?
Solved

How to achieve redundant internet connection using two cisco 2610 routers?

Posted on 2003-03-14
22
Medium Priority
?
713 Views
Last Modified: 2007-12-19
Here it is:

Two sites with 2 T1s between them. Cisco 2610 with 2 Ethernet and 2 CSU/TSU on each side. IOS 12.0.
One of the Ethernet ports on each side is on the local subnet: 10.101.60.0 and 10.101.70.0.
Secondary Ethernet ports are not being used at the moment.
Each site has a NOKIA IP440 connected to a FATPIPE WARP and the WARPs, in turn, connected to ISPs.
Previously, we had both sites on the same subnet and were using transparent bridging. We also had only one T1 between sites.

The goal is to achieve aggregated bandwidth between sites and to have each site falling back on to the distant firewall for a default gateway (if local firewall is physically down). I am not trying to load balance internet access between sites.
Internal firewalls IPs are 10.101.60.1 and 10.101.70.1 correspondingly.
Clients (HOSTS) may have dual gateway entries.

I have some rudimentary knowledge of Cisco programming, so you going in details would be helpful.
The task seemingly easy to accomplish to begin with end-up being major pain. I have tried two routes
to  0.0.0.0 0.0.0.0 10.101.60.1 1
and 0.0.0.0 0.0.0.0 10.101.70.1 2
with RIP 2 enabled by default. The moment second router gets assigned a 0.0.0.0 0.0.0.0 x.x.x.x gateway- it nullifies the earlier propagated entries in routing table with local static route to a gateway on the same subnet. (The routes are still visible in sh running-config). Yanking the cable out of Ethernet port on local subnet does not affect the state of the routing table.

HELP!!! It is still an experimental environment I am working in right now so I am willing to try anything that may work.

Thanks in advance,

Vladimir
0
Comment
Question by:vt100
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 13
  • 8
22 Comments
 

Expert Comment

by:-h0p
ID: 8139724
Please update this thread with a 'show run' (minus passwords and whatnot of course).
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 8144040
Let me make sure we have a good picture of what you have:
Internet--Warp--Nokia--A--2600==2xT1==2600--B--NokiaFW--Warp--Internet

What you want is for Site A's Internet access to be the failover for Site B, and vice versa?

You have load balancing/load sharing/failover on the two T1's working OK for you now? Enable IP CEF with the two static routes.

Turn off RIP, as you see it is doing you no good.

Where is the Internet router in relation to everything else? What you may need to do is enable IBGP between the 4 routers, you can't do it with just the two without manual intervention if one of the internet pipes goes down. You need some way for the internet routers to tell the inside routers about the state of the link

>Clients (HOSTS) may have dual gateway entries.
If the hosts have dual default entries, then DGD will only failover to the other if the LAN connection to the first gateway goes down, and won't fail back without manual intervention. Not sure if this is what you were talking about.
0
 

Author Comment

by:vt100
ID: 8151553
I'll try to show the working diagram here:

Internet                                        Internet
Internet--WARP-NOKIA-A-2600==2600-B-NOKIA-WARP--Internet
Internet              |           |             Internet
                      |           |
                   Int Net A    Int Net B

Yes, I would like to have a bydirectional failover between sites A and B.
Load balansing/sharing between sites on two T1s are not yet set in stone because I do not know what I'll end-up configuring the internal interfaces as- if you have a recomendations or a requirement for your solution to the problem to work- please comment on that too.
Internet routers are on the outside of the WARPs- each site has 3 ISP routers connected to a WARP. Redundancy of the Internet connectivity as well as bandwidth aggregation on each site handeled by WARPs, so it is not an issue.
Default gateways for internal hosts are NOKIA firewalls. If you think that changing secondary gateway (for example for site A) from NOKIA-B to 2600 on the left side of the diagram makes sense, let me know if it will require additional routes on the 2600s.
Also, I would appreciate if you go in detail on the IP CEF, I am absolutely not familiar with it and not even sure it is available in IOS 12.0.

Regards,

Vladimir
0
Plug and play, no additional software required!

The ATEN UE3310 USB3.1 Gen1 Extender Cable allows users to extend the distance between the computer and USB devices up to 10 m (33 ft). The UE3310 is a high-quality, cost-effective solution for professional environments such as hospitals, factories and business facilities.

 

Author Comment

by:vt100
ID: 8151566
P.S. Sorry for the diagram- did not look as intended. If you will cut and paste it in Notepad or other editor- it'll be closer to the original.

Thank You.
0
 

Author Comment

by:vt100
ID: 8151711
Here is the left side routers' sh running-conf with CEF and two routes- please not that the sh ip route still shows only 1 0.0.0.0 0.0.0.0 10.101.60.1 which is the local gateway- i.e. it will not route to the other side at all.

sec#sh running-conf
Building configuration...

Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname sec
!
enable password
!
ip subnet-zero
ip cef
no ip domain-lookup
!
!
process-max-time 200
!
interface Ethernet0/0
 description connected to sec-10
 ip address 10.101.60.2 255.255.255.0
 no ip directed-broadcast
!
interface Serial0/0
 description connected to jc
 ip address 10.101.80.1 255.255.255.252
 no ip directed-broadcast
 service-module t1 remote-alarm-enable
!
interface Serial0/1
 description connected to jc
 ip address 10.101.90.1 255.255.255.252
 no ip directed-broadcast
 service-module t1 remote-alarm-enable
!
interface Ethernet1/0
 description connected to sec-192
 ip address 192.168.100.2 255.255.255.0
 no ip directed-broadcast
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.101.60.1
ip route 0.0.0.0 0.0.0.0 10.101.70.1 25
!
snmp-server community public RO
!
line con 0
 exec-timeout 0 0
 password
 login
 transport input none
line aux 0
line vty 0 4
 password
 login
!
no scheduler allocate
end

sec#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
       U - per-user static route, o - ODR

Gateway of last resort is 10.101.60.1 to network 0.0.0.0

     10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
C       10.101.90.0/30 is directly connected, Serial0/1
C       10.101.80.0/30 is directly connected, Serial0/0
C       10.101.60.0/24 is directly connected, Ethernet0/0
C    192.168.100.0/24 is directly connected, Ethernet1/0
S*   0.0.0.0/0 [1/0] via 10.101.60.1
sec#
0
 

Author Comment

by:vt100
ID: 8151816
Here is the left side routers' sh running-conf with CEF and two routes- please not that the sh ip route still shows only 1 0.0.0.0 0.0.0.0 10.101.60.1 which is the local gateway- i.e. it will not route to the other side at all.

sec#sh running-conf
Building configuration...

Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname sec
!
enable password
!
ip subnet-zero
ip cef
no ip domain-lookup
!
!
process-max-time 200
!
interface Ethernet0/0
 description connected to sec-10
 ip address 10.101.60.2 255.255.255.0
 no ip directed-broadcast
!
interface Serial0/0
 description connected to jc
 ip address 10.101.80.1 255.255.255.252
 no ip directed-broadcast
 service-module t1 remote-alarm-enable
!
interface Serial0/1
 description connected to jc
 ip address 10.101.90.1 255.255.255.252
 no ip directed-broadcast
 service-module t1 remote-alarm-enable
!
interface Ethernet1/0
 description connected to sec-192
 ip address 192.168.100.2 255.255.255.0
 no ip directed-broadcast
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.101.60.1
ip route 0.0.0.0 0.0.0.0 10.101.70.1 25
!
snmp-server community public RO
!
line con 0
 exec-timeout 0 0
 password
 login
 transport input none
line aux 0
line vty 0 4
 password
 login
!
no scheduler allocate
end

sec#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
       U - per-user static route, o - ODR

Gateway of last resort is 10.101.60.1 to network 0.0.0.0

     10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
C       10.101.90.0/30 is directly connected, Serial0/1
C       10.101.80.0/30 is directly connected, Serial0/0
C       10.101.60.0/24 is directly connected, Ethernet0/0
C    192.168.100.0/24 is directly connected, Ethernet1/0
S*   0.0.0.0/0 [1/0] via 10.101.60.1
sec#
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 8152069
Start with one thing at a time. Load balancing/sharing across the 2xT1 between sites to get them talking to each other:

On SEC:
ip route 10.101.70.0 255.255.255.0 10.101.80.2
ip route 10.101.70.0 255.255.255.0 10.101.90.2
ip route 0.0.0.0 0.0.0.0 10.101.60.1
ip route 0.0.0.0 0.0.0.0 10.101.80.2 20
ip route 0.0.0.0 0.0.0.0 10.101.90.2 20

On JC:
ip route 10.101.60.0 255.255.255.0 10.101.80.1
ip route 10.101.60.0 255.255.255.0 10.101.90.1
ip route 192.168.100.0 255.255.255.0 10.101.80.1
ip route 192.168.100.0 255.255.255.0 10.101.90.1
ip route 0.0.0.0 0.0.0.0 10.101.70.1
ip route 0.0.0.0 0.0.0.0 10.101.80.1 20
ip route 0.0.0.0 0.0.0.0 10.101.90.1 20

Alternative:
SEC:

ip route 0.0.0.0 0.0.0.0 10.101.60.1
ip route 0.0.0.0 0.0.0.0 10.101.80.2 20
ip route 0.0.0.0 0.0.0.0 10.101.90.2 20
!
 router eigrp 101
  network 10.0.0.0
  no auto-summary
  redist connected

JC:
 ip route 0.0.0.0 0.0.0.0 10.101.70.1
 ip route 0.0.0.0 0.0.0.0 10.101.80.1 20
 ip route 0.0.0.0 0.0.0.0 10.101.90.1 20
!
 router eigrp 101
  network 10.0.0.0
  no auto-summary
  redist connected


Troubleshooting/verifying CEF:

http://www.cisco.com/en/US/tech/tk827/tk831/technologies_tech_note09186a0080094806.shtml

0
 

Author Comment

by:vt100
ID: 8152960
OK, this part is done. Hosts at each side can ping each other. Still no luck with cross-routing. Host 10.101.60.3 has a default (and only)gateway of 10.101.70.1 and host 10.101.70.3 has a single gateway of 10.101.60.1. Attached are #sh running-conf and #sh ip route from both routers.

sec#sh running-conf
Building configuration...

Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname sec
!
enable password 7 1543595F
!
ip subnet-zero
ip cef
no ip domain-lookup
!
!
process-max-time 200
!
interface Ethernet0/0
 description connected to sec-10
 ip address 10.101.60.2 255.255.255.0
 no ip directed-broadcast
!
interface Serial0/0
 description connected to jc
 ip address 10.101.80.1 255.255.255.252
 no ip directed-broadcast
 service-module t1 remote-alarm-enable
!
interface Serial0/1
 description connected to jc
 ip address 10.101.90.1 255.255.255.252
 no ip directed-broadcast
 service-module t1 remote-alarm-enable
!
interface Ethernet1/0
 description connected to sec-192
 ip address 192.168.100.2 255.255.255.0
 no ip directed-broadcast
!
router eigrp 101
 redistribute connected
 network 10.0.0.0
 no auto-summary
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.101.60.1
ip route 0.0.0.0 0.0.0.0 10.101.80.2 20
ip route 0.0.0.0 0.0.0.0 10.101.90.2 20
!
snmp-server community public RO
!
line con 0
 exec-timeout 0 0
 password 7 075E731F
 login
 transport input none
line aux 0
line vty 0 4
 password 7 08701E1D
 login
!
no scheduler allocate
end

sec#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
       U - per-user static route, o - ODR

Gateway of last resort is 10.101.60.1 to network 0.0.0.0

     10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
C       10.101.90.0/30 is directly connected, Serial0/1
C       10.101.80.0/30 is directly connected, Serial0/0
C       10.101.60.0/24 is directly connected, Ethernet0/0
C    192.168.100.0/24 is directly connected, Ethernet1/0
S*   0.0.0.0/0 [1/0] via 10.101.60.1
sec#

jc#sh running-conf
Building configuration...

Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname jc
!
enable password 7 02575608
!
ip subnet-zero
ip cef
no ip domain-lookup
!
!
process-max-time 200
!
interface Ethernet0/0
 description connected to jc-10
 ip address 10.101.70.2 255.255.255.0
 no ip directed-broadcast
!
interface Serial0/0
 description connected to sec
 ip address 10.101.80.2 255.255.255.252
 no ip directed-broadcast
 service-module t1 remote-alarm-enable
!
interface Serial0/1
 description connected to sec
 ip address 10.101.90.2 255.255.255.252
 no ip directed-broadcast
 service-module t1 remote-alarm-enable
!
interface Ethernet1/0
 description connected to jc-192
 ip address 192.168.200.2 255.255.255.0
 no ip directed-broadcast
!
router eigrp 101
 redistribute connected
 network 10.0.0.0
 no auto-summary
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.101.70.1
ip route 0.0.0.0 0.0.0.0 10.101.80.1 20
ip route 0.0.0.0 0.0.0.0 10.101.90.1 20
!
snmp-server community public RO
!
line con 0
 exec-timeout 0 0
 password 7 11584B56
 login
 transport input none
line aux 0
line vty 0 4
 password 7 03550958
 login
!
no scheduler allocate
end

jc#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
       U - per-user static route, o - ODR

Gateway of last resort is 10.101.70.1 to network 0.0.0.0

C    192.168.200.0/24 is directly connected, Ethernet1/0
     10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
C       10.101.70.0/24 is directly connected, Ethernet0/0
C       10.101.90.0/30 is directly connected, Serial0/1
C       10.101.80.0/30 is directly connected, Serial0/0
D       10.101.60.0/24 [90/2195456] via 10.101.80.1, 00:00:30, Serial0/0
                       [90/2195456] via 10.101.90.1, 00:00:30, Serial0/1
D EX 192.168.100.0/24 [170/2195456] via 10.101.80.1, 00:00:30, Serial0/0
                      [170/2195456] via 10.101.90.1, 00:00:30, Serial0/1
S*   0.0.0.0/0 [1/0] via 10.101.70.1
jc#
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 8153032
Look like router SEC is not learning a route to 192.168.200.0 from JC.
JC has this entry in host table, I would expect to see one like it on SEC:
D EX 192.168.100.0/24 [170/2195456] via 10.101.80.1, 00:00:30, Serial0/0

Note that you have two equal cost routes to it, that will load balance quite nicely.

>Host 10.101.60.3 has a gateway of 10.101.70.1
?? can you post C:\>route print

I would expect this PC to have a default gateway of 10.101.60.2, alternate gateway of 10.101.60.1 - it has to be on its own local subnet. If it even allowed you to make the entry with a gateway on another network, perhaps the subnet mask is incorrect on the workstation?

Same with PC on the .70 side. Local default gateway
0
 

Author Comment

by:vt100
ID: 8153731
SEC did learned the D EX 192.x.x.x -it just took some time.
I've specified gateways with different subnets to force route traffic via remote router (with persistent route 10.101.B.1 255.255.255.255 10.101.A.2 in place). I've just changed them to a single local gateways of x.x.60.2 and x.x.70.2 correspondingly (cleaning the routes I have added before), but that did not change the behavior of the tracert which still looks like it hits the E0/0 of the router and then it bounces of to a local NOKIA (which I think is what supposed to happened). Do I have to disconnect NOKIA in order for the other 0.0.0.0 route to propagate?

here is the route print from both hosts (after changing the gateways to a x.x.60.2 and x.x.70.2):

10.101.60.3 host
C:\>ipconfig

Windows 2000 IP Configuration

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . :
        IP Address. . . . . . . . . . . . : 10.101.60.3
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 10.101.60.2

C:\>route print
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x1000003 ...00 06 5b c6 c5 9a ...... 3Com EtherLink PCI
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      10.101.60.2     10.101.60.3       1
      10.101.60.0    255.255.255.0      10.101.60.3     10.101.60.3       1
      10.101.60.3  255.255.255.255        127.0.0.1       127.0.0.1       1
   10.255.255.255  255.255.255.255      10.101.60.3     10.101.60.3       1
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
   204.117.214.10  255.255.255.255      10.101.60.1     10.101.60.3       1
        224.0.0.0        224.0.0.0      10.101.60.3     10.101.60.3       1
  255.255.255.255  255.255.255.255      10.101.60.3     10.101.60.3       1
Default Gateway:       10.101.60.2
===========================================================================
Persistent Routes:
  None

C:\>

10.101.70.3 host
C:\>ipconfig

Windows 2000 IP Configuration

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . :
        IP Address. . . . . . . . . . . . : 10.101.70.3
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 10.101.70.2

C:\>route print
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x1000003 ...08 00 46 07 3d cd ...... E100B2 Intel 8255x-based Integrated Fast E
thernet
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      10.101.70.2     10.101.70.3       1
      10.101.70.0    255.255.255.0      10.101.70.3     10.101.70.3       1
      10.101.70.3  255.255.255.255        127.0.0.1       127.0.0.1       1
   10.255.255.255  255.255.255.255      10.101.70.3     10.101.70.3       1
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
        224.0.0.0        224.0.0.0      10.101.70.3     10.101.70.3       1
  255.255.255.255  255.255.255.255      10.101.70.3     10.101.70.3       1
Default Gateway:       10.101.70.2
===========================================================================
Persistent Routes:
  None

C:\>


0
 
LVL 79

Expert Comment

by:lrmoore
ID: 8153817
Are we at a point where everything works as you need it to, with the exception of the failover gateway?
Load-balancing/failover between the two sites should be working well, routing is working, and everybody can see everybody, right?

Now, what we need is some mechanism that would tell the router that the internet connection is down, and to inject a default route going out to the other site.

Q: with triple redundency with the WARP boxes at each end, how likely is it that you would need this failover capability? The reason I ask is to help determine a reasonable solution.

Start with some testing. First, just manually yank the default route:
SEC:
no ip route 0.0.0.0 0.0.0.0 10.101.60.1

Now, with the workstation default pointing to this router, the higher cost default routes should take effect. If the Nokia on the other LC side is configured correctly to provide the NAT and permit the SEC subnet to be natted, everything should work.
If it does not work, you'll need to check into the firewall/nat routing rules on the Nokias. Also, make sure the Nokias have static routes pointing back to the 2600 for the remote site subnets.

Once that part works, we can figure out a way to make it dynamic.
0
 

Author Comment

by:vt100
ID: 8154073
Just to answer your question about excessive redundancy- I am not concerned about any single ISP failing, I am trying to implement redundancy for the NOKIAs as well as WARPs. Assuming that one of them will go down- we will loose the internet connectivity (short of me rigging something on the fly), which is exactly what I am trying to avoid.

Give me another 20 minutes and I'll try your next suggestion. Thanks.
0
 

Author Comment

by:vt100
ID: 8154293
This part worked just as predicted by you. I had to add routes on nokias for the routing of the nets to the routers ethernet ports. Once it was done and new routes were in the table, internet access resumed.
Please do continue.
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 1500 total points
ID: 8154416
Good news. Successful steps is always good.
Now what we need is a way for the Cisco to notice when it can no longer talk to the Nokia and drop the route entry itself. I confess that I'm not familiar with the Nokia and its capabilities. Does it talk OSPF or BGP on the LAN interface? If we add the default dynamically, injected by the Nokia, and the cisco ceases to get the update,  then the statics will take over.

Which version Nokia do you have? I don't have too much time to research this today. Now that we've got you to this point where you have a quick manual switch, what is your timeline to get it working dynamically?

0
 

Author Comment

by:vt100
ID: 8154509
I have a couple of weeks to get it running. As to NOKIAs, they run IPSO version 3.56. It does support OSPF.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 8154580
Which model Nokia?
Anything else pressing that needs to work right away?
0
 

Author Comment

by:vt100
ID: 8154665
IT is NOKIA IP440 running checkpoint firewall/vpn NG fp2.
No rush at this point, but it is my neck that's at stake when the proverbial fan gets hit. Now, for the test purposes, I have two nokias with firewall modules disabled running in a test setup. Ones I'll make sure that the routing issues are dealt with, I'll have to work out the firewall/vpn overlay functionality.
 Assuming this issue will ever get resolved- I also would like to hide each side behind ip of the router's ethernet port by NATing the ranges.
 If you think that this worth more than 500 points- let me know and I'll up the stakes. This whole project just takes a lot more of my time then I originally anticipated. Any help would be welcome.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 8155335
I can't find anything on a Nokia IP440. ..330, 350, 380,..
nothing on IP 440.
0
 

Author Comment

by:vt100
ID: 8159228
as far as programing goes- it's all the same: I have a nokia IP330 in different installation running the same version of OS. If you have any info on those you can apply it to the 440 configuration.
0
 

Author Comment

by:vt100
ID: 8183850
Irmoore,
The idea about Nokias injecting routes end-up being the solution. I have deleted all static entries from both routers leaving eigrp to route 10.0.0.0 and handling redistribution between subnets. I have configured Nokias to RIP their static Default route via Ethernet port connected to 10.101.60.0 and 10.101.70.0.
Now, under normal conditions, each router shows local Nokia as its default gateway. If one of the Nokias is disconnected- after RIP timeout and Hold period new 0.0.0.0 propagets to the remote router and it looks like this: *R 0.0.0.0/0 via 10.101.80.1 [120/2] 00:00:xx via Serial0/x.

Thanks a bunch for the ideas and suggestions. And oh, what reasonably short timeout period for the RIP would you recommend setting for the routes to propagate a bit livelier?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 8183984
Good job!

default timers for rip are:

update: 30 seconds
invalid: 180 seconds
holddown: 180 seconds
flush: 240 seconds

syntax:
timers basic update invalid holddown flush
no timers basic
Syntax Description

update
 Rate (in seconds) at which updates are sent. This is the fundamental timing parameter of the routing protocol. The default is 30 seconds.
 
invalid
 Interval of time (in seconds) after which a route is declared invalid; it should be at least three times the value of the update argument. A route becomes invalid when there is an absence of updates that refresh the route. The route then enters into a holddown state. The route is marked inaccessible and advertised as unreachable. However, the route is still used for forwarding packets. The default is 180 seconds.
 
holddown
 Interval (in seconds) during which routing information regarding better paths is suppressed. It should be at least three times the value of the update argument. A route enters into a holddown state when an update packet is received that indicates the route is unreachable. The route is marked inaccessible and advertised as unreachable. However, the route is still used for forwarding packets. When holddown expires, routes advertised by other sources are accepted and the route is no longer inaccessible. The default is 180 seconds.
 
flush
 Amount of time (in seconds) that must pass before the route is removed from the routing table; the interval specified should be greater than the value of the invalid argument. If it is less than this sum, the proper holddown interval cannot elapse, which results in a new route being accepted before the holddown interval expires. The default is 240 seconds.
 


example:

router rip
 timers basic 5 15 15 30
0
 

Author Comment

by:vt100
ID: 8195431
Thanks Irmoore,
I'll try it today.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Problem Description:   Couple of months ago we upgraded the ADSL line at our branch office from Home to Business line. The purpose of transforming the service to have static public IP’s. We were in need for public IP’s to publish our web resour…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question