Install a static route when an IP address is NOT reachable

In my February IP corner article, Small Site Multihoming, I've described how to install a static route based on reachability of a remote IP address (as measured with the IP SLA feature of Cisco IOS) and one of my readers recently asked an interesting question: “How do you install a static route when an IP address is not reachable?”

Without going into the design reasons that prompted the question, you can actually track when IP SLA measurement fails with an obscure configuration syntax of the track objects.In my example, the route to 1.0.0.0/8 would be inserted in the IP routing table when the ping to 172.16.0.22 fails:

!
! Define and start the IP SLA probe
!
ip sla 53
 icmp-echo 172.16.0.22
 timeout 500
 frequency 3
ip sla schedule 53 life forever start-time now
!
! Define an object that tracks the SLA probe
!
track 13 rtr 53 reachability
!
! Define another object that is the negation of the previous object
!
track 14 list boolean and
 object 13 not
!
! Insert a static route if the second object is UP (thus the
! IP SLA probe failed)
!
ip route 1.0.0.0 255.0.0.0 Null0 track 14

Note: This article is part of You've asked for it series.

17 comments:

  1. Hm. The only reason I can come up with for a config like that is if you have something like:

    ip route 1.0.0.0 255.0.0.0 e0/0 172.16.0.22

    in your configuration - and want to send any traffic to 1/8 to the bit bucket if the next hop goes down - but the interface stays up.

    Does this work? which metric was used for the "working" route and for the "non-working" route?

    ReplyDelete
  2. Love your blog, thanks!

    ReplyDelete
  3. If I remember correctly, it was a complex backup scenario where you could not simply use the floating static route, but would only install a static route if a certain destination is not reachable on the primary path.

    ReplyDelete
  4. Thanks again for a great blog.

    This is exactly what I need to solve an interesting issue I have (two routers, both using PBR to send traffic into two GRE tunnels). This will allow me to use HSRP between the routers and with a little more work GLBP.

    ReplyDelete
  5. When you fail-over to your backup route, don't you need to clear your NAT translations?

    ReplyDelete
  6. @Anonymous: I'm assuming you're refering to the article I'm quoting, not to this post, as there is no NAT here.

    You don't need to clear the NAT translations in my multihoming design, but the sessions are definitely lost when the fall-over occurs (and the sessions on the primary link will eventually time out).

    ReplyDelete
  7. to correct routing you must add this route "ip route 1.0.0.0 255.0.0.0 Null0 track 14" with metric more then 1.

    ReplyDelete
  8. You cannot set a metric of a static route with Cisco IOS, just the administrative distance. Whether that should be one (default) or more than one depends on your overall design.

    ReplyDelete
  9. Helped me much, thanks buddy, good job.

    ReplyDelete
  10. Thanks .... helped in time ...

    ReplyDelete
  11. thanks buddy - really helpful article

    ReplyDelete
  12. Alex Luna Heredia16 December, 2010 05:40

    Thanks IVAN you're the MASTERRRRR!!! bloody hell that boolean TRACK MADE my DAY!!!

    ReplyDelete
  13. Jose Leonardo Ramos04 April, 2011 21:43

    This was very Helpful Topic!!! Thanks

    ReplyDelete
  14. A few month back I have using a static route with track to determine when the lease line is down at the other end, it will use a backup tunnel. what happen was after a few month using the static ip route with track, PING to the remote site seems LAN (LAN to LAN) seems to be very slow. It has happen to me 2 times already using this design that I have to redesign it again using both connection a tunnel. IOS used is 12.4(24)T for the router with static route with track statement.

    ReplyDelete
  15. Even more interesting, How do you track a static IPv6 route? IP SLA is available for IPv6 but I'm not aware of any IOS feature that lets you install/deinstall an IPv6 static route based on a tracked object -i.e, you just can't do " ipv6 route <ipv6> <next-hop> track <tracked>"

    EEM is another possibility here but I can see some scenarios where it wouldn't be as reliable as one would expect. Any other ideas?



    </tracked></next-hop></ipv6>

    ReplyDelete
  16. We'll have to wait a few more years for true feature parity. At the moment it's a catch-22 situation :(

    ReplyDelete
  17. I am configuring IP Sla on 1700 series router using the command below but I am not able to add the Track keyword to the static route command-line

    rtr 6
    type echo protocol ipIcmpEcho 172.27.0.254 source-ipaddr 172.27.0.6
    timeout 3000
    frequency 900
    exit
    !
    rtr schedule 6 life forever start-time now
    !
    track 6 rtr 6 reachability
    exit
    !
    ip route 0.0.0.0 0.0.0.0 172.27.0.254 ????(cannot add track 6)

    ReplyDelete

You don't have to log in to post a comment, but please do provide your real name/URL. Anonymous comments might get deleted.

Ivan Pepelnjak, CCIE#1354, is the chief technology advisor for NIL Data Communications. He has been designing and implementing large-scale data communications networks as well as teaching and writing books about advanced technologies since 1990. See his full profile, contact him or follow @ioshints on Twitter.