12-13-2011 04:10 AM - edited 03-04-2019 02:36 PM
Hi Experts,
First and foremost, what I have are 2 x 7204VXR (Gateways), 1 x 4507R-E (Coreswitch), and our ISP have 7609.Got some issues with redundancy with our ISP.
7609
I I
I I
7204-A 7204-B
| |
| vrrp |
| |
-4507R-E-
|
|
internal network
Both outside interfaces of 7204 gateways are connecting to 7609 with different public ip block.
I used VRRP for my internal nework and failover have been tested working.
Even tried to remove link of 7204-A and 7609, the failover works perfect.
But somehow we're facing a problem:
- If I shutdown/ remove the link between my 4507R-E and 7204-A (primary gw_higher vrrp priority), vrrp redundancy/failover still works, but pings from internal network to internet is only 50% success....alternate 4 ping reply and 4 time out.
I asked our ISP and the route commands they put in their 7609 are as of follows:
ip route 3.8.8.0 255.255.255.0 3.4.4.4 name TO CUSTOMER LINK 1
ip route 3.8.8.0 255.255.255.0 3.3.3.3 2 name TO CUSTOMER LINK 2
Note: IP used are sample only
Please advise why we're having such problem.
Thanks in advance.
12-13-2011 04:38 AM
Hi,
the ISP has 2 longest matching routes to your subnet and so they are doing load balancing on both links but as you have only one router left for going to internal network then the echo-replies coming on 7204-A never make it to your subnet.
Regards.
Alain
12-13-2011 04:40 AM
So what to do?
12-13-2011 04:44 AM
Hi,
you could ask the ISP to implement static route tracking.
Regards.
Alain
12-13-2011 04:49 AM
OMG you made me realised something ....sorry i was confused with all the readings done.
I might need to repost a discussion.
anyway....with the current routes done by ISP (stated above), if I remove link between 4507R-E and 7204-A, internet connectivity is totally down.
And we tried the static route tracking using IP SLA, then the 4 reply/ 4 timeout occurs.
12-13-2011 05:04 AM
Hi,
you asked them to do a route tracking with IP SLA or you did it in your network ?
Regards.
Alain
12-13-2011 05:08 AM
I did told them...and I've seen how they've done it. Actually the ISP is just few blocks away.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: