Thanks Pavel
----- Original Message -----
From: "Pavel Bykov"
To: "Joe Astorino"
Cc: "Jafar T" , ccielab_at_groupstudy.com, "Bryan Bartik"
Subject: Re: a routing question
Date: Wed, 22 Apr 2009 08:05:03 +0200
I believe this is the best solution as well. Just don't make it ping
google, or some other subnet further inside ISP, because that will
result in flapping:
1. DSL failed
2. SLA triggers failover
3. Router B is primary
4. SLA detect connectivity
5. Router A is primary... connectivity is lost. GO TO 2
So you need to ping IP address on the other side of DSL interface,
because that subnet will never be reachable through Router B if it is
down.
On Wed, Apr 22, 2009 at 5:26 AM, Joe Astorino <joe_astorino_at_comcast.net>
wrote:
Well, once your DSL comes back up, your SLA will come back up,
which will trigger your static default route to be entered back
into your routing table....and that will have a lower AD than the
one learned from router B so you will be all set. It's completely
dynamic.
"He not busy being born is busy dying" -- Dylan
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.7 (MingW32) - WinPT 1.2.0
mQGiBEY2qu8RBAD0E7Ydspmpn9/rRfd614pvDaqj4GKAUeWpc8NNJ3xNU9C5TAKg
Ta/52f2DvxgPlw6m7W66AJP0HZODw2ameQ9tNMrz3upKRA+ISFaqkJa99UOTdLGC
W/HtHWZNUJDopBHm3j/TBAAhI0EWvcNIudbHx5zYY4osfDNMaIXYaySwIwCg61Db
RuST/K0PlSUFK9o6AqTmrcsD/ReQLYK/OEzZBQsPBqMD68ADtdYyIA3VZ7nhWCzc
YODiBl36XIskcwyVAnU9YXs/Hf96MfI1R2fvYGW8jJ4WHb3wT1JxgiUG4rUbA2L3
doxNseggGrKC31njFynVuOpdd/TRfsqzV3Yv5MGFPkNG3w/AoiRtwoMZFUtAox3j
EWbBA/4mYkTKS/Rfgpv7QQHj4ajCHsTL/JNSN8LARwbBomUFdJ+0xdNdr7Ax1zC4
FEUfP0plRMLMypKPSNYzlIF8dKGwW2I8hUMfQpmIBA4BXBE0/mbv21lU2AzTkvb1
FssbIzhCkx3mMzESgYIwnnNkJBatTfFqKOxGm//G7s2y1eFPsrQnSm9lIEFzdG9y
aW5vIDxqb2VfYXN0b3Jpbm9AY29tY2FzdC5uZXQ+iGAEExECACAFAkY2qu8CGwMG
CwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRAb4dzwEzSi9chbAKCTz89zl4etDIdD
Hewo7LNEmfT8uQCgmbneQqTT5VyIEx75nG5KzJh2K2m5Ag0ERjaq7xAIALgM2fwR
tuhRNrwvkYFXTA5grAnnhGqFXPfLt5YlU86QLdu3Z9WJcAAHck1HMCUxdm0gZyNu
q5XQnmr76dbWjftQ+mxYAdhZGjjGV1OQyjfyUoLbxyR0jvaLUTFvMmtxFsHpJvEc
VLscWZUvjPbpcg/BH8EWbDUSCJc70EZMW6TpjyL+1Eq6+n4KB+IWDnn603U3vYFj
ExVfg2CqTIzC/mxAGQ/lg1ujKBnL/VemGpjZzL8jyYVLhAtASTWnwuaL1Sf2kCYh
fApP+06YxkQ39BrJmi7Dg6s5zeRu4le57kPLVAGK0ZYRbaq5asAi9Ni5j/ZLdh/b
F3oUgAOTPQtqbi8AAwUH/1n9jpOXRX7LsfsI5K4gVhHYPUYuy5WuRRxJZ6Y1JbOq
UfePLg+cutaxE8RAvEY1VZvNTvEt7UYPoA3qR3lb4IzLqJimbbKGhhVdHIOYLGnz
nxiwfo4S+my9GEYKLb3iHIR1DCfihhDryVlFYGAMCPNh0w2sNSSenP4cZBuD6V1J
QLitW9aZoURMvtFYU8aO/BlZ7hVlRVNU5juwwAM5t2n2gBeRhMthaAR7OApDypvB
1TM+BeSDchieEAFNkX4leSMbFgP3CJmAXMJXKj8MQmsR8gdccUHGplGFI6IzNklm
L/eWLdhAZsM+LsAo4MpoJzPoQyFIH7wmIPm4b/z7YZmISQQYEQIACQUCRjaq7wIb
DAAKCRAb4dzwEzSi9XiWAKCdDtdnTW9X/6rHxQL/obNiZsEtEwCgrlmYisNacJyf
74k/eLaYWYqu7YI=
=8HMA
-----END PGP PUBLIC KEY BLOCK-----
----- Original Message -----
From: "Jafar T" <jafar_at_paris.com>
To: "Joe Astorino" <joe_astorino_at_comcast.net>
Cc: ccielab_at_groupstudy.com, "Bryan Bartik" <bbartik_at_ipexpert.com>,
"Jafar T" <jafar_at_paris.com>
Sent: Tuesday, April 21, 2009 11:23:40 PM GMT -05:00 US/Canada
Eastern
Subject: Re: a routing question
where to find a good sample for this config, and would this work,
even the ip address is now rechable thru router B ?
how to fall back from it once dsl link is up
thx
----- Original Message -----
From: "Joe Astorino"
To: "Joe Astorino"
Cc: ccielab_at_groupstudy.com, "Bryan Bartik" , "Jafar T"
Subject: Re: a routing question
Date: Wed, 22 Apr 2009 03:06:30 +0000 (UTC)
*edit* I meant the default route coming from router B would have
a
HIGHER AD , and thus be less preferable.
"He not busy being born is busy dying" -- Dylan
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.7 (MingW32) - WinPT 1.2.0
mQGiBEY2qu8RBAD0E7Ydspmpn9/rRfd614pvDaqj4GKAUeWpc8NNJ3xNU9C5TAKg
Ta/52f2DvxgPlw6m7W66AJP0HZODw2ameQ9tNMrz3upKRA+ISFaqkJa99UOTdLGC
W/HtHWZNUJDopBHm3j/TBAAhI0EWvcNIudbHx5zYY4osfDNMaIXYaySwIwCg61Db
RuST/K0PlSUFK9o6AqTmrcsD/ReQLYK/OEzZBQsPBqMD68ADtdYyIA3VZ7nhWCzc
YODiBl36XIskcwyVAnU9YXs/Hf96MfI1R2fvYGW8jJ4WHb3wT1JxgiUG4rUbA2L3
doxNseggGrKC31njFynVuOpdd/TRfsqzV3Yv5MGFPkNG3w/AoiRtwoMZFUtAox3j
EWbBA/4mYkTKS/Rfgpv7QQHj4ajCHsTL/JNSN8LARwbBomUFdJ+0xdNdr7Ax1zC4
FEUfP0plRMLMypKPSNYzlIF8dKGwW2I8hUMfQpmIBA4BXBE0/mbv21lU2AzTkvb1
FssbIzhCkx3mMzESgYIwnnNkJBatTfFqKOxGm//G7s2y1eFPsrQnSm9lIEFzdG9y
aW5vIDxqb2VfYXN0b3Jpbm9AY29tY2FzdC5uZXQ+iGAEExECACAFAkY2qu8CGwMG
CwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRAb4dzwEzSi9chbAKCTz89zl4etDIdD
Hewo7LNEmfT8uQCgmbneQqTT5VyIEx75nG5KzJh2K2m5Ag0ERjaq7xAIALgM2fwR
tuhRNrwvkYFXTA5grAnnhGqFXPfLt5YlU86QLdu3Z9WJcAAHck1HMCUxdm0gZyNu
q5XQnmr76dbWjftQ+mxYAdhZGjjGV1OQyjfyUoLbxyR0jvaLUTFvMmtxFsHpJvEc
VLscWZUvjPbpcg/BH8EWbDUSCJc70EZMW6TpjyL+1Eq6+n4KB+IWDnn603U3vYFj
ExVfg2CqTIzC/mxAGQ/lg1ujKBnL/VemGpjZzL8jyYVLhAtASTWnwuaL1Sf2kCYh
fApP+06YxkQ39BrJmi7Dg6s5zeRu4le57kPLVAGK0ZYRbaq5asAi9Ni5j/ZLdh/b
F3oUgAOTPQtqbi8AAwUH/1n9jpOXRX7LsfsI5K4gVhHYPUYuy5WuRRxJZ6Y1JbOq
UfePLg+cutaxE8RAvEY1VZvNTvEt7UYPoA3qR3lb4IzLqJimbbKGhhVdHIOYLGnz
nxiwfo4S+my9GEYKLb3iHIR1DCfihhDryVlFYGAMCPNh0w2sNSSenP4cZBuD6V1J
QLitW9aZoURMvtFYU8aO/BlZ7hVlRVNU5juwwAM5t2n2gBeRhMthaAR7OApDypvB
1TM+BeSDchieEAFNkX4leSMbFgP3CJmAXMJXKj8MQmsR8gdccUHGplGFI6IzNklm
L/eWLdhAZsM+LsAo4MpoJzPoQyFIH7wmIPm4b/z7YZmISQQYEQIACQUCRjaq7wIb
DAAKCRAb4dzwEzSi9XiWAKCdDtdnTW9X/6rHxQL/obNiZsEtEwCgrlmYisNacJyf
74k/eLaYWYqu7YI=
=8HMA
-----END PGP PUBLIC KEY BLOCK-----
----- Original Message -----
From: "Joe Astorino"
To: "Jafar T"
Cc: ccielab_at_groupstudy.com, "Bryan Bartik"
Sent: Tuesday, April 21, 2009 11:02:14 PM GMT -05:00 US/Canada
Eastern
Subject: Re: a routing question
I did something similar to this before. Building on what Bryan
said, setup ip sla to do something like ping the default gateway
your DSL ISP gives you. At the same time, have router B advertise
a
default route to router A. So, router A should have a static
default route tied to the SLA pointing to your DSL, and a default
route with a lower AD advertised from router B. If the SLA ping
fails, your static route goes away and the one being advertised
from router B kicks in.
"He not busy being born is busy dying" -- Dylan
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.7 (MingW32) - WinPT 1.2.0
mQGiBEY2qu8RBAD0E7Ydspmpn9/rRfd614pvDaqj4GKAUeWpc8NNJ3xNU9C5TAKg
Ta/52f2DvxgPlw6m7W66AJP0HZODw2ameQ9tNMrz3upKRA+ISFaqkJa99UOTdLGC
W/HtHWZNUJDopBHm3j/TBAAhI0EWvcNIudbHx5zYY4osfDNMaIXYaySwIwCg61Db
RuST/K0PlSUFK9o6AqTmrcsD/ReQLYK/OEzZBQsPBqMD68ADtdYyIA3VZ7nhWCzc
YODiBl36XIskcwyVAnU9YXs/Hf96MfI1R2fvYGW8jJ4WHb3wT1JxgiUG4rUbA2L3
doxNseggGrKC31njFynVuOpdd/TRfsqzV3Yv5MGFPkNG3w/AoiRtwoMZFUtAox3j
EWbBA/4mYkTKS/Rfgpv7QQHj4ajCHsTL/JNSN8LARwbBomUFdJ+0xdNdr7Ax1zC4
FEUfP0plRMLMypKPSNYzlIF8dKGwW2I8hUMfQpmIBA4BXBE0/mbv21lU2AzTkvb1
FssbIzhCkx3mMzESgYIwnnNkJBatTfFqKOxGm//G7s2y1eFPsrQnSm9lIEFzdG9y
aW5vIDxqb2VfYXN0b3Jpbm9AY29tY2FzdC5uZXQ+iGAEExECACAFAkY2qu8CGwMG
CwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRAb4dzwEzSi9chbAKCTz89zl4etDIdD
Hewo7LNEmfT8uQCgmbneQqTT5VyIEx75nG5KzJh2K2m5Ag0ERjaq7xAIALgM2fwR
tuhRNrwvkYFXTA5grAnnhGqFXPfLt5YlU86QLdu3Z9WJcAAHck1HMCUxdm0gZyNu
q5XQnmr76dbWjftQ+mxYAdhZGjjGV1OQyjfyUoLbxyR0jvaLUTFvMmtxFsHpJvEc
VLscWZUvjPbpcg/BH8EWbDUSCJc70EZMW6TpjyL+1Eq6+n4KB+IWDnn603U3vYFj
ExVfg2CqTIzC/mxAGQ/lg1ujKBnL/VemGpjZzL8jyYVLhAtASTWnwuaL1Sf2kCYh
fApP+06YxkQ39BrJmi7Dg6s5zeRu4le57kPLVAGK0ZYRbaq5asAi9Ni5j/ZLdh/b
F3oUgAOTPQtqbi8AAwUH/1n9jpOXRX7LsfsI5K4gVhHYPUYuy5WuRRxJZ6Y1JbOq
UfePLg+cutaxE8RAvEY1VZvNTvEt7UYPoA3qR3lb4IzLqJimbbKGhhVdHIOYLGnz
nxiwfo4S+my9GEYKLb3iHIR1DCfihhDryVlFYGAMCPNh0w2sNSSenP4cZBuD6V1J
QLitW9aZoURMvtFYU8aO/BlZ7hVlRVNU5juwwAM5t2n2gBeRhMthaAR7OApDypvB
1TM+BeSDchieEAFNkX4leSMbFgP3CJmAXMJXKj8MQmsR8gdccUHGplGFI6IzNklm
L/eWLdhAZsM+LsAo4MpoJzPoQyFIH7wmIPm4b/z7YZmISQQYEQIACQUCRjaq7wIb
DAAKCRAb4dzwEzSi9XiWAKCdDtdnTW9X/6rHxQL/obNiZsEtEwCgrlmYisNacJyf
74k/eLaYWYqu7YI=
=8HMA
-----END PGP PUBLIC KEY BLOCK-----
----- Original Message -----
From: "Jafar T"
To: "Bryan Bartik"
Cc: ccielab_at_groupstudy.com
Sent: Tuesday, April 21, 2009 10:49:44 PM GMT -05:00 US/Canada
Eastern
Subject: Re: a routing question
thanks for the idea,
but will not work, i always want A to use that static to
firewall, i just
want A to fail over if the dsl on the far far side of that
fireall drops,
in other words, if the dsl drops, A switch to B
how can i do this tweak, without changing the FW config ?
thanks
----- Original Message -----
From: "Bryan Bartik"
To: "Jafar T"
Cc: ccielab_at_groupstudy.com
Subject: Re: a routing question
Date: Tue, 21 Apr 2009 20:29:42 -0600
It sounds like you need Router A to recognize when it should no
longer use
it's static default route, remove it, and then use the route
towards
B. You
can create an SLA Tracker and tie it to the route. One thing you
would watch
out for is that whatever you track through the firewall is not
reachable
through Router B, otherwise the tracker would pass and the route
would come
up again. Although, maybe you could tweak the tracker to
differentiate...Any
other ideas?
Bryan Bartik
CCIE #23707, CCNP
Sr. Support Engineer - IPexpert, Inc.
URL: http://www.IPexpert.com
On Tue, Apr 21, 2009 at 8:02 PM, Jafar T wrote:
> hi team, i have a scenario,
isp.......routerB......mpls/BGP.......router
A.....firewall.....dsl...isp
>
> routeb, needs to act as a failover for A internet traffic
router
> A, only has a static route to Firewall interface, routerA, will
> never detect the the dsl link down, since it is on
another
> subnet so no matter what router B advertise, floting
> static..default originate....etc it willl be no good for A, it
> can see that in the table, looks
good, but
> will never be activated as a another default route, since A
always
will
> see the static route to firewall, and it looks fine as far as
the
router
> a can tell, how can you change that, without enable a routing
> protocol on the firewall, in another words,
without
> doing any changes on the firewall ? cheers JT -- It's News.
It's
> Reviews. It's Interviews. It's Free. What Are You
Waiting
> For? www.movieline.com Blogs and organic groups at
http://www.ccie.net
_______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
--
Blogs and organic groups at http://www.ccie.net
_______________________________________________________________________
Subscription information may be found at:
http://www.groupstudy.com/list/CCIELab.html
--
It's News. It's Reviews. It's Interviews. It's Free. What Are You
Waiting
For?
www.movieline.com
Blogs and organic groups at http://www.ccie.net
_______________________________________________________________________
Subscription information may be found at:
http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
_______________________________________________________________________
Subscription information may be found at:
http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
_______________________________________________________________________
Subscription information may be found at:
http://www.groupstudy.com/list/CCIELab.html
--
It's News. It's Reviews. It's Interviews. It's Free. What Are You
Waiting For?
www.movieline.com !
Blogs and organic groups at http://www.ccie.net
_______________________________________________________________________
Subscription information may be found at:
http://www.groupstudy.com/list/CCIELab.html
--
Pavel Bykov
----------------
Don't forget to help stopping the braindumps, use of which reduces
value of your certifications. Sign the petition at
http://www.stopbraindumps.com/
-- It's News. It's Reviews. It's Interviews. It's Free. What Are You Waiting For? www.movieline.com Blogs and organic groups at http://www.ccie.netReceived on Wed Apr 22 2009 - 01:36:54 ART
This archive was generated by hypermail 2.2.0 : Mon May 04 2009 - 07:39:12 ART