This topic is to discuss the following lesson:
In same scenario can you please repost the configuration for Load balancing. Thank you so much you are very helpful.
The configuration is 99% the same. Just make sure you have two equal default routes, in this example the second static route has an AD of 2. Remove that so they both have an AD of 1.
Secondly create an IP SLA instance for each default route so that you can ping IP addresses of each ISP.
Hello
I have this configuration but when main interface go down, the second default route is not going up. what can i check?
configuration
track 123 ip sla 1 reachability
delay down 15 up 10
ip sla 1
icmp-echo 200.xx.xx.xx source-interface GigabitEthernet0/1.1
timeout 1000
threshold 400
frequency 3
ip sla schedule 1 life forever start-time now
ip route 0.0.0.0 0.0.0.0 190.xx.xx.33 track 123
ip route 0.0.0.0 0.0.0.0 190.yy.yy.20 10Hi Adriana,
When the main interface goes down, do you see it being removed from the routing table?
Is the router able to reach 190.yy.yy.20? Is there any other default route that has a better AD than 10 which prevents it from being installed?
Rene
Hi Rene,
I was testing a similar scenario and the below logs started to appear:
*Mar 1 02:04:33.427: %TRACKING-5-STATE: 1 rtr 5 state Up->Down
*Mar 1 02:04:39.427: %TRACKING-5-STATE: 1 rtr 5 state Down->Up
*Mar 1 02:07:43.427: %TRACKING-5-STATE: 1 rtr 5 state Up->Down
*Mar 1 02:08:19.427: %TRACKING-5-STATE: 1 rtr 5 state Down->Up
*Mar 1 02:10:03.427: %TRACKING-5-STATE: 1 rtr 5 state Up->Down
I have configured a static route towards the router which I need to monitor and also have enabled object tracking. Could you please let me know, what could be cause of these logs…
Hi Shwetha,
If you look at the IP SLA statistics, do you see a lot of failures? Maybe the timeout is too low so the ping doesn’t make it back in time.
Rene
1 Like
hi Rene,
One could implement this with two backup routes? Suposing i have two different ways to get to a branch location through ISP1 and another way through ISP2.
Thanks for your response!
Great article, helps me understand IP sla. When would this be used as opposed to ip sla with pbr?
Also how quick does the backup kick in? Wouldn’t using a routing protocol such as OSPF provide the same thing?
Hi Rene,
Fantastic article. This is the senerio I am trying. I have a site that is using a primary link as MPLS and a secondary backup link as VPN (IPsec site-to-site). Due to some erformance issues I would like to change the primary as the VPN and keep the MPLS as the backup. In my case I have a Fortigate Firewall at one site where the MPLS and VPN links terminate and at my head office I have a Core switch where the MPLS terminates and another fortigate where the VPN terminates. I have decreased the Administrative distance on the Fortigates to 18 so that it is lower than BGP 20. Now the VPN is the primary link but when I simulate a outage to the VPN the track routes are still in place hence the link never really fails over to the MPLS. Any pointers would be greatly appreciated.
Hi Ian,
Static routes will send ALL traffic for a certain prefix in a certain direction. It doesn’t care what kind of traffic it is…PBR (Policy Based Routing) lets you change the next hop IP address for specific traffic, for example something that matches an access-list.
The “backup” time depends on the timers that you configured for IP SLA.
For your internal networks, OSPF is a good solution because it will automatically deal with failed links and such. IP SLA + Static routes however can be useful for the edge of your network. Imagine you have two ISPs and you want to check if ISP1 is reachable and if not, you can switch to ISP2.
Rene
Hi Andrés,
Yes that would be a good scenario to use this solution.
Rene
Hi Mac,
On which device you are still seeing these routes? On the Cisco switch?
Rene
I have a branch that is connected to the datacenter via MPLS (using EIGRP) and a backup link(floating static) via ezvpn. Most times when MPLS fails the failover doesn’t kick in immediately until we have to unplug the MPLS cable from the router port.
Is there anyway I can configure IP SLA to make the failover kick in immediately without unplugging the cable or rebooting the router?
Hi Area,
Does your static route have object tracking like I did in my example? That should kick in immediately. Without it, the static route remains in the routing table unless the interface is down. If you enable a debug, do you see object tracking failing once the MPLS link is down?
Rene
very informative . well done man.
Question:
How will it work the example above plus having OSPF configured on R1, SP1 and SP2?.
The question is because the OSPF AD is 110 and static routes are AD 1 and AD 2.
Please advise
Hi Alfredo,
There’s a trick if you want to use this for a routing protocol. I have a lesson for RIP & IP SLA:
https://networklessons.com/rip/rip-reliable-default-route-with-ip-sla/
Configuring OSPF to use IP SLA is similar to this.
Rene
i cant simulate this one on GNS3, i can simulate all commands except the “track 1 rtr 1”, theres no rtr command in my simulated router, im using Router 7200 version 15.2.
the next command on track 1 is:
interface Select an interface to track
ip IP protocol
list Group objects in a list
stub-object Stub tracking object
is there a same command here? since theres no “rtr” on my next command. thanks !
I think it’s under IP now, try this:
track 1 ip sla