This technique makes a Cisco router monitor connectivity to an IP address, over the primary connection and switch to using a backup gateway if the primary were to fail. The common network set up for this is as follows:
In essence, the Cisco router is connected via a leased line directly to the ISP’s off site router. The Cisco router can also be connected to the Internet, via an on site DSL modem, as a backup.
This tutorial assumes that you already have your interfaces configured and it is possible for the router to ping both your primary and backup gateways.
First we’ll configure our two default gateways. Delete any existing default gateways you have, as follows:
Lets say our primary is 184.108.40.206 and our backup is 220.127.116.11. Add your two routes as follows:
ip route 0.0.0.0 0.0.0.0 18.104.22.168 254 name DSL_Backup
This adds a tracked route with a metric of 1 and an additional route with a metric of 254. The routing table will use the route with the lowest metric by default (i.e. the primary).
Next, add an ip sla entry to monitor the connection. This will ping a given IP address every 10 seconds. I recommend using the IP address of the next hop (i.e. “ISP’s Router” in the above diagram) as this monitor IP, providing it accepts pings. In this example, we’ll use 22.214.171.124. The 123 is just a numerical identifier for the SLA. This can be whatever you want, within the allowed range.
icmp-echo 126.96.36.199 source-interface FastEthernet0/0
Now, add an sla schedule so that your sla starts now and runs forever.
Finally, we’ll add a track entry for the SLA to cause the gateway switch to happen:
You should now have connectivity through your primary gateway. You can monitor the SLA using this command:
This will show you the “Number of successes” and “Number of failures” the sla had.
Using this command, you can see the current default gateway (gateway of last resort):
It should be your primary gateway. Disrupt the primary connection such that it is unable to reach the monitor IP address. Within 10 seconds, the gateway of last resort as shown by the above command will have changed to your backup gateway. Reconnect the primary connection and it will have switched back again.