Reliable Static Routing Backup Using Object Tracking

First Published: May 10, 2001

Last Updated: November 20, 2009

The Reliable Static Routing Backup Using Object Tracking feature introduces the ability for the Cisco IOS software to use Internet Control Message Protocol (ICMP) pings to identify when a
PPP over Ethernet (PPPoE) or IP Security Protocol (IPsec) Virtual Private Network (VPN) tunnel goes down, allowing the initiation of a backup connection from any alternative port. The Reliable Static Routing Backup Using Object Tracking feature is compatible with both preconfigured static routes and Dynamic Host Configuration Protocol (DHCP) configurations.

Finding Feature Information

For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the “Feature Information for Reliable Static Routing Backup Using Object Tracking” section.

Use Cisco Feature Navigator to find information about platform support and Cisco IOS and Catalyst OS software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.

Contents

Prerequisites for Reliable Static Routing Backup Using Object Tracking

Dial-on-demand routing (DDR) must be configured if the backup connection is configured on a dialer interface. For more information on configuring DDR, refer to the “Dial-on-Demand Routing Configuration ” part of th e Cisco IOS Dial Technologies Configuration Guide .

Restrictions for Reliable Static Routing Backup Using Object Tracking

This feature is supported in all Cisco IOS software images for the Cisco 1700 series modular access routers except the Cisco IOS IP Base image.

Information About Reliable Static Routing Backup Using Object Tracking

To configure the Reliable Static Routing Backup Using Object Tracking feature, you should understand the following concepts:

Reliable Static Routing Backup Using Object Tracking

The Reliable Static Routing Backup Using Object Tracking feature introduces the ability to reliably back up PPPoE or IPsec VPN deployments by initiating a DDR connection from an alternative port if the circuit to the primary gateway is interrupted. The Reliable Static Routing Backup Using Object Tracking feature can ensure reliable backup in the case of several catastrophic events, such as Internet circuit failure or peer device failure. A typical scenario is shown in Figure 1.

Figure 1 Reliable Static Routing Backup Using Object Tracking Scenario

Traffic from the remote LAN is forwarded to the main office from the primary interface of the remote router. If the connection to the main office is lost, the status of the tracked object changes from up to down. When the state of the tracked object changes to down, the routing table entry for the primary interface is removed and the preconfigured floating static route is installed on the secondary interface. Traffic is then forwarded to the preconfigured destination from the secondary interface. If DDR is configured on the secondary interface, interesting traffic will trigger DDR. The backup circuit can be configured to use the public switched telephone network (PSTN) or the Internet. When the state of the tracked object changes from down to up, the routing table entry for the primary interface is reinstalled and the floating static route for the secondary interface is removed.

Cisco IOS IP SLAs

The Reliable Static Routing Backup Using Object Tracking feature uses Cisco IOS IP Service Level Agreements (IP SLAs), a network monitoring feature set, to generate ICMP pings to monitor the state of the connection to the primary gateway. Cisco IOS IP SLAs is configured to ping a target, such as a publicly routable IP address or a target inside the corporate network. The pings are routed from the primary interface only. A track object is created to monitor the status of the Cisco IOS IP SLAs configuration. The track object informs the client, the static route, if a state change occurs. The preconfigured floating static route on the secondary interface will be installed when the state changes from up to down.

HTTP GET, User Datagram Protocol (UDP) echo, or any other protocol supported by Cisco IOS IP SLAs can be used instead of ICMP pings.

Benefits of Reliable Static Routing Backup Using Object Tracking

PPPoE and IPsec VPN deployments provide cost-effective and secure Internet-based solutions that can replace traditional dialup and Frame Relay circuits.

The Reliable Static Routing Backup Using Object Tracking feature can determine the state of the primary connection without enabling a dynamic routing protocol.

The Reliable Static Routing Backup Using Object Tracking feature introduces a reliable backup solution for PPPoE and IPsec VPN deployments, allowing these solutions to be used for critical circuits that must not go down without a backup circuit automatically engaging.

How to Configure Reliable Static Routing Backup Using Object Tracking

This section contains the following tasks:

Configuring the Primary Interface for Reliable Static Routing Backup Using Object Tracking

You must configure the connection between the primary interface and the remote gateway. The status of this connection will be monitored by the Reliable Static Routing Backup Using Object Tracking feature.

The primary interface can be configured in one of three ways: for PPPoE, DHCP, or static routing. You must choose one of these configuration types. If you are not sure of which method to use with your network configuration, consult your Internet service provider (ISP) or network administrator.

Perform one of the following tasks to configure the primary interface:

Configuring the Primary Interface for PPPoE

Perform this task to configure the primary interface for PPPoE.

SUMMARY STEPS

1. enable

2. configure terminal

3. interface type number [ name-tag ]

4. description string

5. no ip address

6. pvc [ name ] vpi / vci [ ces | ilmi | qsaal | smds | l2transport ]

7. pppoe-client dial-pool-number number [ dial-on-demand ]

8. exit

DETAILED STEPS

Command or Action
Purpose

Step 1

enable

 

Router> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

 

Router# configure terminal

Enters global configuration mode.

Step 3

interface type number [ name-tag ]

 

Router(config)# interface ATM 2/0

Configures an interface type and enters interface configuration mode.

Step 4

description string

 

Router(config-if)# description primary-link

Adds a description to the interface configuration.

Step 5

no ip address

 

Router(config-if)# no ip address

Removes IP addresses configured on the interface.

Step 6
pvc [ name ] vpi / vci [ ces | ilmi | qsaal | smds | l2transport ]
 

Router(config-if)# pvc 0/33

Creates or assigns a name to an ATM permanent virtual circuit (PVC), specifies the encapsulation type on an ATM PVC, and enters ATM virtual circuit configuration mode.

Step 7
pppoe-client dial-pool-number number [ dial-on-demand ]
 

Router(config-if-atm-vc)# pppoe-client dial-pool-number 1

Configures a PPPoE client and specifies DDR functionality.

Step 8
exit
 

Router(config-if-atm-vc)# exit

Exits ATM virtual circuit configuration mode.

Configuring the Primary Interface for DHCP

Perform this task to configure the primary interface for DHCP.

SUMMARY STEPS

1. enable

2. configure terminal

3. interface type number [ name-tag ]

4. description string

5. ip dhcp client route track number

6. ip address dhcp

7. exit

DETAILED STEPS

Command or Action
Purpose

Step 1

enable

 

Router> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

 

Router# configure terminal

Enters global configuration mode.

Step 3

interface type number [ name-tag ]

 

Router(config)# interface ethernet 0/0

Configures an interface type and enters interface configuration mode.

Step 4

description string

 

Router(config-if)# description primary-link

Adds a description to the interface configuration.

Step 5

ip dhcp client route track number

 

Router(config-if)# ip dhcp client route track 123

Configures the DHCP client to associate any added routes with the specified track number.

  • route track number —Associates a track object with the DHCP-installed static route. Valid values for the number argument range from 1 to 500.

Note You must configure the ip dhcp client command before issuing the ip address dhcp command on an interface. The ip dhcp client command is checked only when an IP address is acquired from DHCP. If the ip dhcp client command is issued after an IP address has been acquired from DHCP, it will not take effect until the next time the router acquires an IP address from DHCP.

Step 6

ip address dhcp

 

Router(config-if)# ip address dhcp

Acquires an IP address on an Ethernet interface from DHCP.

Step 7

exit

 

Router(config-if)# exit

Exits interface configuration mode.

Configuring the Primary Interface for Static Routing

Perform this task to configure the primary interface for static routing.

SUMMARY STEPS

1. enable

2. configure terminal

3. interface type number [ name-tag ]

4. description string

5. ip address ip-address mask [ secondary ]

6. exit

DETAILED STEPS

Command or Action
Purpose

Step 1

enable

 

Router> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

 

Router# configure terminal

Enters global configuration mode.

Step 3

interface type number [ name-tag ]

 

Router(config)# interface FastEthernet 0/0

Configures an interface type and enters interface configuration mode.

Step 4

description string

 

Router(config-if)# description primary-link

Adds a description to the interface configuration.

Step 5

ip address ip- address mask [ secondary ]

 

Router(config-if)# ip address 209.165.200.225 255.0.0.0

Sets a primary or secondary IP address for an interface.

Step 6

exit

 

Router(config-if)# exit

Exits interface configuration mode.

Configuring the Backup Interface for Reliable Static Routing Backup Using Object Tracking

You must configure a backup interface to contact the remote gateway. If the connection between the primary interface and the remote gateway goes down, the backup interface will be used.

Perform the following task to configure the backup interface. This task applies to PPPoE, DHCP, and static routing configurations.

SUMMARY STEPS

1. enable

2. configure terminal

3. interface type number [ name-tag ]

4. description string

5. ip address ip-address mask [ secondary ]

6. exit

DETAILED STEPS

Command or Action
Purpose

Step 1

enable

 

Router> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

 

Router# configure terminal

Enters global configuration mode.

Step 3

interface type number [ name-tag ]

 

Router(config)# interface Dialer 0

Configures an interface type and enters interface configuration mode.

Step 4

description string

 

Router(config-if)# description backup-link

Adds a description to an interface configuration.

Step 5

ip address ip- address mask [ secondary ]

 

Router(config-if)# ip address 209.165.201.1 255.255.255.0

Sets a secondary IP address for an interface.

Note If the connection on the primary interface goes down, the secondary interface is used as a backup interface.

Step 6

exit

 

Router(config-if)# exit

Exits interface configuration mode.

Configuring Network Monitoring with Cisco IOS IP SLAs for Reliable Static Routing Backup Using Object Tracking

The Reliable Static Routing Backup Using Object Tracking feature uses a Cisco IOS IP SLAs configuration to generate ICMP pings to monitor the state of the connection to the primary gateway.

Beginning in Cisco IOS Release 12.3(14)T, the command used to configure Cisco IOS IP SLAs was modified.

Perform one of the following tasks to configure Cisco IOS IP SLAs depending on which Cisco IOS software release you are running:

Configuring Cisco IOS IP SLAs for Cisco IOS Release 12.3(8)T, 12.3(11)T, 12.2(33)SRA, and 12.2(33)SRE

Perform this task to create Cisco IOS IP SLAs depending on which Cisco IOS software release you are running. This task applies to PPPoE, DHCP, and static routing configurations.

SUMMARY STEPS

1. enable

2. configure terminal

3. rtr [ operation-number ]

4. type echo protocol ipIcmpEcho { destination-ip-address | destination-hostname } [ source-ipaddr { ip-address | hostname }]

5. timeout milliseconds

6. frequency seconds

7. threshold milliseconds

8. exit

9. rtr schedule operation-number [ life { forever | seconds }] [ start-time { hh : mm [ : ss ] [ month day | day month ] | pending | now | after hh : mm : ss }] [ ageout seconds ]

10. track object-number rtr rtr-operation { state | reachability }

11. end

DETAILED STEPS

Command or Action
Purpose

Step 1

enable

 

Router> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

 

Router# configure terminal

Enters global configuration mode.

Step 3

rtr [ operation-number ]

 

Router(config)# rtr 1

Begins configuration for a Cisco IOS IP SLAs operation and enters RTR configuration mode.

Step 4
type echo protocol ipIcmpEcho { destination-ip-address | destination-hostname } [ source-ipaddr { ip-address | hostname }]
 

Router(config-rtr)# type echo protocol ipIcmpEcho 172.16.23.7

Configures a Cisco IOS IP SLAs end-to-end echo response time probe operation.

Step 5

timeout milliseconds

 

Router(config-rtr)# timeout 1000

Sets the amount of time for which the Cisco IOS IP SLAs operation waits for a response from its request packet.

Step 6

frequency seconds

 

Router(config-rtr)# frequency 3

Sets the rate at which a specified Cisco IOS IP SLAs operation is sent into the network.

Step 7

threshold milliseconds

 

Router(config-rtr)# threshold 2

Sets the rising threshold (hysteresis) that generates a reaction event and stores history information for the Cisco IOS IP SLAs operation.

Step 8

exit

 

Router(config-rtr)# exit

Exits RTR configuration mode.

Step 9

rtr schedule operation-number [ life { forever | seconds }] [ start-time { hh : mm [ : ss ] [ month day | day month ] | pending | now | after hh : mm : ss }] [ ageout seconds ]

 

Router(config)# rtr schedule 1 life forever start-time now

Configures a Cisco IOS IP SLAs ICMP echo operation.

Step 10

track object-number rtr rtr-operation { state | reachability }

 

Router(config)# track 123 rtr 1 reachability

Tracks the state of a Cisco IOS IP SLAs operation and enters tracking configuration mode.

Step 11

end

 

Router(config-track-list)# end

Exits tracking configuration mode.

Configuring Cisco IOS IP SLAs for Cisco IOS Release 12.3(14)T, 12.4, 12.4(2)T, and 12.2(33)SXH

Perform this task to create an Cisco IP SLAs configuration to ping the target address depending on which Cisco IOS software release you are running. This task applies to PPPoE, DHCP, and static routing configurations.

SUMMARY STEPS

1. enable

2. configure terminal

3. ip sla monitor [ operation-number ]

4. type echo protocol ipIcmpEcho { destination-ip-address | destination-hostname } [ source-ipaddr { ip-address | hostname } | source-interface interface-name ]

5. timeout milliseconds

6. frequency seconds

7. threshold milliseconds

8. exit

9. ip sla monitor schedule operation-number [ life { forever | seconds }] [ start-time { hh : mm [ : ss ] [ month day | day month ] | pending | now | after hh : mm : ss }] [ ageout seconds ] [ recurring ]

10. track object-number rtr rtr-operation { state | reachability }

11. end

DETAILED STEPS

Command or Action
Purpose

Step 1

enable

 

Router> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

 

Router# configure terminal

Enters global configuration mode.

Step 3

ip sla monitor [ operation-number ]

 

Router(config)# ip sla monitor 1

Begins configuring a Cisco IOS IP SLAs operation and enters IP SLA monitor configuration mode.

Step 4
type echo protocol ipIcmpEcho { destination-ip-address | destination-hostname } [ source-ipaddr { ip-address | hostname } | source-interface interface-name ]
 

Router(config-sla-monitor)# type echo protocol ipIcmpEcho 172.16.23.7

Configures a Cisco IOS IP SLAs end-to-end ICMP echo response time operation and enters IP SLAs ICMP echo configuration mode.

Step 5

timeout milliseconds

 

Router(config-sla-monitor-echo)# timeout 1000

Sets the amount of time for which the Cisco IOS IP SLAs operation waits for a response from its request packet.

Step 6

frequency seconds

 

Router(config-sla-monitor-echo)# frequency 3

Sets the rate at which a specified Cisco IOS IP SLAs operation is sent into the network.

Step 7

threshold milliseconds

 

Router(config-sla-monitor-echo)# threshold 2

Sets the rising threshold (hysteresis) that generates a reaction event and stores history information for the Cisco IOS IP SLAs operation.

Step 8

exit

 

Router(config-sla-monitor-echo)# exit

Exits IP SLAs ICMP echo configuration mode.

Step 9

ip sla monitor schedule operation-number [ life { forever | seconds }] [ start-time { hh : mm [ : ss ] [ month day | day month ] | pending | now | after hh : mm : ss }] [ ageout seconds ] [recurring]

 

Router(config)# ip sla monitor schedule 1 life forever start-time now

Configures the scheduling parameters for a single Cisco IOS IP SLAs operation.

Step 10

track object-number rtr rtr-operation { state | reachability }

 

Router(config)# track 123 rtr 1 reachability

Tracks the state of a Cisco IOS IP SLAs operation and enters tracking configuration mode.

Step 11

end

 

Router(config-track-list)# end

Exits tracking configuration mode.

Configuring Cisco IOS IP SLAs for Cisco IOS Release 12.4(4)T, 15.(0)1M, and Later Releases

Perform this task to create Cisco IP SLAs configuration in Cisco IOS Release 12.4(4)T, 15.0(1)M, and later releases to ping the target address. This task applies to PPPoE, DHCP, and static routing configurations.

SUMMARY STEPS

1. enable

2. configure terminal

3. ip sla [ operation-number ]

4. icmp-echo { destination-ip-address | destination-hostname } [ source-ip { ip-address | hostname } | source-interface interface-name ]

5. timeout milliseconds

6. frequency seconds

7. threshold milliseconds

8. exit

9. ip sla schedule operation-number [ life { forever | seconds }] [ start-time { hh : mm [ : ss ] [ month day | day month ] | pending | now | after hh : mm : ss }] [ ageout seconds ] [ recurring ]

10. track object-number rtr rtr-operation { state | reachability }

11. end

DETAILED STEPS

Command or Action
Purpose

Step 1

enable

 

Router> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

 

Router# configure terminal

Enters global configuration mode.

Step 3

ip sla [ operation-number ]

 

Router(config)# ip sla 1

Begins configuring a Cisco IOS IP SLAs operation and enters IP SLA configuration mode.

Step 4
icmp-echo { destination-ip-address | destination-hostname } [ source-ip { ip-address | hostname } | source-interface interface-name ]
 

Router(config-ip-sla)# icmp-echo 172.16.23.7

Configures a Cisco IOS IP SLAs end-to-end ICMP echo response time operation and enters IP SLAs ICMP echo configuration mode.

Step 5

timeout milliseconds

 

Router(config-ip-sla-echo)# timeout 1000

Sets the amount of time for which the Cisco IOS IP SLAs operation waits for a response from its request packet.

Step 6

frequency seconds

 

Router(config-ip-sla-echo)# frequency 3

Sets the rate at which a specified Cisco IOS IP SLAs operation is sent into the network.

Step 7

threshold milliseconds

 

Router(config-ip-sla-echo)# threshold 2

Sets the rising threshold (hysteresis) that generates a reaction event and stores history information for the Cisco IOS IP SLAs operation.

Step 8

exit

 

Router(config-ip-sla-echo)# exit

Exits IP SLAs ICMP echo configuration mode.

Step 9

ip sla schedule operation-number [ life { forever | seconds }] [ start-time { hh : mm [ : ss ] [ month day | day month ] | pending | now | after hh : mm : ss }] [ ageout seconds ] [recurring]

 

Router(config-ip-sla-echo)# ip sla schedule 1 life forever start-time now

Configures the scheduling parameters for a single Cisco IOS IP SLAs operation.

Step 10

track object-number rtr rtr-operation { state | reachability }

 

Router(config)# track 123 rtr 1 reachability

Tracks the state of a Cisco IOS IP SLAs operation and enters tracking configuration mode.

Step 11

end

 

Router(config-track-list)# end

Exits tracking configuration mode.

Configuring the Routing Policy for Reliable Static Routing Backup Using Object Tracking

In order to track the status of the primary connection to the remote gateway, the Cisco IOS IP SLAs ICMP pings must be routed only from the primary interface.

Perform one of the following tasks to configure a routing policy that will ensure that the Cisco IOS IP SLAs pings are always routed out of the primary interface:

Configuring a Routing Policy for PPPoE

Perform this task to configure a routing policy if the primary interface is configured for PPPoE.

SUMMARY STEPS

1. enable

2. configure terminal

3. access-list access-list-number [ dynamic dynamic-name [ timeout minutes ]] { deny | permit } icmp source source-wildcard destination destination-wildcard [ icmp-type [ icmp-code ] | icmp-message ] [ precedence precedence ] [ tos tos ] [ log | log-input ] [ time-range time-range-name ] [ fragments ]

4. route-map map-tag [ permit | deny ] [ sequence-number ]

5. match ip address { access-list-number | access-list-name } [... access-list-number |... access-list-name ]

6. set interface type number [... type number ]

7. exit

8. ip local policy route-map map-tag

9. end

DETAILED STEPS

Command or Action
Purpose

Step 1

enable

 

Router> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

 

Router# configure terminal

Enters global configuration mode.

Step 3

access-list access-list-number [ dynamic dynamic-name [ timeout minutes ]] { deny | permit } icmp source source-wildcard destination destination-wildcard [ icmp-type [ icmp-code ] | icmp-message ] [ precedence precedence ] [ tos tos ] [ log | log-input ] [ time-range time-range-name ] [ fragments ]

 

Router(config)# access-list 101 permit icmp any host 172.16.23.7 echo

Defines an extended IP access list.

Step 4

route-map map-tag [ permit | deny ] [ sequence-number ]

 

Router(config)# route-map MY-LOCAL-POLICY permit 10

Enters route-map configuration mode and defines the conditions for redistributing routes from one routing protocol into another.

Step 5

match ip address { access-list-number | access-list-name } [... access-list-number |... access-list-name ]

 

Router(config-route-map)# match ip address 101

Distributes any routes that have a destination network number address that is permitted by a standard or extended access list, or performs policy routing on packets.

Step 6

set interface type number [... type number ]

 

Router(config-route-map)# set interface null 0

Indicates where to output packets that pass a match clause of a route map for policy routing.

Note The interface must be configured for null 0 in this scenario. If the next hop is not set because the interface is down, the packet is routed to the null interface and discarded. Otherwise policy routing fails and the packet is routed using the Routing Information Base (RIB) card. Routing the packet using the RIB card is undesirable.

Step 7

exit

 

Router(config-route-map)# exit

Exits route-map configuration mode.

Step 8

ip local policy route-map map-tag

 

Router(config)# ip local policy route-map MY-LOCAL-POLICY

Identifies a route map to use for local policy routing.

Step 9

end

 

Router(config)# end

Exits global configuration mode.

Configuring a Routing Policy for DHCP

Perform this task to ensure that the primary interface is configured for DHCP:

SUMMARY STEPS

1. enable

2. configure terminal

3. access-list access-list-number [ dynamic dynamic-name [ timeout minutes ]] { deny | permit } icmp source source-wildcard destination destination-wildcard [ icmp-type [ icmp-code ] | icmp-message ] [ precedence precedence ] [ tos tos ] [ log | log-input ] [ time-range time-range-name ] [ fragments ]

4. route-map map-tag [ permit | deny ] [ sequence-number ]

5. match ip address { access-list-number | access-list-name } [... access-list-number |... access-list-name ]

6. set ip next-hop dynamic dhcp

7. exit

8. ip local policy route-map map-tag

9. end

DETAILED STEPS

Command or Action
Purpose

Step 1

enable

 

Router> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

 

Router# configure terminal

Enters global configuration mode.

Step 3

access-list access-list-number [ dynamic dynamic-name [ timeout minutes ]] { deny | permit } icmp source source-wildcard destination destination-wildcard [ icmp-type [ icmp-code ] | icmp-message ] [ precedence precedence ] [ tos tos ] [ log | log-input ] [ time-range time-range-name ] [ fragments ]

 

Router(config)# access-list 101 permit icmp any host 172.16.23.7 echo

Defines an extended IP access list.

Step 4

route-map map-tag [ permit | deny ] [ sequence-number ]

 

Router(config)# route-map MY-LOCAL-POLICY permit 10

Enters route-map configuration mode and defines the conditions for redistributing routes from one routing protocol into another.

Step 5

match ip address { access-list-number | access-list-name } [... access-list-number |... access-list-name ]

 

Router(config-route-map)# match ip address 101

Distributes any routes that have a destination network number address that is permitted by a standard or extended access list, or performs policy routing on packets.

Step 6

set ip next-hop dynamic dhcp

 

Router(config-route-map)# set ip next-hop dynamic dhcp

Sets the next hop to the gateway that was most recently learned by the DHCP client.

Step 7

exit

 

Router(config-route-map)# exit

Exits route-map configuration mode.

Step 8

ip local policy route-map map-tag

 

Router(config)# ip local policy route-map MY-LOCAL-POLICY

Identifies a route map to use for local policy routing.

Step 9

end

 

Router(config)# end

Exits global configuration mode.

Configuring a Routing Policy for Static Routing

Perform one of the following tasks if the primary interface is configured for static routing:

Configuring a Routing Policy for Static Routing with a Point-to-Point Primary Gateway

Perform this task to configure a routing policy if the primary interface is configured for static routing and the primary gateway is a point-to-point gateway.

SUMMARY STEPS

1. enable

2. configure terminal

3. access-list access-list-number [ dynamic dynamic-name [ timeout minutes ]] { deny | permit } icmp source source-wildcard destination destination-wildcard [ icmp-type [ icmp-code ] | icmp-message ] [ precedence precedence ] [ tos tos ] [ log | log-input ] [ time-range time-range-name ] [ fragments ]

4. route-map map-tag [ permit | deny ] [ sequence-number ]

5. match ip address { access-list-number | access-list-name } [... access-list-number |... access-list-name ]

6. set interface type number [... type number ]

7. exit

8. ip local policy route-map map-tag

9. end

DETAILED STEPS

Command or Action
Purpose

Step 1

enable

 

Router> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

 

Router# configure terminal

Enters global configuration mode.

Step 3

access-list access-list-number [ dynamic dynamic-name [ timeout minutes ]] { deny | permit } icmp source source-wildcard destination destination-wildcard [ icmp-type [ icmp-code ] | icmp-message ] [ precedence precedence ] [ tos tos ] [ log | log-input ] [ time-range time-range-name ] [ fragments ]

 

Router(config)# access-list 101 permit icmp any host 172.16.23.7 echo

Defines an extended IP access list.

Step 4

route-map map-tag [ permit | deny ] [ sequence-number ]

 

Router(config)# route-map MY-LOCAL-POLICY permit 10

Enters route-map configuration mode and defines the conditions for redistributing routes from one routing protocol into another.

Step 5

match ip address { access-list-number | access-list-name } [... access-list-number |... access-list-name ]

 

Router(config-route-map)# match ip address 101

Distributes any routes that have a destination network number address that is permitted by a standard or extended access list, or performs policy routing on packets.

Step 6

set interface type number [... type number ]

 

Router(config-route-map)# set interface dialer 0 Null 0

Indicates where to output packets that pass a match clause of a route map for policy routing.

Step 7

exit

 

Router(config-route-map)# exit

Exits route-map configuration mode.

Step 8

ip local policy route-map map-tag

 

Router(config)# ip local policy route-map MY-LOCAL-POLICY

Identifies a route map to use for local policy routing.

Step 9

end

 

Router(config)# end

Exits global configuration mode.

Configuring a Routing Policy for Static Routing with a Multipoint Primary Gateway

Perform this task to configure a routing policy if the primary interface is configured for static routing and the primary gateway is a multipoint gateway.

SUMMARY STEPS

1. enable

2. configure terminal

3. access-list access-list-number [ dynamic dynamic-name [ timeout minutes ]] { deny | permit } icmp source source-wildcard destination destination-wildcard [ icmp-type [ icmp-code ] | icmp-message ] [ precedence precedence ] [ tos tos ] [ log | log-input ] [ time-range time-range-name ] [ fragments ]

4. route-map map-tag [ permit | deny ] [ sequence-number ]

5. match ip address { access-list-number | access-list-name } [... access-list-number |... access-list-name ]

6. set ip next-hop ip-address [... ip-address ]

7. set interface type number [... type number ]

8. exit

9. ip local policy route-map map-tag

10. end

DETAILED STEPS

Command or Action
Purpose

Step 1

enable

 

Router> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

 

Router# configure terminal

Enters global configuration mode.

Step 3

access-list access-list-number [ dynamic dynamic-name [ timeout minutes ]] { deny | permit } icmp source source-wildcard destination destination-wildcard [ icmp-type [ icmp-code ] | icmp-message ] [ precedence precedence ] [ tos tos ] [ log | log-input ] [ time-range time-range-name ] [ fragments ]

 

Router(config)# access-list 101 permit icmp any host 172.16.23.7 echo

Defines an extended IP access list.

Step 4

route-map map-tag [ permit | deny ] [ sequence-number ]

 

Router(config)# route-map MY-LOCAL-POLICY permit 10

Enters route-map configuration mode and defines the conditions for redistributing routes from one routing protocol into another.

Step 5

match ip address { access-list-number | access-list-name } [... access-list-number |... access-list-name ]

 

Router(config-route-map)# match ip address 101

Distributes any routes that have a destination network number address that is permitted by a standard or extended access list, or performs policy routing on packets.

Step 6

set ip next-hop ip-address [... ip-address ]

 

Router(config-route-map)# set ip next-hop 10.1.1.242

Indicates where to output packets that pass a match clause of a route map for policy routing.

Step 7

set interface type number [... type number ]

 

Router(config-route-map)# set interface null 0

Indicates where to output packets that pass a match clause of a route map for policy routing.

Step 8

exit

 

Router(config-route-map)# exit

Exits route-map configuration mode.

Step 9

ip local policy route-map map-tag

 

Router(config)# ip local policy route-map MY-LOCAL-POLICY

Identifies a route map to use for local policy routing.

Step 10

end

 

Router(config)# end

Exits global configuration mode.

Configuring the Default Route for the Primary Interface Using Static Routing

Perform this task to configure the static default route only if you are using static routing.

SUMMARY STEPS

1. enable

2. configure terminal

3. ip route prefix mask { ip- address | interface-type interface-number [ ip-address ]} [ distance ] [ name ] [ permanent | track number ] [ tag tag ]

4. end

DETAILED STEPS

Command or Action
Purpose

Step 1

enable

 

Router> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

 

Router# configure terminal

Enters global configuration mode.

Step 3

ip route prefix mask { ip- address | interface-type interface-number [ ip-address ]} [ distance ] [ name ] [ permanent | track number ] [ tag tag ]

 

Router(config)# ip route 0.0.0.0 0.0.0.0 10.1.1.242 track 123

Establishes static routes.

  • track number —Specifies that the static route will be installed only if the configured track object is up.

Step 4

end

 

Router(config)# end

Exits global configuration mode.

Configuring a Floating Static Default Route on the Secondary Interface

Perform this task to configure a floating static default route on the secondary interface. This task applies to PPPoE, DHCP, and static routing configurations.

SUMMARY STEPS

1. enable

2. configure terminal

3. ip route network-number network-mask { ip-address | interface } [ distance ] [ name name ]

DETAILED STEPS

Command or Action
Purpose

Step 1

enable

 

Router> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

 

Router# configure terminal

Enters global configuration mode.

Step 3

ip route network-number network-mask { ip-address | interface } [ distance ] [ name name ]

 

Router(config)# ip route 0.0.0.0 0.0.0.0 10.2.2.125 254

Establishes static routes and defines the next hop.

Verifying the State of the Tracked Object for Reliable Static Routing Backup Using Object Tracking

Perform the following task to determine if the state of the tracked object is up or down.

SUMMARY STEPS

1. enable

2. show ip route track-table

DETAILED STEPS

Command or Action
Purpose

Step 1

enable

 

Router> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

show ip route track-table

 

Router# show ip route track-table

Displays information about the IP route track table.

Configuration Examples for Reliable Static Routing Backup Using Object Tracking

This section provides the following configuration examples:

Configuring Reliable Static Routing Backup Using Object Tracking Using PPPoE: Example

The following example shows how to configure the Reliable Static Routing Backup Using Object Tracking feature using PPPoE. The primary interface is an ATM interface, and the backup interface is a BRI interface. This example applies to Cisco IOS Release 12.3(8)T, 12.3(11)T, 12.2(33)SRA, 12.2(33)SXH, and 12.2(33)SRE.

interface ATM 0
description primary-link
no ip address
pvc 0/33
pppoe-client dial-pool-number 1
!
interface BRI 0
description backup-link
ip address 10.2.2.2 255.0.0.0
!
rtr 1
type echo protocol ipIcmpEcho 172.16.23.7
timeout 1000
frequency 3
threshold 2
 
rtr schedule 1 life forever start-time now
track 123 rtr 1 reachability
 
access list 101 permit icmp any host 172.16.23.7 echo
route map MY-LOCAL-POLICY permit 10
match ip address 101
set interface null 0
!
ip local policy route-map MY-LOCAL-POLICY
 
ip route 0.0.0.0 0.0.0.0 10.2.2.125 254

Configuring Reliable Static Routing Backup Using Object Tracking Using DHCP: Example

The following example show how to configure the Reliable Static Routing Backup Using Object Tracking feature using DHCP. The primary interface is an Ethernet interface, and the backup interface is a serial interface. This example applies to Cisco IOS Release 12.3(14)T.

!
ip dhcp-client default-router distance 25
ip sla monitor 1
type echo protocol ipIcmpEcho 172.16.23.7
timeout 1000
threshold 2
frequency 3
ip sla monitor schedule 1 life forever start-time now
track 123 rtr 1 reachability
!
interface Ethernet0/0
description primary-link
ip dhcp client route track 123
ip address dhcp
!
interface Serial2/0
description backup-link
ip address 209.165.202.129 255.255.255.255
!
ip local policy route-map MY-LOCAL-POLICY
ip route 0.0.0.0 0.0.0.0 10.2.2.125 254
!
access-list 101 permit icmp any host 172.16.23.7 echo
route-map MY-LOCAL-POLICY permit 10
match ip address 101
set ip next-hop dynamic dhcp
 

Configuring Reliable Static Routing Backup Using Object Tracking: Example

The following example shows how to configure the Reliable Static Routing Backup Using Object Tracking feature using static routing for a point-to-point primary gateway. The primary interface is a PPPoE Fast Ethernet interface, and the backup interface is a dialer interface. This example applies to Cisco IOS Release 12.3(14)T and later releases.

interface FastEthernet 0/0
description primary-link
ip address 209.165.202.129 255.255.255.255
 
interface Dialer 0
description backup-link
ip address 209.165.200.225 255.255.255.255
 
ip sla monitor 1
type echo protocol ipIcmpEcho 172.16.23.7
timeout 1000
frequency 3
threshold 2
 
ip sla monitor schedule 1 life forever start-time now
track 123 rtr 1 reachability
 
access list 101 permit icmp any host 172.16.23.7 echo
route map MY-LOCAL-POLICY permit 10
match ip address 101
set interface dialer 0 null 0
!
ip local policy route-map MY-LOCAL-POLICY
 
ip route 0.0.0.0 0.0.0.0 10.1.1.242 track 123
ip route 0.0.0.0 0.0.0.0 10.2.2.125 254
 

The following example configures the Reliable Static Routing Backup Using Object Tracking feature using static routing for a multipoint primary gateway. Both the primary interface and the backup interface are Ethernet interfaces. This example applies to Cisco IOS Release 12.3(14)T and later releases.

interface ethernet 0
description primary-link
ip address 209.165.202.129 255.255.255.255
 
interface ethernet 1
description backup-link
ip address 209.165.200.225 255.255.255.255
 
ip sla monitor 1
type echo protocol ipIcmpEcho 172.16.23.7
timeout 1000
frequency 3
threshold 2
 
ip sla monitor schedule 1 life forever start-time now
track 123 rtr 1 reachability
 
access list 101 permit icmp any host 172.16.23.7 echo
route map MY-LOCAL-POLICY permit 10
match ip address 101
set ip next-hop 10.1.1.242
set interface null 0
!
ip local policy route-map MY-LOCAL-POLICY
 
ip route 0.0.0.0 0.0.0.0 10.1.1.242 track 123
ip route 0.0.0.0 0.0.0.0 10.2.2.125 254

Verifying the State of the Tracked Object: Example

The following example displays information about track objects in the IP route track table:

Router# show ip route track-table
 
ip route 0.0.0.0 0.0.0.0 10.1.1.242 track-object 123 state is [up]

Additional References

The following sections provide references related to the Reliable Static Routing Backup Using Object Tracking feature.

Related Documents

Related Topic
Document Title

IPsec configuration tasks

IP Security VPN Monitoring ” module in the Cisco IOS Security Configuration Guide

IPsec commands: complete command syntax, command mode, command history, defaults, usage guidelines, and examples

Cisco IOS Security Command Reference

VPDN configuration tasks

Configuring AAA for VPDN ” module in the Cisco IOS VPDN Configuration Guide

VPDN commands: complete command syntax, command mode, command history, defaults, usage guidelines, and examples

Cisco IOS VPDN Command Reference

ATM virtual circuit bundles

ATM RBE ” module in the Cisco IOS Broadband Access Aggregation and DSL Configuration Guide

PPPoE commands: complete command syntax, command mode, command history, defaults, usage guidelines, and examples

Cisco IOS Wide-Area Networking Command Reference

Dial access specialized features

Dial Access Specialized Features ” module in the Cisco IOS Dial Technologies Configuration Guide

DDR commands: complete command syntax, command mode, command history, defaults, usage guidelines, and examples

Cisco IOS Dial Technologies Command Reference

IP SLAs configuration tasks

IP SLAs ” module in the Cisco IOS IP SLAs Configuration Guide

IP SLAs commands: complete command syntax, command mode, command history, defaults, usage guidelines, and examples

Cisco IOS IP SLAs Command Reference

Standards

Standards
Title

None

MIBs

MIBs
MIBs Link

None

To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://www.cisco.com/go/mibs

RFCs

RFCs
Title

None

Technical Assistance

Description
Link

The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies.

To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds.

Access to most tools on the Cisco Support website requires a Cisco.com user ID and password.

http://www.cisco.com/techsupport

Feature Information for Reliable Static Routing Backup Using Object Tracking

Table 1 lists the features in this module and provides links to specific configuration information. Only features that were introduced or modified in Cisco IOS Release 12.2(33)SX or Cisco IOS Releases 12.2(33)SRE or 15.0(1)M or a later release appear in this table.

Not all commands may be available in your Cisco IOS software release. For release information about a specific command, see the command reference documentation.

Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which Cisco IOS and Catalyst OS software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.

 

Table 1 Feature Information for Reliable Static Routing Backup Using Object Tracking
Feature Name
Releases
Feature Information

Reliable Static Routing Backup Using Object Tracking

12.2(33)SXH
12.2(33)SRA
12.2(33)SRE
12.3(8)T
12.3(14)T
15.0(1)M

The Reliable Static Routing Backup Using Object Tracking feature introduces the ability for the Cisco IOS software to use ICMP pings to identify when a PPPoE or IPsec VPN tunnel goes down, allowing the initiation of a backup connection from any alternative port. The Reliable Static Routing Backup Using Object Tracking feature is compatible with both preconfigured static routes and DHCP configurations. The following sections provide information about this feature:

The following commands were introduced or modified: ip dhcp client route, ip route prefix mask, set ip next-hop dynamic, and show ip route track-table.

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)


Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.

© 2001—2009 Cisco Systems, Inc. All rights reserved.