adslfailoverrouter
I've got 2 IP over ADSL boxes (Orange & OVH) and 1 TP-LINK router to manage the possible failover of one link.
When the Ethernet link between the primary box falls or when the bow itself is down, the router manages correctly the backup to the other wan link.
But, when the WAN link of the primary box is down, the router doesn't see the error and still try to send on the primary WAN line.
How can I solve this issue ?
… I've updated the links. Images can be viewed now, I hope…
As long as both interfaces have public IP addresses, which it sounds like, you have two options:
1) IP SLA: outbound traffic will only use one interface at a time.
Essentially, you configure a static default route out the primary interface, which is tracked and a static default route out the secondary interface. If the tracking finds an issue, the tracked route is removed, making the default route out the secondary interface
R1(config)# ip sla 1
R1(config)# icmp-echo $primaryNextHop source-interface $primaryInterface
R1(config)# timeout 1000
R1(config)# threshold 2
R1(config)# frequency 3
R1(config)# ip sla schedule 1 life forever start-time now
R1(config)# track 1 ip sla 1 reachability
R1(config)# ip route 0.0.0.0 0.0.0.0 $primaryNextHop track 1
R1(config)# ip route 0.0.0.0 0.0.0.0 $secondaryNextHop 10
2) BGP peer with ISPs: this can be configured to allow traffic outbound on both interfaces at the same time. You can also set this up to allow ISP1 to receive traffic for the secondary interface and vice versa (BGP Multihoming)
Couple of things. First, the link may not go down so depending on link down to failover may not actually work. Second is NAT/PAT. Cisco has published a how to for exactly what you are looking to do. See ISP Failover with Default Routes using IP SLA Tracking
Introduction
This document describes how to configure WAN (or ISP) redundancies, wherein multiple WAN links terminate on the same end router. This document also explains how to configure Network Address Translation (NAT) when there are multiple ISP's for internet connectivity and you want seamless failover i.e. when Primary ISP goes down then Secondary takes over with correct NAT with the use of the secondary ISP's public IP address.
Best Answer
Currently, your router monitors WAN connections only on layer 1, i.e. if a link is up or down. In order to react to a broken WAN connection, your router should monitor on a higher layer.
There are 3 approaches:
a) You use a router with two interface directly conntected to the splitter or telephone jack. Your router could still be monitoring a WAN link on layer 1. But your router would dial up via PPPoA. You could monitor both the line and the registration of your router by each ISP's RADIUS or TACACS server. Either your DSL line is run by a protocol such as ADSL2+ and authentication is done by user/password or by a protocol such as VDSL2 and authentication is done by modem MAC address. In case of user/password all you need are login credentials. In case of MAC address you have to personally negiotiate the registration of your router with both ISPs.
b) Your router dials up via PPPoE without the need of using new WAN interfaces. This would allow you to monitor each WAN connection on layer 2 which is sufficient enough. Your router would become the gateway and you could reduce the modems to managing DSL lines. This requires both modems to run a firmware supporting dialup by another device.
c) Your router monitors by probing a host on the WAN. Usually, there is at least one core router. which replies to ICMP Echo. Try
traceroute -I 8.8.8.8with both connections. It changes theType of Servicefield to request Echo-Reply messages from each hop during the trace. You should at least find one core router for each ISP which you can probe on a regular basis. Then, you have to reduce the TTL of that ping to prevent reaching that destination on detours when the monitored WAN link fails.