Thanks. I have a Cisco 3560 switch at home. I used the sla and track configuration. Tested and it worked. I have a MicroTek router connected to Gi0/1 on the switch and that then goes out to the primary ISP. The secondary is Gi0/24 and that connects to an old Wifi router (wifi disabled) ... and then out to 2ndary ISP. This config is just what I needed.
Would you know, please, if your Cisco router sends/receives any data through the failover WAN while using primary WAN? I am using metric cellular data plan for my failover WAN. My current non-Cisco router continuously sends and receives small amounts of data via failover WAN (I assume pings) and therefore unnecessarily consumes my data plan. Can a Cisco router be so configured, that the failover WAN is in complete standby mode and no data at all will be sent/received unless primary WAN failure?
@@ReneKubicka Not in this config. Cisco doesn’t send anything by default and I didn’t include anything in this config that would send traffic over secondary WAN if primary is alive.
Quick question though, I see you cleared nat table after the interface goes down, but somehow the NAT translation does not have to be cleared when the primary link comes up. What's reason for that? Thanks..
Hi, I haven't had the chance to try this setup before. Could you elaborate on the benefits of using a different VRF for your secondary ISP in this context? Is there a specific reason you need two separate routing tables with their own default routes? I'm curious to understand your use case better.
2 questions: 1- does it is possible add a VPN setup here to take advantage of the failover and 2- when it should be used other routing protocols like OSPF or BGP?
1. Yes, but you gotta understand that at any point of time, you should only connect to the IP address of the ISP that is active at that moment. For example use IPS1 IP address and if that won't work, then use second profile from vpn to connect to ISP2 IP address. 2. When there is a need to exchange routes dynamically instead of using static routes.
hi @IT Solutions Network does it is possible to monitor more that only one ip (isp 1 or 2 ) on the interfaces? that's because what happens when google get down for it self?
Yes, it is possible. Configure IP SLA Operations: You'll set up two separate IP SLA operations, each pinging one of the IP addresses you want to monitor. Define Tracking Objects: Create tracking objects for each IP SLA operation. These objects will track the state (up or down) of each operation. Logical AND Tracking: This is key for your requirement. You'd configure a boolean track statement that combines the two tracking objects with a logical AND condition. This means the failover will only be triggered when both tracked objects are down. Integrate with Routing: Use the tracking configuration in your routing protocol or static route configuration to modify routing decisions based on the status of the boolean track object. Remember, the specific commands and configurations might vary depending on your Cisco device's model and IOS version. Here is the example: ! Configure IP SLA operations ip sla 1 icmp-echo 8.8.8.8 source-interface GigabitEthernet0/0 timeout 1000 frequency 5 ip sla schedule 1 life forever start-time now ip sla 2 icmp-echo 1.1.1.1 source-interface GigabitEthernet0/0 timeout 1000 frequency 5 ip sla schedule 2 life forever start-time now ! Define tracking objects track 10 ip sla 1 reachability track 20 ip sla 2 reachability ! Configure logical AND tracking track 30 list boolean and object 10 object 20 ! Use the tracking in routing (example with a static route) ip route 0.0.0.0 0.0.0.0 12.34.56.1 track 30
There is a way, and also depends on the VPN config. If the remote site has only one ISP, the local configuration can get a little ugly, but it’s doable. It’s easier if you do route-based VPN instead of policy- based routing, and then do a routing on the top of it.
@@ITSolutionsNetwork remote side is data centre and we have 2 x - I was thinking maybe if VPN to one data centre goes down, connect to the other data centre vpn
Brilliant, thank you for sharing. Question how could ge leverage some non critical traffic to use backup Internet, such as maybe FTP, SMTP, RSYNC for slow backups, while both connections up. this way have primary failover backup, and some backup failover primary. Also what version of IOS is required for SLA. THX Dinooz
1. If the FTP/etc services are not published, then you can use policy based routing to catch the traffic using route-map and force it to go out using the backup internet. 2. IP SLAs was introduced by Cisco in IOS 12.3(14)T however, the features you get with IP SLAs can vary based on the specific IOS version and platform. Always check the specifics for your setup.
This is gold! Thank you! Please keep them coming like these ones
Thank you!
Wow, this is exactly what I needed. I thought I was going to need two routers with HSRP. This will save me a lot of money. Thank you!
Glad to hear that, thanks for wathching!
I will do this these days and that was excellent guide that will help me a lot.
@@EmilRadkov-z1p thank you.
Thanks. I have a Cisco 3560 switch at home. I used the sla and track configuration. Tested and it worked. I have a MicroTek router connected to Gi0/1 on the switch and that then goes out to the primary ISP. The secondary is Gi0/24 and that connects to an old Wifi router (wifi disabled) ... and then out to 2ndary ISP. This config is just what I needed.
Thank you for your comment!
thank you so much David ,it is very professional and easy to understand .
Thanks for the comment, I appreciate it.
Thank you so much to explain like a complicated concept very easily
@@kerayz4596 you are very welcome.
Would you know, please, if your Cisco router sends/receives any data through the failover WAN while using primary WAN? I am using metric cellular data plan for my failover WAN. My current non-Cisco router continuously sends and receives small amounts of data via failover WAN (I assume pings) and therefore unnecessarily consumes my data plan. Can a Cisco router be so configured, that the failover WAN is in complete standby mode and no data at all will be sent/received unless primary WAN failure?
@@ReneKubicka Not in this config.
Cisco doesn’t send anything by default and I didn’t include anything in this config that would send traffic over secondary WAN if primary is alive.
@@ITSolutionsNetwork Thanks for your reply. Appreciated.
Quick question though, I see you cleared nat table after the interface goes down, but somehow the NAT translation does not have to be cleared when the primary link comes up. What's reason for that? Thanks..
is it possible to do this if your secondary ISP(starlink) is on a different vrf? how difficult is this? could you please do a video regarding that?
Hi, I haven't had the chance to try this setup before.
Could you elaborate on the benefits of using a different VRF for your secondary ISP in this context?
Is there a specific reason you need two separate routing tables with their own default routes? I'm curious to understand your use case better.
2 questions: 1- does it is possible add a VPN setup here to take advantage of the failover and 2- when it should be used other routing protocols like OSPF or BGP?
1. Yes, but you gotta understand that at any point of time, you should only connect to the IP address of the ISP that is active at that moment. For example use IPS1 IP address and if that won't work, then use second profile from vpn to connect to ISP2 IP address.
2. When there is a need to exchange routes dynamically instead of using static routes.
hi @IT Solutions Network does it is possible to monitor more that only one ip (isp 1 or 2 ) on the interfaces? that's because what happens when google get down for it self?
Yes, it is possible.
Configure IP SLA Operations: You'll set up two separate IP SLA operations, each pinging one of the IP addresses you want to monitor.
Define Tracking Objects: Create tracking objects for each IP SLA operation. These objects will track the state (up or down) of each operation.
Logical AND Tracking: This is key for your requirement. You'd configure a boolean track statement that combines the two tracking objects with a logical AND condition. This means the failover will only be triggered when both tracked objects are down.
Integrate with Routing: Use the tracking configuration in your routing protocol or static route configuration to modify routing decisions based on the status of the boolean track object.
Remember, the specific commands and configurations might vary depending on your Cisco device's model and IOS version.
Here is the example:
! Configure IP SLA operations
ip sla 1
icmp-echo 8.8.8.8 source-interface GigabitEthernet0/0
timeout 1000
frequency 5
ip sla schedule 1 life forever start-time now
ip sla 2
icmp-echo 1.1.1.1 source-interface GigabitEthernet0/0
timeout 1000
frequency 5
ip sla schedule 2 life forever start-time now
! Define tracking objects
track 10 ip sla 1 reachability
track 20 ip sla 2 reachability
! Configure logical AND tracking
track 30 list boolean and
object 10
object 20
! Use the tracking in routing (example with a static route)
ip route 0.0.0.0 0.0.0.0 12.34.56.1 track 30
@@ITSolutionsNetwork Thanks a lot! you are a genius , greetings from Monterrey México.
Great Video... Thanks a lot
Thank you.
Thank you for sharing this great video.
How would we do this for router that's running S2S VPN and internet traffic? Is there a way to track both?
There is a way, and also depends on the VPN config.
If the remote site has only one ISP, the local configuration can get a little ugly, but it’s doable.
It’s easier if you do route-based VPN instead of policy- based routing, and then do a routing on the top of it.
@@ITSolutionsNetwork remote side is data centre and we have 2 x - I was thinking maybe if VPN to one data centre goes down, connect to the other data centre vpn
Great explanaition! What if ISP IP set by DHCP? Possible to use port and not IP?
Thanks for the KNowledge
can we have the configuration as a file
Hello again, could you please do a video where the secondary failover is Starlink which is in different VRF please? thanks!!!
I'll check if there is a demand for it.
Hey, I got a starlink and can't find a reason why would you want startlink to be in a separate VRF. Can you elaborate?
Brilliant, thank you for sharing. Question how could ge leverage some non critical traffic to use backup Internet, such as maybe FTP, SMTP, RSYNC for slow backups, while both connections up. this way have primary failover backup, and some backup failover primary. Also what version of IOS is required for SLA.
THX Dinooz
1. If the FTP/etc services are not published, then you can use policy based routing to catch the traffic using route-map and force it to go out using the backup internet.
2. IP SLAs was introduced by Cisco in IOS 12.3(14)T however, the features you get with IP SLAs can vary based on the specific IOS version and platform. Always check the specifics for your setup.
Excellent
Thanks.
Why can't enable my route-map?
whats the specific error you get man ??? whats the config you're using ???