Install a Static Route When an IP Address Is NOT Reachable
One of my readers recently asked an interesting question: “How do you install a static route when an IP address is not reachable?”
Without going into the design reasons that prompted the question, you can actually track when IP SLA measurement fails with an obscure configuration syntax of the track objects that tracks when another track object fails.
In my example, the route to 1.0.0.0/8 would be inserted in the IP routing table when the ping to 172.16.0.22 fails:
!
! Define and start the IP SLA probe
!
ip sla 53
icmp-echo 172.16.0.22
timeout 500
frequency 3
ip sla schedule 53 life forever start-time now
!
! Define an object that tracks the SLA probe
!
track 13 rtr 53 reachability
!
! Define another object that is the negation of the previous object
!
track 14 list boolean and
object 13 not
!
! Insert a static route if the second object is UP (thus the
! IP SLA probe failed)
!
ip route 1.0.0.0 255.0.0.0 Null0 track 14
ip route 1.0.0.0 255.0.0.0 e0/0 172.16.0.22
in your configuration - and want to send any traffic to 1/8 to the bit bucket if the next hop goes down - but the interface stays up.
Does this work? which metric was used for the "working" route and for the "non-working" route?
This is exactly what I need to solve an interesting issue I have (two routers, both using PBR to send traffic into two GRE tunnels). This will allow me to use HSRP between the routers and with a little more work GLBP.
You don't need to clear the NAT translations in my multihoming design, but the sessions are definitely lost when the fall-over occurs (and the sessions on the primary link will eventually time out).
EEM is another possibility here but I can see some scenarios where it wouldn't be as reliable as one would expect. Any other ideas?
</tracked></next-hop></ipv6>
rtr 6
type echo protocol ipIcmpEcho 172.27.0.254 source-ipaddr 172.27.0.6
timeout 3000
frequency 900
exit
!
rtr schedule 6 life forever start-time now
!
track 6 rtr 6 reachability
exit
!
ip route 0.0.0.0 0.0.0.0 172.27.0.254 ????(cannot add track 6)