Thank you very much for the reply.

I cannot use HSRP.

My network design is little different.

Is there any other way failover can be achived for routing in a switch?

Thank you very much for the reply.

I cannot use HSRP.

I have attached my network diagram. When ISP1 goes down, the switch should detect the ISP1 router global interface status using tracking and route the traffic to ISP2 and vice-versa with ISP2 switch.

If i cant achive this with tracking, then is there any other way I can achive this routing?

The time tested solution -- Routing Protocols

Which routing protocol will be good and how to setup it?

Thank you.

Hi,

As suggested above the tested option is routing protocol.

However if you want to configure tracking, you can do so. I can see two switches in your LAN. Are these two switches running in HSRP or only one switch is forwarding traffic to ISP routers.

Anyway, for using tracking you may need to check IOS version supporting IP sla monitor (previously called rtr) and tracking. Use IOS feature navigator to choose correct IOS.

Configuration will be like

rtr 1

type echo protocol ipIcmpEcho 10.10.10.10

timeout 2000

frequency 2

rtr schedule 1 life forever start-time now

track 100 rtr 1 reachability

delay down 10 up 10

ip route 0.0.0.0 0.0.0.0 10.10.10.10 track 100

ip route 0.0.0.0 0.0.0.0 10.10.20.20 150

Here say 10.10.10.10 is IP address of ISP 1. We are configuring a timed ping to this interface. The status will be tracked by tracker configured. Untill track return code is ok, thr first default route will be there in routing table. If the track fails this route will be removed and the second route will be installed in the routing table. 10.10.20.20 is IP of ISP 2.

For this, your ISP should allow you to ping their routers.

Again, the best solution will be to use routing protocols

Thank you very much for the reply.

Both netwroks in my diagram forwards traffic to its own ISP.

If A network segment ISP1 goes down, then its traffic should be forwarded by switch to B`s ISP2 and vice-versa.

The config which you have given got IP sla monitor and tracking, is it the config of switch or router?

If I use routing protocol, like EIGRP, how the routes will be changed in switch? How the metric to be used in switch?

I consider following things:

Two routers you have shown are located at ISP end and are not under your control.

The ISP has provided links which you have directly connected into your switches.

In such case the above configs are for your switches.

For EIGRP, you can redistribute static routes in both the switches. e.g. Following will be the config for switches

router eigrp 7

network x.x.x.x x.x.x.x

redistribute static

Now, considering ISP A is your primary ISP, on switch A give default route as

ip route 0.0.0.0 0.0.0.0 IP_of_ISP_A

This route will be redistributed into EIGRP with weight 170. So switch B will see this default route with weight 170 whereas for switch A this is with weight 1.

Now on switch B configure one default route tp ISP B with weight higher than 170 e.g.

ip route 0.0.0.0 0.0.0.0 IP_of_ISP_B 190

Since this route has weight 190, normally switch B will use the route through switch A which is having weight 170. If the link to ISP A goes down, that default route will be removed from switch A. Now for switch B the next candidate default route is the one with weight 190 which is pointing to ISP B. Switch B will install this route and will also redistribute it. Thus now switch A will also see this route through switch B with weight 170 (since it is redistributed) and traffic will flow through ISP B.

According to the network diagram. How do you let the user know the default gateway will be changed if the primary gateway down ?

Only if your sw to configure the HSRP (assume it is under your control and support HSRP) then let the switch to talk to the ISP router, like Anand's proposal. Otherwise, the user will still unable to reach outside due to incorrect gateway.

Thank you very much for the reply.

The two Cisco ISR router`s are under my control only, above it there is ISP`s routers.

For LAN segment A, the DG is 172.17.24.62 in all client pc`s, which is the ip address of the switch. sorry i forgot to write the ip in diagram.

ip route 0.0.0.0 0.0.0.0 172.17.24.9 170 in A`s switch

ip route 0.0.0.0 0.0.0.0 172.17.16.6 190 in A`s switch

ip route 172.17.16.0 255.255.255.0 172.17.16.6 in A`s switch

router eigrp 24

network 172.17.24.0 0.0.0.255

network 172.17.16.0 0.0.0.255

redistribute static

For LAN segment B, the DG is 172.17.16.30 in all client pc`s, which is the ip address of the switch.

ip route 0.0.0.0 0.0.0.0 172.17.16.6 170 in B`s switch

ip route 0.0.0.0 0.0.0.0 172.17.24.9 190 in B`s switch

ip route 172.17.24.0 255.255.255.0 172.17.24.9 in B`s switch

router eigrp 16

network 172.17.16.0 0.0.0.255

network 172.17.24.0 0.0.0.255

redistribute static

This scheme may run into some problems

1. It is fine to give IP of switch as default gateway if your switches are L3 capable i.e. are able to run routing protocol

2. If the ISP links connect to the shown routers then, these configs must be on your routers. This is because in this scenario, switch will never understand if ISP link between the routers has failed. I believe switch is connected to your router over copper cable. Also, you have shown router with firewall. There is no direct connection between routers so you will need to allow EIGRP to run through the firewalls.

Just confirm if you can run eigrp on routers. Otherwise you can take help of tracking as discussed in previous solution

Regarding the configs, I noticed following :

3. Not sure why have you given weight 170 to the primary default route. In my post I said 170 because that is the default weight after redistribution into eigrp. i.e. On switch A configure default route to ISP A w/o specifying any weight (default = 1).

4. On both the switches eigrp AS number must be same. It cannot be 24 and 16 keep any one value on both the switches

5. No need to configure route to 24.0 and 16.0 networks. EIGRP will take care of it

If it is this case, what I think there is no need to configure 2nd IP address in the ISR, due to no user will point to it as GW.

Agreed w/ Anand again, there is no need to configure the static for .16 & .24 in both routers. It will be learned from EIRGP. However, this solution will only protect the uplink to ISP failure, if the connected router / GW down, it still not able to reach to ISP network unless enable the HSRP or the client support routing protocol.

Will you configure second GW in user PC ? If yes, the second IP in routers may work..... better test it before release to user.

Agreed with Jack on GW issue. If you do not want to run HSRP at all, you will need to run EIGRP on switches also. Thus switch will not have any hard coded default route but it will take it from eigrp.