Solved

Failover Default Routes

Posted on 2009-07-07
9
1,424 Views
Last Modified: 2012-05-07
Hi Experts,
My first post, so go easy on me....

Brief Background info; I have 2 sites:-
1. Production
2. DR/Backup

-We have seperate internet feeds to both sites.
-Failover of services (Market Data, AD, SQL) Clustering (Exchange, Data etc.)
-The network has been spanned 10.100.0.0/16 given MS2003 clustering requires the same network addressing to work correctly (According to the MS specialist here).
-Production site I am running 2 x c3560G and I have implemented HSRP on particular VLANS
for localised redundancy.
-DR site currently 1 c3560g with required VLANS and routes setup(VPN traffic via Firewall only) - routing and VLANs required here for DR purposes - i.e. if the PROD site gets blown up!
-10mb LES link Site2Site - Required VLANS trunked across (dot1q)
-All works as it should

However, I need to weight the default routes out to the internet; thus in the event that we loose Internet connectivity at PROD, the secondary default route will take over and route traffic via the DR Internet link.

I have tried to set up the following, after some reading on EE and Cisco

0.0.0.0 0.0.0.0 10.100.150.50
0.0.0.0 0.0.0.0 10.100.150.30 50

I 'pulled the plug' on the internet feed at PROD, however the 2nd route never took over.

I tested this further by removing the first default route on the Core and pointed to 10.100.150.30
only...i could browse the inetrnet no problem.

Any advice would be much appreciated guys - and I hope this all makes sense!!

Cheers
0
Comment
Question by:Hullabeano
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
9 Comments
 
LVL 16

Expert Comment

by:memo_tnt
ID: 24793717
hi
keep the 1st route as it's but
the 2nd must be like this

ip route 0.0.0.0 0.0.0.0 (WAN.interface) 10.100.150.30 50
0
 

Author Comment

by:Hullabeano
ID: 24793763
Hi,
 
Thanks for answer.
So, to be sure as the Cores are C3560G switches; I would add the following:-
ip route 0.0.0.0 0.0.0.0 gi 0/XX 10.100.150.30 50
 
Thx
0
 
LVL 8

Accepted Solution

by:
bsohn417 earned 125 total points
ID: 24794338
above is only true if the directly connected interface fails. Which is hardly the case. Failer is WAN links and you should track WAN link to choose path.

you should look in to IP SLA Echo,

This is good way to track the path, if path fails than it will auto take the 2nd route.
0
Don't miss ATEN at NAB Show April 24-27!

Visit ATEN at NAB Show to learn how our "Seamlessly Entertaining" solutions deliver fast, precise video streaming without delays for the broadcasting and media environment. ATEN will showcase its 16x16 Modular Matrix Switch (VM1600) and KVM Over IP Solution (KE6900 series).

 

Author Comment

by:Hullabeano
ID: 24812110
IP SLA looks to be very useful, but I can't run it on my 3560's
#sh ver
WS-C3560G-24TS     12.2(35)SE5             C3560-IPBASE-M
0
 
LVL 16

Expert Comment

by:memo_tnt
ID: 24833535
is it solved here ??
0
 

Author Comment

by:Hullabeano
ID: 24838110
Nope..
Sorry for slow response, as I work for a Stockbroker staff are here between 06:30 and 20:00 daily, so the weekend is my test window!
I tried your suggestion with WAN.Link in a number of different ways; however, I receive the following:- %Must specify a L3 port as the next hop interface
As my site to site connection is a Trunk on a switch port gi 0/20...i need to find another way to fail that route to the Disaster Recovery site Internet Gateway. Perhaps HSRP with Standby timers.
IP SLA would be useful although it isn't supported on the version of IOS we are running, and as we don't have the SmartNET contracts ready yet I cannot upgrade!
Any other suggestions in the meantime would be greatlfully received :-)
 
Thanks
 
 
 
0
 
LVL 16

Expert Comment

by:memo_tnt
ID: 24838303
plz send you current config.. remove password,,
0
 

Author Comment

by:Hullabeano
ID: 24838490
See config for Core SCM-SW02...
SCM-SW01 the same with Standby Timers and HRSP addresses configured for correct failover
Routing

Gateway of last resort is 10.100.150.50 to network 0.0.0.0
     69.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
S       69.191.192.0/18 [1/0] via 10.100.60.12
S       69.184.0.0/16 [1/0] via 10.100.60.12
S    206.156.53.0/24 [1/0] via 10.100.60.12
S    205.216.112.0/24 [1/0] via 10.100.60.12
S    208.22.56.0/24 [1/0] via 10.100.60.12
S    208.134.161.0/24 [1/0] via 10.100.60.12
     208.184.40.0/32 is subnetted, 1 subnets
S       208.184.40.10 [1/0] via 10.100.150.50
S    208.22.57.0/24 [1/0] via 10.100.60.12
S    205.183.246.0/24 [1/0] via 10.100.60.12
     160.43.0.0/24 is subnetted, 1 subnets
S       160.43.250.0 [1/0] via 10.100.60.12
     10.0.0.0/8 is variably subnetted, 13 subnets, 3 masks
S       10.34.50.11/32 [1/0] via 10.100.150.50
S       10.22.5.0/24 [1/0] via 10.100.61.5
S       10.22.6.0/24 [1/0] via 10.100.61.6
C       10.100.40.0/24 is directly connected, Vlan40
C       10.100.60.0/24 is directly connected, Vlan60
C       10.100.61.0/29 is directly connected, Vlan61
C       10.100.50.0/24 is directly connected, Vlan50
C       10.100.10.0/24 is directly connected, Vlan10
C       10.100.11.0/24 is directly connected, Vlan11
C       10.100.30.0/24 is directly connected, Vlan30
C       10.100.20.0/24 is directly connected, Vlan20
C       10.100.21.0/24 is directly connected, Vlan21
C       10.100.150.0/24 is directly connected, Vlan500
S*   0.0.0.0/0 [1/0] via 10.100.150.50
S    199.105.176.0/21 [1/0] via 10.100.60.12
S    199.105.184.0/23 [1/0] via 10.100.60.12
 
 

SCM-SW02-update.doc
0
 

Author Closing Comment

by:Hullabeano
ID: 31600532
unsolved
0

Featured Post

Save the day with this special offer from ATEN!

Save 30% on the CV211 using promo code EXPERTS30 now through April 30th. The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question