.0.0


ip sla monitor 1
type echo protocol ipIcmpEcho 172.16.23.7
timeout 1000
frequency 3
threshold 2


ip sla monitor schedule 1 life forever start-time now
track 123 rtr 1 reachability
access list 101 permit icmp any host 172.16.23.7 echo


route map MY-LOCAL-POLICY permit 10
match ip address 101
set ip next-hop 10.1.1.242
set interface null 0
!
ip local policy route-map MY-LOCAL-POLICY
ip route 0.0.0.0 0.0.0.0 10.1.1.242 track 123
ip route 0.0.0.0 0.0.0.0 10.2.2.125 254

Hall of Fame Super Silver

Re: Default Static Route Failover

There are a couple of things about this that I do not understand and hope that you can provide clarification.

Your original post says that there are 2 backup T1s. So I would have expected 2 floating static backup default routes. Your post shows only 1. Is there really only 1 floating static default route or did you not post all the static routes?

In general I would expect a static route over a T3 to work while the T3 is up and to be withdrawn from the routing table when the T3 goes down. This would allow the floating static to be used in the routing table. And I would expect that when the T3 came back up that the floating static would go out of the routing table. Your original post says that this did not happen and this surprises me. Perhaps there is something about these interfaces that is different from what I expect. Perhaps you could post the configuration of the 3 interfaces and perhaps also post the output of show interface for these interfaces.

HTH

Rick

[edit] Using IP SLA to monitor the routes would make sense if the primary static default route were not being withdrawn from the routing table. As I read this thread it does not seem that this is the problem. The problem seems to be about going back to the original default route. I do not see how IP SLA would solve that problem.

New Member

Re: Default Static Route Failover

I totally agre with Mr. Burts, something is up with the backup T1s.

Hall of Fame Super Silver

Default Static Route Failover

Thanks for the additional information.

The original poster described the 2 T1s as bonded. Perhaps he is using slightly different terminology than I do. When I think about bonded serial interfaces I think about things like Multilink PPP to bond several seperate physical interfaces and to provide a single logical interface for them. What we have in the configuration are 2 T1, using HDLC protocol, and each with its own separate and distinct IP subnet.

I do not see anything in the output given so far that explains why the static default route using the T3 did not come back into the routing table when the T3 came back up. I note that there is a service policy input configured on the interface and wonder if it might have some impact.

I also note that the code on this 3845 is relatively old. I wonder if the 3845 were running more recent code if the behavior would be different?

HTH

Rick

New Member

Re: Default Static Route Failover

I do not understand how those T1s are IP'd. This route:

ip route 0.0.0.0 0.0.0.0 1X0.81.X6.25 5 does not seem to be in the same subnet as either T1:

ip address 1X0.81.61.46 255.255.255.128

!

interface Serial0/1/0

ip address 160.81.X7.170 255.255.255.128

Could 1X0.81.X6.25 be the Multilink IP? Though no Multilink config is showing up.

Again, I am not an expert, still learning, but makes no sense, neither do the x's in the IP addresses.

Is there more to this config?

New Member

Re: Default Static Route Failover

I work in VOIP so I am not very experienced with this routing. I called the previous engineer and he said that the T1s are bonded by the ISP. I asked him about the different IPs on each T1 and he didn't have a good answer.

If I add the ADs to the end of the route would this fix the issue or should I upgrade the IOS first and see if it solves the problem?

New Member

Re: Default Static Route Failover

(pardon my lack of memory here)...

I ran into the same issue 4-5 years back and i'm ALMOST positive that the route with the higher metric would fail over, but there was no method to fail back unless you down the secondary - which would cause it to look again for the primary.

I believe this has to with the static routing becuase I remember we had to use some other type of routing (OSPF/BGP/EIGRP) to accomplish what we wanted to do.

I'm trying to remember way back about the configs and what we did, but keep coming to the conclusion that static routing WOULD allow for fail-over but had a lot of limitations on failback. 

Are there any CCNP/CCIE's who can chime in here?

I do know that BGP would easily solve your problem, if both circuits are on the same ISP, it would be even easier for you - just have them send you partial-routes (which would avoid costly router upgrades)....

Sean

New Member

Re: Default Static Route Failover

You only need to add the AD to the floating or failover route. To me your config is already setup that way.

I would find out what the IP address's are on the other end of the backup T1s first thing just to verify your failover routing.

I am not sure if you can use BGP over a ISP connection. Curious what others may say. I would do some testing of the failover routing. If you only

failover to one T1 disable the other before you test.

Hall of Fame Super Silver

Default Static Route Failover

Brian

Most certainly you can use BGP over an ISP connection. That is where BGP is most commonly used

to the original poster

Given what you have told us about the addressing of the T1s I find it difficult to see how the ISP can "bond" them in the way that IP networks usually use the term. If you are not getting good answers about it from the previous engineer, then perhaps you can ask the ISP for some clarification.

It looks to me like the failover is to a single T1 (assuming that the static routes shown in your post are all of the static routes). Adding a second floating static route to use the second T1 should be fairly straightforward.

But none of this addresses what I believe was the original problem which is that the router failed over from T3 to T1 but did not fail back when T3 came back. Can you tell us any more about this? Does it happen often? Or is it a rare thing? Would you be able to post output of show interface and show ip route during the problem?

Adding AD to the routes is quicker and easier than upgrading the IOS. So I would try them first. But frankly I am not optimistic that it would fix the underlying problem.

HTH

Rick

New Member

Default Static Route Failover

Ok so I called the ISP and dug in a little more. Turns out the subnets were wrong on the T1s and these are not bonded at all anywhere. The floating static was never set to fail to the 2nd T1 so we were only using one for backup.

So I re-did the subnets for the next hops on the T1 and re-did the routes using the next hops and added the AD to the route list. Since the subnets were wrong before I am greatly confused how this would have ever worked in the first place.

When I shut down the T3 the first T1 route is placed in the route table. The speeds show to be at T1 speeds. When I bring the T3 back up however the speed does not change. The route table shows the T3 route back in however it appears it is still using the T1 route. Only if i shut BOTH T1s down do I get the T3 speed.

So I am pretty stumped. Only thing I can think is maybe this is a bug in this IOS release and I need to upgrade to a more recent code.

Here is the new output after I made the changes. I have the two T1s shut down for now.

interface Serial0/0/0

ip address 160.81.61.46 255.255.255.252

shutdown

!

interface Serial0/1/0

ip address 160.81.37.170 255.255.255.252

shutdown

!

interface Serial1/0

description Outside PL#595550

ip address 160.81.76.26 255.255.255.252

no ip unreachables

ip nbar protocol-discovery

load-interval 30

dsu bandwidth 44210

scramble

service-policy input block-p2p

!

ip classless

ip route 0.0.0.0 0.0.0.0 160.81.76.25

ip route 0.0.0.0 0.0.0.0 160.81.64.45 5

ip route 0.0.0.0 0.0.0.0 160.81.37.169 10

ip route 64.41.168.253 255.255.255.255 Null0

Gateway of last resort is 160.81.76.25 to network 0.0.0.0

     64.0.0.0/32 is subnetted, 1 subnets

S       64.41.168.253 is directly connected, Null0

     160.81.0.0/30 is subnetted, 1 subnets

C       160.81.76.24 is directly connected, Serial1/0

     207.14.162.0/25 is subnetted, 1 subnets

C       207.14.162.128 is directly connected, GigabitEthernet0/0

S*   0.0.0.0/0 [1/0] via 160.81.76.25

New Member

Re: Default Static Route Failover

I would need to see sh ip route, sh ip int brief, and sh ip protocol

before, during, and after the failure of the T3.

Hall of Fame Super Silver

Default Static Route Failover

to the original poster

I would like to respond to several parts of your post:

- thank you for the additional information and for confirming that the serial links were not bonded. That confirms what we were seeing in the configs.

- the original config was working even though the IP addressing was not correct. It is one of the aspects of point to point serial interfaces that if you have a route in the routing table that sends packets down the serial interface then they will be delivered to the neighbor router even if its real IP address is not what you have represented in your config. So your backup static route was sending it down the serial interface and the next hop router was processing them without regard to the mismatch between what your route thought was the next hop address.

- what you have configured here will result in a primary default route, a backup (floating) default route, and a backup to the backup default route. And only 1 T1 will be used at a time. This is because of the different Administrative Distance in your floating static routes. You have configured this

ip route 0.0.0.0 0.0.0.0 160.81.76.25

ip route 0.0.0.0 0.0.0.0 160.81.64.45 5

ip route 0.0.0.0 0.0.0.0 160.81.37.169 10

and if you change it to this

ip route 0.0.0.0 0.0.0.0 160.81.76.25

ip route 0.0.0.0 0.0.0.0 160.81.64.45 5

ip route 0.0.0.0 0.0.0.0 160.81.37.169 5

then you will use both of the T1s is the T3 goes down.

- I do not understand what you are telling us about speeds when the T3  is shut down. Where (or how) are you seeing indication of the speed? And I am still not certain what you are telling us about the routing behavior when the T3 comes back up. After you bring the T3 back up try doing a traceroute and see which path the router is using.

HTH

Rick

7338
Views
0
Helpful
20
Replies
CreatePlease to create content