Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Duplicate Static Routing For Failover Over GRE - Can You Help?

Hello Community,

I think i am going mad, i should know the answer to this but i have thought about it that much that not even the simplest things are making sense to me now, so im hopingyour wise brains can help me out.


I have a situation where i need to route the same IP block, a /29 via a static route to another router that is on our network, this router has a weird config where its connected to the network via two /30 GRE tunnels that are encrypted, they are two GRE tunnels that work over two WAN gateways for redundancy.  If one gateway does down then there is still a second GRE tunel up to route the /29 over.


To do this would i need to have 2* static routes pointing the /29 at both ends of the /30 GRE tunnel, so if one went down it could still route the /29 over the second tunnel. Or would having two static routes pointing a single /29 network to two different /30 destignations on the same router cause issues?


The /29 is so i can have public IP addresses on a router interface, then have 2 X default routes pointing to both ends of the /30 GRE tunnels, thats the plan anyways.


Is there a way to make to make this work?  will it work?



Many Thanks.






  • WAN Routing and Switching


Yes it will work, Would you like to use both interfaces at the same time or use one as a backup?
There are few ways this can be achieved - depending on what you like to happen.


1) default static routing with a floating static + ip sla tracking

2 ) embedded event manager utilising ip sla tracking

3) load sharing using basic default static routing with same admin distance values.

items 1 & 3 are very straight forward item 2 is a little bit more indepth .


1) default static with floating statics using ip sla tracking

ip sla 1 icmp-echo (desitnation ip address) source-ip ( source ip address)
freq 5
ip sla scheduled 1 start-time now life forever

track 1 ip sla 1 reachability

ip route (ISP1) track 1
ip route (ISP2) 250


Item 3 (load sharing)
ip route (ISP1) 250
ip route (ISP2) 250



Please don't forget to rate any posts that have been helpful. Thanks.
New Member

Hi Paul,Many thanks for your

Hi Paul,

Many thanks for your reply, i forgot to mention that the router with the default routes (customer cpe) is a non cisco, its a Mikrotik but our entire core network is Cisco.  I need to put the static routes on our edge cisco device to route the IP block /29 for example to the Mikrotik. In your example i think you explained about routing the traffic back using default routes, what about routing the /29 from our core to the customer router over the GRE tunnels?

The two GRE tunnel addresses are /30 and


So could i have two static routes as follows on my cisco edge router,

ip route 200

ip route 200

Im sorry my knowledge of a floating static route is not as good as it should be, if i set the AD of 200 on both the statics like above, would that load balance traffic over both routes?  what would happen if went down, would 50% of the traffic be blackholed, if indeed it was blackholed?

If you could clear that up for me i would really appreciate it.


Many Thanks.


HelloWith the load sharing


With the load sharing option no traffic will be lost if one of the tunnel go down it would merely me that all traffic would use the one remaining default route.




Please don't forget to rate any posts that have been helpful. Thanks.

HiBe aware of the tunnel


Be aware of the tunnel behavior, that is, if the tunnel destination is in the routingtable, then the router consider the tunnel is up, regardless if there is something in the transit that is broken. If this happens half of the traffic will be blackholed.

To overcome this, You can configure tunnel keep-alive. Or You can use a routingprotocol over the tunnels, then the protocol will take care of broken tunnels.


This widget could not be displayed.