Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Dual WAN setup as per Cisco recommendation not working

Hello,

I am following a dual wan setup as per cisco's recommendation (http://www.cisco.com/en/US/tech/tk648/tk361/technologies_configuration_example09186a00808d2b72.shtml) and from this link as well (https://supportforums.cisco.com/docs/DOC-8313;jsessionid=932B87819E43D75EB992A201577C4923.node0).  None of them makesi it work properly.

In my scenario I have 2 cable modem connections with a cisco 881 so I've configured as follows:

If I apply the config it works fine however If I disconnect the cable from port fa0 or fa4 it fails over with intermitency furthermore when I reconnect the cable it never recovers.

For example if I ping a host, I'll get replies for about 20 seconds and then the router will drop 20 other seconds.

After getting the dual wan to work with failover, my next goal is to apply a route-map policy in order to route SIP & RTP Audio traffic over WAN1 and all other traffic via WAN2.

Please let me know what am I doing wrong. 

Thanks!

------------------------------------------------------------------------------------------

wan-router#show ip interface brief
Interface                  IP-Address      OK? Method Status                Protocol
FastEthernet0              unassigned      YES unset  up                    up     
FastEthernet1              unassigned      YES unset  up                    down   
FastEthernet2              unassigned      YES unset  up                    down   
FastEthernet3              unassigned      YES unset  up                    up     
FastEthernet4              190.154.x.x  YES DHCP   up                    up     
NVI0                       190.154.x.x  YES unset  up                    up     
Vlan1                      10.0.11.254     YES NVRAM  up                    up     
Vlan10                     190.131.x.x    YES DHCP   up                    up   

------------------------------------------------------------------------------------------

wan-router#show vlan-switch

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa1, Fa2, Fa3
10   VLAN0010                         active    Fa0
1002 fddi-default                     act/unsup
1003 token-ring-default               act/unsup
1004 fddinet-default                  act/unsup
1005 trnet-default                    act/unsup

VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1    enet  100001     1500  -      -      -        -    -        1002   1003
10   enet  100010     1500  -      -      -        -    -        0      0  
1002 fddi  101002     1500  -      -      -        -    -        1      1003
1003 tr    101003     1500  1005   0      -        -    srb      1      1002
1004 fdnet 101004     1500  -      -      1        ibm  -        0      0  
1005 trnet 101005     1500  -      -      1        ibm  -        0      0

------------------------------------------------------------------------------------------

track timer interface 5
!        
track 123 ip sla 1 reachability
delay down 5 up 5
!        
track 345 ip sla 2 reachability
delay down 5 up 5
!        
!        
!        
!        
!        
!        
!        
interface FastEthernet0
switchport access vlan 10
!       
!        
interface FastEthernet1
!       
!        
interface FastEthernet2
!       
!        
interface FastEthernet3
!       
!        
interface FastEthernet4
description $FW_OUTSIDE$$ES_WAN$
ip dhcp client route track 123
ip address dhcp
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!       
!        
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 10.0.11.254 255.255.252.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!       
!        
interface Vlan10
ip dhcp client route track 345
ip address dhcp
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly
!       
!        
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!        
!        
ip nat inside source route-map ISP1 interface Vlan10 overload
ip nat inside source route-map ISP2 interface FastEthernet4 overload
ip route 0.0.0.0 0.0.0.0 FastEthernet4 track 123
ip route 0.0.0.0 0.0.0.0 190.131.x.x 254 track 345
!        
ip sla 1 
icmp-echo 208.78.x.x source-interface Vlan10
frequency 5
ip sla schedule 1 life forever start-time now
ip sla 2 
icmp-echo 208.78.x.x source-interface FastEthernet4
frequency 5
ip sla schedule 2 life forever start-time now
logging trap debugging
access-list 110 permit ip 10.0.8.0 0.0.3.255 any
no cdp run
         
!        
!        
!        
!        
route-map ISP2 permit 10
match ip address 110
match interface FastEthernet4
!        
route-map ISP1 permit 10
match ip address 110
match interface Vlan10
!        
!      

------------------------------------------------------------------------------------------

wan-router#show ip nat translations
Pro Inside global         Inside local          Outside local         Outside global
udp 190.131.2.78:4666     10.0.8.1:4666         72.144.189.96:1194    72.144.189.96:1194
udp 190.154.40.141:4669   10.0.8.1:4669         69.65.19.116:1194     69.65.19.116:1194
udp 190.131.2.78:4669     10.0.8.1:4669         69.65.19.117:1194     69.65.19.117:1194
udp 190.131.2.78:4694     10.0.8.1:4694         208.67.220.220:53     208.67.220.220:53
udp 190.154.40.141:4694   10.0.8.1:4694         208.67.222.222:53     208.67.222.222:53
udp 190.131.2.78:6525     10.0.8.1:6525         208.67.220.220:53     208.67.220.220:53

------------------------------------------------------------------------------------------

wan-router#show track      
Track 123
  IP SLA 1 reachability
  Reachability is Down
    1 change, last change 00:39:43
  Delay up 5 secs, down 5 secs
  Latest operation return code: Timeout
  Tracked by:
    STATIC-IP-ROUTING 0
Track 345
  IP SLA 2 reachability
  Reachability is Up
    28 changes, last change 00:20:03
  Delay up 5 secs, down 5 secs
  Latest operation return code: OK
  Latest RTT (millisecs) 116
  Tracked by:
    STATIC-IP-ROUTING 0

------------------------------------------------------------------------------------------

Everyone's tags (5)
2 REPLIES
Community Member

Re: Dual WAN setup as per Cisco recommendation not working

This is the software info:

Cisco IOS Software, C880 Software (C880DATA-UNIVERSALK9-M), Version 15.0(1)M3, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Sun 18-Jul-10 08:20 by prod_rel_team

License Information for 'c880-data'
    License Level: advipservices   Type: Permanent
    Next reboot license Level: advipservices

Community Member

Dual WAN setup as per Cisco recommendation not working

It looks the second route has a metric of 254 and theefore is not installed into the routing table

ip route 0.0.0.0 0.0.0.0 190.131.x.x 254 track 345

just remove the 254

Also I have a really buggy IOS on my 881. I get a DHCP address from my vable provider, and if I issue the command ip address dhcp on fa4 while it is running, it loses the ip addresses and never gets it back. The only way to get the IP address back is to remove the startup-config, then configure fa4 first, and let it get an address, before I configure any other interface. If I configure any other interface first, fa4 will never get an address. My point is that I think the 881 is buggy as I have tried a couple of different IOS bins, so it may also just be a bug in your system.

5058
Views
0
Helpful
2
Replies
CreatePlease to create content