2 WAN links failover setup
Hello all, this is my 1st questions in this forum. hopefully, I am in the correct place. if not, my apologies.
Hoping to get some guidance on dual WAN links configuration... here goes...
I presently have 1 x 100mb fibre from Rogers as our main WAN link. actually, I also have 100mb BELL MPLS as well, soon to be decommissioned. Also have 2 x 3750 cisco - stacked.
We recently got another 100mb link to be used as our backup link if the primary fails.
Rogers primary - EIGRP
Bell - OSPF
Rogers Backup - will be EIGRP
presently have VLAN 340 carved out for PRIMARY link. will use VLAN 350 for BACKUP.
like to get some guidance how to configure the 2nd link to be a failover link in case the PRIMARY goes down.
I am no way a routing expert...
what would be an acceptable configuration that I can apply? Nothing fancy, just wanted to make backup link available as quickly as possible when primary goes down.
this is what I presently have in my PRIMARY EIGRP:
router eigrp 1
network 10.30.0.7 0.0.0.0
network 192.168.30.1 0.0.0.0
network 192.168.31.1 0.0.0.0
network 192.168.32.1 0.0.0.0
network 192.168.33.1 0.0.0.0
network 192.168.36.1 0.0.0.0
network 192.168.37.1 0.0.0.0
network 192.168.130.1 0.0.0.0
redistribute ospf 1 metric 1500 20000 255 1 1500
redistribute static
passive-interface default
no passive-interface Vlan340
the OSPF lines will go away eventually.
is it best to use VLAN or L3 interface? does it matter or is it just a preference?
please let me know what questions you have in order to me with the config.
Many thanks in advance!
Regards,
HMan!
Hoping to get some guidance on dual WAN links configuration... here goes...
I presently have 1 x 100mb fibre from Rogers as our main WAN link. actually, I also have 100mb BELL MPLS as well, soon to be decommissioned. Also have 2 x 3750 cisco - stacked.
We recently got another 100mb link to be used as our backup link if the primary fails.
Rogers primary - EIGRP
Bell - OSPF
Rogers Backup - will be EIGRP
presently have VLAN 340 carved out for PRIMARY link. will use VLAN 350 for BACKUP.
like to get some guidance how to configure the 2nd link to be a failover link in case the PRIMARY goes down.
I am no way a routing expert...
what would be an acceptable configuration that I can apply? Nothing fancy, just wanted to make backup link available as quickly as possible when primary goes down.
this is what I presently have in my PRIMARY EIGRP:
router eigrp 1
network 10.30.0.7 0.0.0.0
network 192.168.30.1 0.0.0.0
network 192.168.31.1 0.0.0.0
network 192.168.32.1 0.0.0.0
network 192.168.33.1 0.0.0.0
network 192.168.36.1 0.0.0.0
network 192.168.37.1 0.0.0.0
network 192.168.130.1 0.0.0.0
redistribute ospf 1 metric 1500 20000 255 1 1500
redistribute static
passive-interface default
no passive-interface Vlan340
the OSPF lines will go away eventually.
is it best to use VLAN or L3 interface? does it matter or is it just a preference?
please let me know what questions you have in order to me with the config.
Many thanks in advance!
Regards,
HMan!
ASKER
If I were to create a 2nd EIGRP group, how do I configure to the backup link?
ie:
router eigrp 10
network x.x.x.x 0.0.0.0
network 192.168.30.1 0.0.0.0
network 192.168.31.1 0.0.0.0
network 192.168.32.1 0.0.0.0
network 192.168.33.1 0.0.0.0
network 192.168.36.1 0.0.0.0
network 192.168.37.1 0.0.0.0
network 192.168.130.1 0.0.0.0
redistribute static
passive-interface default
no passive-interface Vlanxxx
How do I make the PRIMARY link most favorable route.
Thanks again.
ie:
router eigrp 10
network x.x.x.x 0.0.0.0
network 192.168.30.1 0.0.0.0
network 192.168.31.1 0.0.0.0
network 192.168.32.1 0.0.0.0
network 192.168.33.1 0.0.0.0
network 192.168.36.1 0.0.0.0
network 192.168.37.1 0.0.0.0
network 192.168.130.1 0.0.0.0
redistribute static
passive-interface default
no passive-interface Vlanxxx
How do I make the PRIMARY link most favorable route.
Thanks again.
You need IPSLA bro! and redistribute static route through OSPF or EIRGP
Also you will need a route map and nat as well.
That's how I have it done at work.
Here is a link to help you out
Follow up here.
http://www.ciscozine.com/using-ip-sla-to-change-routing/
Also you will need a route map and nat as well.
That's how I have it done at work.
Here is a link to help you out
Follow up here.
http://www.ciscozine.com/using-ip-sla-to-change-routing/
Generally you may not need to create new AS for EIGRP, or IP SLA.
Not sure that I understand your topology (drawing would help), but...
The simplest way to do this is to have just one EIGRP. On secondary link just create summary route for your existing networks and advertise default route with bad metric or AD (on secondary link).
Longest prefix match is more important than metric or AD.
Not sure that I understand your topology (drawing would help), but...
The simplest way to do this is to have just one EIGRP. On secondary link just create summary route for your existing networks and advertise default route with bad metric or AD (on secondary link).
Longest prefix match is more important than metric or AD.
Predrag, he needs PBR in other to do so, otherwise how are you going to send traffic to which destination
H MAN:
Follow this example, make sure you replace your ip addresses.
1) Configure each WAN interface to connect to each ISP, respectively:
interface FastEthernet0/0
description Primary-Wan
ip address 101.1.1.1 255.255.255.252
ip nat outside
interface FastEthernet0/1
description backup-Wan
ip address 102.1.1.1 255.255.255.252
ip nat outside
2) Create the Route Maps that will be used for NATting traffic:
route-map backup permit 20 -- name of the Policy Base routing-- Backup--
match ip address internet
match interface FastEthernet0/1
route-map primary permit 10 name of the Policy Base routing-- Primary
match ip address internet
match interface FastEthernet0/0
3) Configure Lan interface
interface FastEthernet1/0
ip address 192.168.1.1 255.255.255.0
ip nat inside
Note: ACL internet allows traffic from the LAN.
ip access-list extended internet " I used ip access-list extended internet" basically I'm giving a name to my access list
permit ip any any
4) Configure the two NAT statements required so that either interface can provide NATting, out each respective WAN interface:
ip nat inside source route-map backup interface FastEthernet0/1 overload
ip nat inside source route-map primary interface FastEthernet0/0 overload
5) Update your static routes:
ip route 0.0.0.0 0.0.0.0 101.1.1.2 10
ip route 0.0.0.0 0.0.0.0 102.1.1.2 20
If you want automation then you need IPSLA that way if one link goes down the other link will take over within seconds
H MAN:
Follow this example, make sure you replace your ip addresses.
1) Configure each WAN interface to connect to each ISP, respectively:
interface FastEthernet0/0
description Primary-Wan
ip address 101.1.1.1 255.255.255.252
ip nat outside
interface FastEthernet0/1
description backup-Wan
ip address 102.1.1.1 255.255.255.252
ip nat outside
2) Create the Route Maps that will be used for NATting traffic:
route-map backup permit 20 -- name of the Policy Base routing-- Backup--
match ip address internet
match interface FastEthernet0/1
route-map primary permit 10 name of the Policy Base routing-- Primary
match ip address internet
match interface FastEthernet0/0
3) Configure Lan interface
interface FastEthernet1/0
ip address 192.168.1.1 255.255.255.0
ip nat inside
Note: ACL internet allows traffic from the LAN.
ip access-list extended internet " I used ip access-list extended internet" basically I'm giving a name to my access list
permit ip any any
4) Configure the two NAT statements required so that either interface can provide NATting, out each respective WAN interface:
ip nat inside source route-map backup interface FastEthernet0/1 overload
ip nat inside source route-map primary interface FastEthernet0/0 overload
5) Update your static routes:
ip route 0.0.0.0 0.0.0.0 101.1.1.2 10
ip route 0.0.0.0 0.0.0.0 102.1.1.2 20
If you want automation then you need IPSLA that way if one link goes down the other link will take over within seconds
ASKER
Thank you all very much for your guidance. I will review in the meantime.
Cheers!
Cheers!
Predrag, he needs PBR in other to do so, otherwise how are you going to send traffic to which destinationPBRs are needed for routing based on source IP address. As I understood the issue there is no such request, only failover of traffic to secondary link when primary link fails and that all sites are exchanging routes to each other. If I understood correctly, than basically, what is needed for that is in previous post (sure can be topology dependent, but general idea is there).
Since he's asking for "dual wan" makes me think he wants redundancy.
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
https://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/10116-36.html