We are currently using a Netvana 3448 router within our office. We purchased it to support a VPN tunnel to another one of our offices so that we can share the PRI. When it was being setup, I asked the engineers (Adtran Certified) if it was possible to use Eth 0/1 for Internet and Eth 0/2 for Backup internet. I also asked if there was a way to automatically switch from 1 to 2 in the event of an outage. They said that it was possible and that they would build us a configuration that would support this feature.
I have been waiting for them to complete this configuration since March. They have provided multiple excuses and most blame Adtran for not getting back to them. Today, they finally told me that they are not working on it and will not because it was not in the initial scope (even though I offered to pay). Regardless, If there is a way to do this, I would love to know. I would also accept recommendations for a firm that could assist us in making this happen.
There is a way to do this with tracking and setting up a ping probe....
set your interfaces up:
interface eth 0/1
description WAN
speed 100
half-duplex
ip address A.A.A.A 255.255.255.0
ip mtu 1500
no shutdown
!
!
interface eth 0/2
description DSL/Cable
ip address B.B.B.B 255.255.255.0
ip mtu 1500
no shutdown
create a route map
IP local policy route-map "NAME"
create a ping probe:
probe "NAME" icmp-echo
remark ping probe
destination A.A.A.a
source-address A.A.A.A
size 100
data abcd
period 5
tolerance consecutive fail 3 pass 1
no shutdown
set up a track :
track "NAME"
remark track ping probe
snmp trap state-change
test if probe bristol_probe
no shutdown
set up a route map:
route-map pingprobe permit 10
remark forces ping probe to static route
match ip address ping
set ip next-hop A.A.A.A
set interface null 0
set up the ACL:
ip access-list extended ping
remark ACL for ping
permit ip host A.A.A.a host A.A.A.A
set up your routes:
ip route 0.0.0.0 0.0.0.0 A.A.A.A track NAME_probe (normal router)
ip route 0.0.0.0 0.0.0.0 B.B.B.B 10 (Fail over route)
Of course you will have to tweak it for your own addresses and such but this will work for a fail over situation in the event that you main path goes down
SS
There is a way to do this with tracking and setting up a ping probe....
set your interfaces up:
interface eth 0/1
description WAN
speed 100
half-duplex
ip address A.A.A.A 255.255.255.0
ip mtu 1500
no shutdown
!
!
interface eth 0/2
description DSL/Cable
ip address B.B.B.B 255.255.255.0
ip mtu 1500
no shutdown
create a route map
IP local policy route-map "NAME"
create a ping probe:
probe "NAME" icmp-echo
remark ping probe
destination A.A.A.a
source-address A.A.A.A
size 100
data abcd
period 5
tolerance consecutive fail 3 pass 1
no shutdown
set up a track :
track "NAME"
remark track ping probe
snmp trap state-change
test if probe bristol_probe
no shutdown
set up a route map:
route-map pingprobe permit 10
remark forces ping probe to static route
match ip address ping
set ip next-hop A.A.A.A
set interface null 0
set up the ACL:
ip access-list extended ping
remark ACL for ping
permit ip host A.A.A.a host A.A.A.A
set up your routes:
ip route 0.0.0.0 0.0.0.0 A.A.A.A track NAME_probe (normal router)
ip route 0.0.0.0 0.0.0.0 B.B.B.B 10 (Fail over route)
Of course you will have to tweak it for your own addresses and such but this will work for a fail over situation in the event that you main path goes down
SS
I believe it is necessary to make a few changes for clarification purposes. We will assume that interface ethernet 0/1 is associated with the primary default route, and interface ethernet 0/2 is used as the backup.
set your interfaces up:
interface eth 0/1
description WAN
ip address <IP Address> <Netmask>
no shutdown
!
!
interface eth 0/2
description DSL/Cable
ip address <IP Address> <Netmask>
no shutdown
!
create a probe and track:
!
probe <NAME> icmp-echo
remark ping probe
destination <Gateway IP address>
source-address <eth 0/1 IP Address>
tolerance consecutive fail 3 pass 1
no shutdown
!
!
track <NAME>
remark track ping probe
test if probe <Probe NAME>
no shutdown
!
create an ACL, route map, and local policy:
!
ip access-list extended <NAME>
remark ACL for ping
permit ip host <eth 0/1 IP address> host <primary gateway IP address>
!
route-map <NAME> permit 10
remark forces ping probe to static route
match ip address <ACL NAME>
set ip next-hop <primary gateway IP address>
set interface null 0
!
ip local policy route-map <route-map NAME>
!
set up your routes:
!
ip route 0.0.0.0 0.0.0.0 <primary gateway IP address> track <Track NAME> (primary default route)
ip route 0.0.0.0 0.0.0.0 <backup gateway IP address> 10 (backup default route)
!
A few areas of importance: