2 Replies Latest reply on Dec 10, 2012 3:05 PM by daniel.blackmon

    Netvanta 3448 - Configuring Internet Failover

    dlarryb New Member

      We are currently using a Netvana 3448 router within our office.  We purchased it to support a VPN tunnel to another one of our offices so that we can share the PRI.  When it was being setup, I asked the engineers (Adtran Certified) if it was possible to use Eth 0/1 for Internet and Eth 0/2 for Backup internet.  I also asked if there was a way to automatically switch from 1 to 2 in the event of an outage.  They said that it was possible and that they would build us a configuration that would support this feature.

       

      I have been waiting for them to complete this configuration since March.  They have provided multiple excuses and most blame Adtran for not getting back to them.  Today, they finally told me that they are not working on it and will not because it was not in the initial scope (even though I offered to pay).  Regardless,  If there is a way to do this, I would love to know.  I would also accept recommendations for a firm that could assist us in making this happen.

        • Re: Netvanta 3448 - Configuring Internet Failover
          ssmart Employee

          There is a way to do this with tracking and setting up a ping probe....

           

          set your interfaces up:

          interface eth 0/1

            description WAN

            speed 100

            half-duplex

            ip address A.A.A.A 255.255.255.0

            ip mtu 1500

            no shutdown

          !

          !

          interface eth 0/2

            description DSL/Cable

            ip address B.B.B.B 255.255.255.0

            ip mtu 1500

            no shutdown

          create a route map

          IP local policy route-map "NAME"

           

          create a ping probe:

          probe "NAME" icmp-echo

            remark ping probe

            destination A.A.A.a

            source-address A.A.A.A

            size 100

            data abcd

            period 5

            tolerance consecutive fail 3 pass 1

            no shutdown

           

          set up a track :

          track "NAME"

            remark track ping probe

            snmp trap state-change

            test if probe bristol_probe

            no shutdown

           

          set up a route map:

          route-map pingprobe permit 10

            remark forces ping probe to static route

            match ip address ping

            set ip next-hop A.A.A.A

            set interface null 0

           

          set up the ACL:

          ip access-list extended ping

            remark ACL for ping

            permit ip host A.A.A.a host A.A.A.A

           

          set up your routes:

          ip route 0.0.0.0 0.0.0.0 A.A.A.A track NAME_probe (normal router)

          ip route 0.0.0.0 0.0.0.0 B.B.B.B 10 (Fail over route)

           

           

          Of course you will have to tweak it for your own addresses and such but this will work for a fail over situation in the event that you main path goes down

          SS

          • Re: Netvanta 3448 - Configuring Internet Failover
            daniel.blackmon Employee

            I believe it is necessary to make a few changes for clarification purposes. We will assume that interface ethernet 0/1 is associated with the primary default route, and interface ethernet 0/2 is used as the backup.

             

            set your interfaces up:

            interface eth 0/1

              description WAN

              ip address <IP Address> <Netmask>

              no shutdown

            !

            !

            interface eth 0/2

              description DSL/Cable

              ip address <IP Address> <Netmask>

              no shutdown

            !

             

            create a probe and track:

            !
            probe <NAME> icmp-echo

              remark ping probe

              destination <Gateway IP address>

              source-address <eth 0/1 IP Address>

              tolerance consecutive fail 3 pass 1

              no shutdown

            !

            !

            track <NAME>

              remark track ping probe

              test if probe <Probe NAME>

              no shutdown

            !

             

            create an ACL, route map, and local policy:

            !

            ip access-list extended <NAME>

              remark ACL for ping

              permit ip host <eth 0/1 IP address> host <primary gateway IP address>

            !

            route-map <NAME> permit 10

              remark forces ping probe to static route

              match ip address <ACL NAME>

              set ip next-hop <primary gateway IP address>

              set interface null 0

            !

            ip local policy route-map <route-map NAME>

            !

             

            set up your routes:

            !

            ip route 0.0.0.0 0.0.0.0 <primary gateway IP address> track <Track NAME> (primary default route)

            ip route 0.0.0.0 0.0.0.0 <backup gateway IP address> 10 (backup default route)

            !

             

            A few areas of importance:

            1. <NAME> is an arbitrary place holder for a user defined parameter. It is important, however, to keep track of these names as they are referenced by various other configuration aspects.
            2. The backup default route has a higher administrative distance than the primary default route. In this example, the primary route has an administrative distance of 0, and the backup route has an administrative distance of 10.
            3. It may be necessary to make changes to the firewall. These changes are:
              1. a new public policy for the backup interface, and
              2. an added source NAT in the LAN facing policy class.
            4. The main functionality being implemented is Network Monitoring. Further information can be found in the following guide. Configuring Network Monitor in AOS