Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Mutiply Default routes

Posted on 2009-04-15
8
Medium Priority
?
363 Views
Last Modified: 2012-05-06
I am looking for a way to set up redundency between two routers

In the digram below, the part in the blue box is out side of my control. These are the two routers that give me access to the out side world, and I can't swap routing information with them.

the two 3650 switchs (Actuly 4506's) run HRSP between them to give me redundency of my defaultgate way IP and act as the main routers for internal routing.

now I currently have routes set up on both the 4506's of

0.0.0.0 0.0.0.0 10.0.0.1 10
0.0.0.0 0.0.0.0 10.0.0.5 20

this seems to wark and means that if the primary router is turned of or the link to it goes down, then the back up router kicks in to life.

however if the primary router loses connection higher up (on its wan side) my 4506's will continue sending packets to that router. Is there any way for me to monitor the "health" of the routers, so the defualt route will automaticaly fail over if nessery.

I hope that explains what I need but if not I can give you more info.

Due to working in side the GSI network I have some restrictions in what I can and can't do. Idealy I dont want to have to make any configeration changes on the WAN routers (doing this could take months of discussions and be high in cost)
Digram.png
0
Comment
Question by:Aaron Street
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
8 Comments
 
LVL 7

Assisted Solution

by:hau_it
hau_it earned 300 total points
ID: 24147837
Hi there if i understand the diagram and what you are saying try the following:

Because you have HSRP enabled you do not need both static default routes.
On switch 0 type ip route 0.0.0.0 0.0.0.0 10.0.0.1
and on switch1  type ip route 0.0.0.0 0.0.0.0 10.0.0.5

in the config that you type above the second switch (switch1) will use the 10.0.0.5 only if the connection between the switches goes down. Otherwise all the packets will take the path through switch1- switch0 router 10.0.0.1

Also in HSRP configure, if youhave not done already, the track interface option
0
 
LVL 7

Expert Comment

by:hau_it
ID: 24147848
Always remember that in HSRP failover happens automatically!!
0
 
LVL 5

Accepted Solution

by:
ionut_mir earned 1200 total points
ID: 24147904
I tried to simulate a scenario close to your network (see the attached picture):

The relevant configuration of R1:

ip sla monitor 1
 type echo protocol ipIcmpEcho 10.3.3.3 source-ipaddr 10.1.1.2
 frequency 5
ip sla monitor schedule 1 start-time now

!
track 2 rtr 1 reachability
!
!
ip route 0.0.0.0 0.0.0.0 10.1.1.1 track 2



Give it a try!
router.JPG
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
LVL 16

Author Comment

by:Aaron Street
ID: 24148048
If you look at the digram below it might make more sence.

I have about 100 swichs hanging of the 4506 switchs with redundent links. The HSRP is set up to make sure that if either of the core 4506 switchs fail, then clients have access to the default gate way.

each 4506 is turn has two links, one to each of the routers.

this part all works fine. my only issue is if one of the routers that I dont have control of loses connection further up stream and my 4506 continue trying to send packets to it.

I think ionut has the right idea. I need to test this out to insure its what I am looking at.

I assume the line "type echo protocol ipIcmpEcho 10.3.3.3 source-ipaddr 10.1.1.2"

dosent have to be the interface of the router (10.3.3.3) but could if I wanted be say Googles ipaddress to check the link the whole way through. (ok I wont use google but I assume any IP address that is pingabable should work?)


Digram.png
0
 
LVL 16

Author Comment

by:Aaron Street
ID: 24148089
OK where do you find IP SLA ? what routers is that running on ?

0
 
LVL 5

Expert Comment

by:ionut_mir
ID: 24148260
I have tested it with two routers (3640), because I can't simulate 4506 :D
I have checked on one of my client's 4506, but there is no command "ip sla..." :(
I will keep looking and try to find an alternative.
0
 
LVL 16

Author Comment

by:Aaron Street
ID: 24148364
OK thank you,

Same here not much seems to simulate layer 3 switchs.

Of course the alternitive is to look in to taking over owneship of the routers. However this could be a lenthy process,

other than that I could purchase two new routers, however then there only function woudl be to monitor the links.
0
 
LVL 16

Author Comment

by:Aaron Street
ID: 24149806
Ok just to make it clear what I am looking for.

In the digram below the right hand PC (192.168.2.0/24) and router are under my control. The three left hand routers and pc are outside of my control. the two IBM switchs are set to forward all traffic to the to the 192.168.2.0 network to my 4506.

And in turn my 4506 has two statice defualt routes back. one to the primary IBM router with a metrix of 10 and one to the secondy with a metrix of 20.

So under normaly conditions all traffic is sent to the primary router..

now if link 1 or 2 goes down, all is well and my 4506 will switch to the alternate IBM router. However if link 3 goes down. my 4506 will continue to send data to the primary router.... and my network will be down.

What I am looking for is a way to detect if link 3 fails. and have my 4506 swap over to use the back up router for forwarding traffic to.

No routing information can be swapped between the IBM routers and the 4506, and I don't want to have to make any config changes on the IBM routers.


update-again.jpg
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question