Options for routing single Extreme switch connected to two Cisco routers depending on router/tunnel state

What I am looking into are different options that might be available to routing data between an Extreme 450a to one of two Cisco routers depending on whether router has failed OR the other end of the tunnel which resides at Verizon is down.

The only thing I can find is a little information on ping tracking but would like to know if there is any other methods to changing a route depending on the router or more importantly the tunnel state.

I thought about some type ping to the far side of the GRE tunnel but really this is a new thing that I am not quite sure how to do.

I added an attachment that has the area circled in red to illustrate the Extreme switch connected to two Cisco routers and what we are trying to do.

Thank you for any help in advance.
Verizon-Wireless-Private-Network.jpg
MCSFAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

rauenpcCommented:
Without knowing the configs, its a little hard to say, but you might be able to use the FHRP option and utilize something like HSRP or VRRP. This would allow you to set a single next hop IP for the networks in question and the Cisco routers would decide which router is active depending on interface status, route status, etc.
0
MCSFAuthor Commented:
Thanks guys for the replies.

Rauenpc, I originally looked into doing something like that but it ended up being bit overkill for what we needed. I think you need to implement ESRP for layer 2 or something similar with VRRP which would also have required purchasing additional hardware for connections and a second switch for the VRRP config. I have never used HSRP but did read up on it a bit.

Agonza07, we needed to have that check happen at the Extreme side (before it hits the Cisco routers). Unfornately Extreme doesn't have anything like IP SLA.

The closet thing Extreme has to a Cisco IP SLA is scripting with a UPM timer profile. They do have something called "Policy-Based Redirection Redundancy" which will ONLY check the next hop of a local VLAN or port. It can NOT check two hops or more out so that wasn't a viable solution for testing the other end of the VPN tunnel.

I basically wrote a script that pings the far side of the VPN tunnel. If the primary fails it updates the routing table to point the subnets to the secondary gateway. Once the primary comes back online it flips the routes back and cleans up the secondary routes. If both tunnels are down it removes all routing until they come back online. I set the script to run every 20 seconds which is working great since the 3rd party software we are using has a 30 second timeout.

I appreciate the help and suggestions and I learned quite a bit doing this project. In the end a simple script on a timer was the answer. I hope in the future Extreme implements something similar to IP SLA since it sure would have made things easier.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
MCSFAuthor Commented:
A simple script with a UPM timer profile was the answer vs. adding and configuring additional hardware.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking Hardware-Other

From novice to tech pro — start learning today.