Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

not able to Switch over between two primary link

Hi My centrail Location has two primary link and one more link used as a Back. Some of the customer connect from one link and some form another primary link . The issue is that i need a switch over when one of the primary link fail the customer do not move on to another primary link i enableb per-packet load balancing still the the switch over to another. Please provide the another method to make switchover to another link other than multilink and etherchannel. Please help me out its critical i am attaching the configuration for the referrence

Hall of Fame Super Silver

Re: not able to Switch over between two primary link

Hello Vaibhav,

I would suggest you to attach also a network diagram and to provide

sh ip route Customer-routes


In this way you can get better help.

I've understood there is a backup link not used when one of the primary link fails.

Hope to help


New Member

Re: not able to Switch over between two primary link


Thanks for the response. I can only explain the network diagram

One of the centrail site is connected to many pop through 2 primary link and one backup line we are using load sharing between the two link and backup we use at the time when both the primary link down however when one of the primary link goes down it does not switch to another link moreover the vlan and physically fa0/0 showing up but tunnel goes down this is also i did not understand. here i am attaching the show ip route of central site and pop

Hall of Fame Super Silver

Re: not able to Switch over between two primary link

Hello Vaibahv,

this network has a complex configuration with a lot of indirection.

Let's consider the so called "another POP"

it has two serial links to outer word.

Two point-to-point GRE tunnels are configured.

Over the two GRE tunnels there are static routes and eBGP sessions using the tunnel ip address.

all pops use the same AS 65534 but no neigh allow-as-in is used so "another POP" shouldn't learn routes of "pop" and viceversa because central site uses AS 65535. (eBGP split horizon rule says: don't accept routes that contain your own AS).

On each POP there is a different OSPF process for each internal Vlan.

Mutual redistribution between BGP and the OSPF processes is configured.

the primary/secondary nature of the GRE tunnels is evident on the static routes but not at BGP level where no action is done on the two eBGP neighbors over the GRE tunnels to provide preference to one of them.

I may be wrong but I see some possible improvements

My suggestions are:

fix the BGP problems using:

neighbor allowas-in central-site-ip-addr

on each POP

or use a different private AS number on each POP

or use a single AS number everywhere and make central site BGP Route Reflector Server.

This should make routing fully dynamic and should help in detecting failures.

I would also consider removing keepalives inside GRE tunnels and using lower BGP timers.

I also don't understand the advantage of using multiple OSPF processes inside each POP: this doesn't block communication between vlans just the knowledge of routes.

It looks like you are trying to isolate parts of the network but there are better tools for this like VRF lite (again this can be a wrong tool only knowing all the requirements can help).

I would consider using different OSPF areas of a single process.

Hope to help


CreatePlease to create content