willwetherman
asked on
Cisco Router Object Tracking
Hi
I have configured a cisco 1721 for reliable static routing using oject tracking. The primary route is to a leased line connection on another router, and the secondary route is out through an adsl interface card on the 1721.
When all the equipment is plugged in, the track table shows as up and the primary route is to the leased line router. After unplugging the leased line router the track table shows down and the default route points to the dialer interface - great! The problem that I am having is that after plugging the leased line router back in the default route will not change back and sticks as the dialer interface.
If i change the seconday route to another device and specifiy a next hop as opposed to the dialer interface, the primary route comes back fine.
Do you know what could be causing this problem?
Thanks
I have configured a cisco 1721 for reliable static routing using oject tracking. The primary route is to a leased line connection on another router, and the secondary route is out through an adsl interface card on the 1721.
When all the equipment is plugged in, the track table shows as up and the primary route is to the leased line router. After unplugging the leased line router the track table shows down and the default route points to the dialer interface - great! The problem that I am having is that after plugging the leased line router back in the default route will not change back and sticks as the dialer interface.
If i change the seconday route to another device and specifiy a next hop as opposed to the dialer interface, the primary route comes back fine.
Do you know what could be causing this problem?
Thanks
ASKER
I did yes. Here is a copy of my config
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Failover
!
boot-start-marker
boot-end-marker
!
!
aaa new-model
!
!
!
aaa session-id common
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
no ip cef
no ip domain lookup
ip inspect name myfw cuseeme timeout 3600
ip inspect name myfw ftp timeout 3600
ip inspect name myfw rcmd timeout 3600
ip inspect name myfw realaudio timeout 3600
ip inspect name myfw smtp timeout 3600
ip inspect name myfw tftp timeout 30
ip inspect name myfw udp timeout 15
ip inspect name myfw tcp timeout 3600
ip inspect name myfw h323 timeout 3600
ip sla monitor 1
type echo protocol ipIcmpEcho (Removed)
timeout 1000
frequency 5
ip sla monitor schedule 1 life forever start-time now
!
!
!
track 123 rtr 1 reachability
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface FastEthernet0
ip address 192.168.1.1 255.255.255.0
ip nat inside
no ip redirects
ip virtual-reassembly
speed auto
!
interface Dialer0
ip address (Removed)
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap callin
ppp chap hostname (Removed)
ppp chap password 0 (Removed)
!
ip local policy route-map MY_LOCAL_POLICY
ip route 0.0.0.0 0.0.0.0 192.168.1.101 track 123
ip route 0.0.0.0 0.0.0.0 Dialer0 254
no ip http server
no ip http secure-server
!
ip nat pool branch (Removed) netmask 255.255.255.248
ip nat inside source list 102 pool branch overload
!
!
access-list 101 permit icmp any host (Removed)
access-list 102 permit ip 192.168.1.0 0.0.0.255 any
dialer-list 1 protocol ip permit
!
route-map MY_LOCAL_POLICY permit 10
match ip address 101
set interface Null0
set ip next-hop 192.168.1.101
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
!
end
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Failover
!
boot-start-marker
boot-end-marker
!
!
aaa new-model
!
!
!
aaa session-id common
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
no ip cef
no ip domain lookup
ip inspect name myfw cuseeme timeout 3600
ip inspect name myfw ftp timeout 3600
ip inspect name myfw rcmd timeout 3600
ip inspect name myfw realaudio timeout 3600
ip inspect name myfw smtp timeout 3600
ip inspect name myfw tftp timeout 30
ip inspect name myfw udp timeout 15
ip inspect name myfw tcp timeout 3600
ip inspect name myfw h323 timeout 3600
ip sla monitor 1
type echo protocol ipIcmpEcho (Removed)
timeout 1000
frequency 5
ip sla monitor schedule 1 life forever start-time now
!
!
!
track 123 rtr 1 reachability
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface FastEthernet0
ip address 192.168.1.1 255.255.255.0
ip nat inside
no ip redirects
ip virtual-reassembly
speed auto
!
interface Dialer0
ip address (Removed)
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap callin
ppp chap hostname (Removed)
ppp chap password 0 (Removed)
!
ip local policy route-map MY_LOCAL_POLICY
ip route 0.0.0.0 0.0.0.0 192.168.1.101 track 123
ip route 0.0.0.0 0.0.0.0 Dialer0 254
no ip http server
no ip http secure-server
!
ip nat pool branch (Removed) netmask 255.255.255.248
ip nat inside source list 102 pool branch overload
!
!
access-list 101 permit icmp any host (Removed)
access-list 102 permit ip 192.168.1.0 0.0.0.255 any
dialer-list 1 protocol ip permit
!
route-map MY_LOCAL_POLICY permit 10
match ip address 101
set interface Null0
set ip next-hop 192.168.1.101
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
!
end
I don't see a threshold setting under your sla monitor
ip sla monitor 1
type echo protocol ipIcmpEcho (Removed)
timeout 1000
frequency 5
threshold 2 <==
ip sla monitor 1
type echo protocol ipIcmpEcho (Removed)
timeout 1000
frequency 5
threshold 2 <==
ASKER
I did try that to start with and have since changed the config to try and get it to work. I will try it again tomorrow though and let you know. Thanks
ASKER
No this didnt work. I did notice that I can ping the tracked IP address before I unplug the main router, when unplugged the track is down and the default route points to 0.0.0.0 0.0.0.0 dialer0. When I plug the main router back in I can no longer ping the tracked IP address. If i remove the local policy statement and then put it back in and remove 'ip route 0.0.0.0 0.0.0.0 dialer 0 254' it will start working again. I have double checked the route-map to ensure that the next hop is pointing to the main router.
Any more Ideas? Thanks
Any more Ideas? Thanks
ASKER
Just looked again and all I have to do is delete' ip route 0.0.0.0 0.0.0.0 dialer 0 254' for the track and primary route to come back up.
How long do you wait? It might take a couple of minutes which can seem like a very long time in Internet time where we expect stuff to happen almost instantaneously.
Else I would open a TAC case and get Cisco on the hook to help out. I just don't see anthing else at all...
Else I would open a TAC case and get Cisco on the hook to help out. I just don't see anthing else at all...
ASKER
I have stripped down my config and it seems as if the problem could be with the route map.
Interface fa0
ip address 192.168.1.1 255.255.255.0
ip local policy route-map MY_LOCAL_POLICY
access-list 101 permit icmp any host 82.0.0.1
route-map MY_LOCAL_POLICY permit 10
match ip address 101
set interface null0
set ip next-hop 192.168.1.101
If i enter the above basic config i can ping 82.0.0.1 without any problems. If i add a default route of 'ip route 0.0.0.0 0.0.0.0 192.168.1.110' i can still ping 82.0.0.1
If I delete the above default route and add 'ip route 0.0.0.0 0.0.0.0 dialer0' I can no longer ping 82.0.0.1.
Is this expected behavior?
Interface fa0
ip address 192.168.1.1 255.255.255.0
ip local policy route-map MY_LOCAL_POLICY
access-list 101 permit icmp any host 82.0.0.1
route-map MY_LOCAL_POLICY permit 10
match ip address 101
set interface null0
set ip next-hop 192.168.1.101
If i enter the above basic config i can ping 82.0.0.1 without any problems. If i add a default route of 'ip route 0.0.0.0 0.0.0.0 192.168.1.110' i can still ping 82.0.0.1
If I delete the above default route and add 'ip route 0.0.0.0 0.0.0.0 dialer0' I can no longer ping 82.0.0.1.
Is this expected behavior?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I understand that I dont want the ICMP packets generated by the router to go out any other interface other then to the next hop 192.168.1.101. What i was saying is that the pings stop even though the route specified in the route-map is still up.
I have just setup a lab where a PC is 82.0.0.1 with ethereal installed. With the basic config above I am receiving packets but as soon as I add the default route to the dialer interface they stop??
I think I am getting myself confused now but its kinda trying to simulate the situation that when the track goes down and the dialer interface becomes the primary route, that ICMP packets from the router completly stop to the next hop of 192.168.1.101 even though it is still up. It like it takes over as the default route for everything on the router.
I think the only work around to doing this is to install a basic adsl modem with an ip address within the 192.168.1.0 subnet and use that as the backup route
Thanks for your help, Definatley got me pulling my hair out :)
I have just setup a lab where a PC is 82.0.0.1 with ethereal installed. With the basic config above I am receiving packets but as soon as I add the default route to the dialer interface they stop??
I think I am getting myself confused now but its kinda trying to simulate the situation that when the track goes down and the dialer interface becomes the primary route, that ICMP packets from the router completly stop to the next hop of 192.168.1.101 even though it is still up. It like it takes over as the default route for everything on the router.
I think the only work around to doing this is to install a basic adsl modem with an ip address within the 192.168.1.0 subnet and use that as the backup route
Thanks for your help, Definatley got me pulling my hair out :)
http://www.cisco.com/en/US/products/sw/iosswrel/ps5413/products_feature_guide09186a00801d862d.html
Where only the primary route is monitored and using a floating static default with higher metric?