Reliable Static Routing
Aaron Conaway
I like to lean my head to the left, hit it with the palm of my right hand, and document what knowledge falls out. More Posts - WebsitePage 2 of 2 | Previous page
It's possible that someone somewhere needs to see this.
Clint Young:
April 23rd, 2008 at 22:20
Great article, possibly the best yet!! I’ve seen the tracked static routes in the past, but wasn’t exactly sure how they were implemented. Keep up the great work!
Aaron Conaway:
April 24th, 2008 at 06:48
Thanks, Clint. I appreciate the comment. I’ll keep it up if you keep reading. :)
kashi:
August 15th, 2010 at 12:36
Aaron,
We have the following setup between 2 redundant sites, Site1(primary) and Site2(Standby)
-RTR1—ISP1A
| Old Scenario
LAN
|-RTR2—ISP1B
——————————–
—ISP1A1
-RTR1
| —ISP1A2
| New Scenario
LAN —ISP1B2
|-RTR2
—ISP1B1
In the old scenario, we have 1 default route on RTR1 and RTR2 pointing to ISP1A and ISP1B for each link. Now in the new scenario, service provider is proposing to attach a new link at each site as seen above.
In the new scenario, i want to use IP SLA monitor to track primary default route to ISP1A1 and weigh backup default route so that it takes over when primary fails.
Plz , confirm if this is as per one of ur articles on Reliable Static Routing.
Aaron Conaway:
August 17th, 2010 at 16:47
Hey, Kashi. You can definitely use IP SLA to monitor you primary links and deactivate a route if there’s a failure. I would suggest you monitor something that your users will never see since you’ll have to set a route to the monitored IP to keep RSR from flapping back and forth. You can probably even use the same track object for the RSR to decrement HSRP, VRRP, or GLBP priorities between the routers.
kashi:
August 22nd, 2010 at 10:55
Aaron,
When the 2nd default route becomes the active route after the primary link fails,if the primary link comes up, will the 2nd default route become sort of passive and would all traffic be going out via the primary link again automatically ?
What cmd does this ?
Aaron Conaway:
August 22nd, 2010 at 22:50
The track object is what dictates whether a routes is active or not. In the article, the router will use the default route to 192.168.0.1 as long as track object 100 is up. When the track object goes down, the route will be removed from the routing table, and the weighted route to 10.0.0.254 will then be used. If the track object recovers, the old route will be reinstalled.
In this setup, the router only has a single default route, so only one link is used outbound at a time. If you want to do any type of load balancing outbound, you could have equal-cost default routes with track object that pointed out each provider. If one track object fails, the other link would be used for all traffic until the object recovers. I’m simplifying it, though; there are other things to consider such as per-packet balancing and the return traffic patterns.
kashi:
August 24th, 2010 at 07:16
Aaron,
To track primary default route, we are creating an object1, mapping it with primaruy default route and tracking it so what when it goes down primary default route is removed and backup default route starts routing traffic.
But what if backup route is UP but traffic is not being sent out due to some other reason,say, some link down in the service provider’s internal network, and now both the primary and backup links are not able to send traffic out.
Shouldn’t there be another tracked object2 mapped to backup route also, so that when object2 fails backup route is also removed from routing table and with tracking of backup interface using HSRP, HSRP failsover to the standby router.
Aaron Conaway:
August 27th, 2010 at 12:06
Kashi: IP SLA can track any IP but it can’t detect problems down stream directly. One way around that is track an IP well into the Internet that users don’t access; I’m thinking something like the penultimate hop in a traceroute to google.com or something. That way you are testing reachability well into the Internet and reacting on the result.
You are right that you would need a second object for the secondary link. Using the same one would remove both routes; that’s pretty pointless, eh? :) If you want to get HSRP involved, you can have a third object to decrement HSRP priorities on the router. You can probably use objects 1 or 2 to track HSRP, as well, though; it all depends on what you’re tracking and how you want the traffic to behave.
SLA Monitoring on the PIX/ASA/FWSM | Aaron's Worthless Words:
October 15th, 2010 at 17:45
[...] up with a config that is a very similar to IP SLA stuff on IOS routers, actually. I wrote a terrible blog post about it a few years back, and several other bloggers talk about it as well, but the idea is that [...]
kashi:
June 10th, 2011 at 07:42
Hi Aaron,
Hope you are doing good.
I tried to monitor two WAN loopback IPs using 2 tracked objects X and Y from a WAN router.
But when the loopbacks were shut, the tracked objest X and Y were still showing UP…
Any ideas ?
Aaron Conaway:
June 20th, 2011 at 17:00
Kashi: Do you mean loopbacks on distance WAN routers? Can you ping them manually when they’re shut down?
Kashi:
July 10th, 2011 at 10:14
Yes.
No, i cannot ping the loopbacks…when they are shut down.
Jose:
March 9th, 2012 at 09:32
Aaron,
How configure route tracking in ip route command on FWSM 4.0 ?
COnfigure something like route tracking on FWSM 4.0 ?
Aaron Conaway:
March 16th, 2012 at 20:03
I’ve got an article on doing just that at http://aconaway.com/2010/10/15/sla-monitoring-on-the-pixasa/.