Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Failover route

OK this may be a simple question. I have a pair couple of sites that have both a TLS fiber and a T1 connection back to the main site and I am trying to get them to fail over just on static routing and it is not working. Both devices are 2811 ISR routers. I have 2 static routes on the router with different metrics and it just won't fail over. Do I have to have a routing protocol like EIGRP or OSPF enabled to have a route failover?

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Bronze

Re: Failover route

As you've seen from the result of your test, the route does not get withdrawn from the table as the physical interface remains up/up.

You either need to implement dynamic routing protocol on this link (my preferred suggestion) or incorporate IP SLA on this configuration and track the remote IP address for reachability. If the reachability is down, the IP SLA will remove the primary route and the secondary static route will be used.

The following is a good write-up of how this configuration should be done:

http://www.internetworkpro.org/wiki/Bring_down_an_interface_when_IP_SLA_fails

HTH,

__

Edison

Please rate helpful posts

11 REPLIES
Hall of Fame Super Bronze

Re: Failover route

If the primary static route next-hop is still remain reachable when the TLS is down, then you won't failover to the secondary static route.

When the T1 is down, try pinging the next-hop address and determine why is still reachable.

Can you please post the portion of the config?

HTH,

__

Edison.

New Member

Re: Failover route

Hi Edison,

The TLS is the primary link and the serial/T1 is the backup. The TLS is a fiber link that they hand off to us at layer 2/Ethernet. If I unplug the cable to the fiber/TLS link the ping just goes to no reply and if I try a trace route it goes pretty to the inside interface and then stops. So it doesn't make it to the next hop, I acts like it can't find the other route. If I change the serial interfaces metric to 1 it follows the serial route and not the TLS. I have tried sending it out the interface and not the next hop with same results. The ACL just controls what subnets can access the router and doesn't affect this traffic.

HQ router

T1 interface

!

interface Serial0/0/0

ip address 192.90.30.1 255.255.255.0

ip route-cache flow

TLS

!

interface FastEthernet0/2/0

description Nashwauk

switchport access vlan 21

!

interface Vlan21

ip address 10.254.245.70 255.255.255.252

!

Routes

ip route xxx.xx.177.128 255.255.255.192 10.254.245.69 2

ip route xxx.xx.177.128 255.255.255.192 192.90.30.1 3

Remote router

Serial Interface

!

interface Serial0/3/0

ip address 192.90.30.254 255.255.255.0

TLS interface

!

interface FastEthernet0/1

ip address 10.254.245.69 255.255.255.252

duplex auto

speed auto

!

interface FastEthernet0/1.2

description $ETH-LAN$

encapsulation dot1Q 21

ip access-group 103 in

no snmp trap link-status

Routes

!

ip classless

ip route 0.0.0.0 0.0.0.0 10.254.245.70 2

ip route 0.0.0.0 0.0.0.0 192.90.30.1 3

Hall of Fame Super Bronze

Re: Failover route

The HQ router has an incorrect address on the next-hop for the secondary route.

It should use 192.90.30.254, not 192.90.30.1

HTH,

__

Edison.

New Member

Re: Failover route

I was messing with what I pasted on the my last post and got the wrong info, too happy with the delete key and too lazy to go back and copy it again, my bad. I am at home and connected by rdp to my laptop at work and copying and pasting back and forth from place to place. Here is what is actually in there.

ip route xxx.xx.177.128 255.255.255.192 10.254.245.69 2

ip route xxx.xx.177.128 255.255.255.192 192.90.30.254 3

Hall of Fame Super Bronze

Re: Failover route

Please post the output of show ip route from both devices while the TLS is up and down.

__

Edison.

New Member

Re: Failover route

I will have to be at the remote site to get the ip route with the TLS down and that would have to be off hours, but maybe later in the week.

Here is the remote site with the TLS connected. The one thing I am noticing right away is my secondary route is not showing up.

Gateway of last resort is 10.254.245.70 to network 0.0.0.0

C 192.90.30.0/24 is directly connected, Serial0/3/0

xxx.xxx.0.0/26 is subnetted, 1 subnets

C xxx.xx.177.128 is directly connected, FastEthernet0/0

10.0.0.0/30 is subnetted, 1 subnets

C 10.254.245.68 is directly connected, FastEthernet0/1

S* 0.0.0.0/0 [2/0] via 10.254.245.70

Here is the HQ and it shows the same thing, no secondary route. This is obviously not the whole route table from the HQ router to many public addresses to edit out.

S xxx.xx.177.128/26 [2/0] via 10.254.245.69

Hall of Fame Super Bronze

Re: Failover route

Only the best route will be shown in the routing table. The important output to see is when the TLS is down.

___

Edison.

New Member

Re: Failover route

I kinda figured it was something of that sort. Here are the results. I am not sure why the remote site is not seeing the route as down. Unless as longs the link stays up even if the other end is dead it stays up.

OK I remotely shut down FA0/1 on the remote router then it failed over to 192.90.30.1. Not sure if this is going to help if the device it is attached to stays up but the line itself goes down.

Is there any way I can get it to look at the next hop not just if the interface is up?

remote site.

C 192.90.30.0/24 is directly connected, Serial0/3/0

xxx.xx.0.0/26 is subnetted, 1 subnets

C xxx.xx.177.128 is directly connected, FastEthernet0/0

10.0.0.0/30 is subnetted, 1 subnets

C 10.254.245.68 is directly connected, FastEthernet0/1

S* 0.0.0.0/0 [2/0] via 10.254.245.70

HQ

S xxx.xx.177.128/26 [3/0] via 192.90.30.254

Here is what I get at the remote site if I shutdown FA0/1

C 192.90.30.0/24 is directly connected, Serial0/3/0

xxx.xx.0.0/26 is subnetted, 1 subnets

C xxx.xx.177.128 is directly connected, FastEthernet0/0

S* 0.0.0.0/0 [3/0] via 192.90.30.1

Hall of Fame Super Bronze

Re: Failover route

As you've seen from the result of your test, the route does not get withdrawn from the table as the physical interface remains up/up.

You either need to implement dynamic routing protocol on this link (my preferred suggestion) or incorporate IP SLA on this configuration and track the remote IP address for reachability. If the reachability is down, the IP SLA will remove the primary route and the secondary static route will be used.

The following is a good write-up of how this configuration should be done:

http://www.internetworkpro.org/wiki/Bring_down_an_interface_when_IP_SLA_fails

HTH,

__

Edison

Please rate helpful posts

New Member

Re: Failover route

Thanks for the help guys. I answered my questions on the failover now I just need to go back and make a plan to implement Dynamic routing. We haven't done so yet as we didn't have a need to, but now with the redundant links and it not failing over the way I would like it to there is a need.

Once again thanks for the help.

Scott

New Member

Re: Failover route

262
Views
0
Helpful
11
Replies