dear amit,

thank you for your reply..

acctualy I have a central location with many remotes.

some of remote have two links to central location,The first link is VPN who is the primary link! and the second one is VSAT who is backup.

I want to make GRE tunnel to every remote from central, but HOT redundancy is issue.

for example if the (VPN) first link was down the (VSAT) backup link get up and again when the VPN cams back again the link switches back automatically

regards

Dear,

If I understand correctly from the following

**************************************

" for example if the (VPN) first link was down the (VSAT) backup link get up and again when the VPN cams back again the link switches back automatically "

*****************************

You want that when VPN link goes out VSAT link should fire in and when VPN link comes back the VSAT Should go in standby state.

If, I am correct then this can be achieved using the floating static routes as described in my above post.

If I am wrong, then I am sorry my friend, I need more info on what exactly you are looking to help you further. I would appreciate if you can add a topollogy diagram and a little more expalantion.

HTH,

-amit singh

Hi dear amit,

you understand it well,

acctually in I am connecting remotes to central cia GRE tunnels.

is it possible with your solution?

regards

Hi Friend,

This can be achieved using two methods:

1. Floating static routes

2. Combination of Backup interface command and floating static routes.

Method 1 :

On your central router use the following routes:

ip route tunnel interface -> This will be the primary route

ip route vsat interface 254 -> This will be the secondry route

The first route will have an administrative distance of 1 and will always be your preffered route.The second route will set your administrative disatnce to reach the remote subnet as 254 and will be a secondry link. When your VPN link will go down the traffic will take the Vsat link automatically and when the VPN link is back up again, the traffic will again start using the VPN link automatically.

On your remote site router:

ip route 0.0.0.0 0.0.0.0 tunnel interface -> This will be the primary route

ip route 0.0.0.0 0.0.0.0 tunnel interface 254 -> This will be the Secondry route

This will work the same way as explained above.

Method 2:

On your central router do the following:

conf t

Interface tunnel 1

backup interface

ip route tunnel interface

ip route vsat interface 254

When your VPN tunnel interface is down the Vsat interface will automatically kick in. When VPN link is up again it will automatically become primary interface and the vsat will go to back mode.

On your remote router

Conf t

Interface tunnel

backup interface

ip route 0.0.0.0 0.0.0.0 tunnel interface

ip route 0.0.0.0 0.0.0.0 tunnel interface 254

HTH, Please rate if it does.

-amit singh

Hello Dear Amit

Thank you for your request,

I want to know what will this solution if I use a dynamic routing protocol like OSFP?

regards

HI daer amit

one more thing

I want to know that a router how can recognize the state of the link ?

in a other word how a router can understand the primary link fails?

Hi Friend,

Router knows that which are its connected interfaces and which routes it has installed in its routing table. We have used astatic route on the router to tell it that which interface is the primary link for the traffic going to the particular destination. We have also statically configured secondry route on the router to tell it that when the first interface or route is avianle to you take the second route.When the interface of the router goes down it will look for the alternate router and if its there, it will install it and use fo forwarding the traffic.

The above traffic is when we have used static routing. If you use a dynamic routing protocl we dont have to use this static procedure and everything will work dynamically i.e automatically and will be the same procedure as explained above.

HTH, Please rate if it does.

-amit singh