Install a Static Route When an IP Address Is NOT Reachable

One of my readers recently asked an interesting question: “How do you install a static route when an IP address is not reachable?

Without going into the design reasons that prompted the question, you can actually track when IP SLA measurement fails with an obscure configuration syntax of the track objects that tracks when another track object fails.

In my example, the route to 1.0.0.0/8 would be inserted in the IP routing table when the ping to 172.16.0.22 fails:

!
! Define and start the IP SLA probe
!
ip sla 53
 icmp-echo 172.16.0.22
 timeout 500
 frequency 3
ip sla schedule 53 life forever start-time now
!
! Define an object that tracks the SLA probe
!
track 13 rtr 53 reachability
!
! Define another object that is the negation of the previous object
!
track 14 list boolean and
 object 13 not
!
! Insert a static route if the second object is UP (thus the 
! IP SLA probe failed)
!
ip route 1.0.0.0 255.0.0.0 Null0 track 14

17 comments:

  1. Hm. The only reason I can come up with for a config like that is if you have something like:

    ip route 1.0.0.0 255.0.0.0 e0/0 172.16.0.22

    in your configuration - and want to send any traffic to 1/8 to the bit bucket if the next hop goes down - but the interface stays up.

    Does this work? which metric was used for the "working" route and for the "non-working" route?
  2. Love your blog, thanks!
  3. If I remember correctly, it was a complex backup scenario where you could not simply use the floating static route, but would only install a static route if a certain destination is not reachable on the primary path.
  4. Thanks again for a great blog.

    This is exactly what I need to solve an interesting issue I have (two routers, both using PBR to send traffic into two GRE tunnels). This will allow me to use HSRP between the routers and with a little more work GLBP.
  5. When you fail-over to your backup route, don't you need to clear your NAT translations?
  6. @Anonymous: I'm assuming you're refering to the article I'm quoting, not to this post, as there is no NAT here.

    You don't need to clear the NAT translations in my multihoming design, but the sessions are definitely lost when the fall-over occurs (and the sessions on the primary link will eventually time out).
  7. to correct routing you must add this route "ip route 1.0.0.0 255.0.0.0 Null0 track 14" with metric more then 1.
  8. You cannot set a metric of a static route with Cisco IOS, just the administrative distance. Whether that should be one (default) or more than one depends on your overall design.
  9. Helped me much, thanks buddy, good job.
  10. Thanks .... helped in time ...
  11. thanks buddy - really helpful article
  12. Thanks IVAN you're the MASTERRRRR!!! bloody hell that boolean TRACK MADE my DAY!!!
  13. This was very Helpful Topic!!! Thanks
  14. A few month back I have using a static route with track to determine when the lease line is down at the other end, it will use a backup tunnel. what happen was after a few month using the static ip route with track, PING to the remote site seems LAN (LAN to LAN) seems to be very slow. It has happen to me 2 times already using this design that I have to redesign it again using both connection a tunnel. IOS used is 12.4(24)T for the router with static route with track statement.
  15. Even more interesting, How do you track a static IPv6 route? IP SLA is available for IPv6 but I'm not aware of any IOS feature that lets you install/deinstall an IPv6 static route based on a tracked object -i.e, you just can't do " ipv6 route <ipv6> <next-hop> track <tracked>"

    EEM is another possibility here but I can see some scenarios where it wouldn't be as reliable as one would expect. Any other ideas?



    </tracked></next-hop></ipv6>
  16. We'll have to wait a few more years for true feature parity. At the moment it's a catch-22 situation :(
  17. I am configuring IP Sla on 1700 series router using the command below but I am not able to add the Track keyword to the static route command-line

    rtr 6
    type echo protocol ipIcmpEcho 172.27.0.254 source-ipaddr 172.27.0.6
    timeout 3000
    frequency 900
    exit
    !
    rtr schedule 6 life forever start-time now
    !
    track 6 rtr 6 reachability
    exit
    !
    ip route 0.0.0.0 0.0.0.0 172.27.0.254 ????(cannot add track 6)
Add comment
Sidebar