-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 7/16/2010 11:14 AM, Drew Weaver wrote: > Also the main reason for implementing this is because we had an instance > where a interface didn't go down, but no traffic would pass through it > (routing protocols failed, etc) and we have our default routes setup as such: > > ip route 0.0.0.0 0.0.0.0 Vlan4091 x.x.25.97 > ip route 0.0.0.0 0.0.0.0 Vlan4092 x.x.25.101 > > So return traffic was still being sent down the 'dead but up/up' interface > which caused obvious heartache. > > Would using a track on each of these routes (combined with aforementioned IP > SLA probes) be a good way to prevent this from occurring in the future? > > I basically want to ensure that both the interface is up and that traffic can > pass from this router to its gateway before the route will be used. > > Sorry this is so long, hopefully it makes at least some sense. > > I thought about using BFD, but it seems like they have removed support for > BFD on VLANs in recent code.
We use a method where our edge routers inject a default-route into our OSPF process. The edge routers inject this routes based on the connectivity to the Internet-facing interfaces or to other edge routers. Example: ip access-list standard ExternalPaths permit isp1 0.0.0.3 permit isp2 0.0.0.3 permit otherEdge 0.0.0.3 permit anotherEdge 0.0.0.3 route-map AdvDefault permit 999 match ip address ExternalPaths ! router ospf 1 default-information originate route-map AdvDefault I do not know if that solution is applicable to your environment. http://blog.ioshints.info/2007/06/ospf-default-route-design-scenarios.html http://www.nil.si/ipcorner/OSPFDefaultMysteries/ - -- Devon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkxAmKEACgkQWP2WrBTHBS/7bQCeOuwkXZ2QR6zTAH+q0L2FRK2W 3YUAoLUOBUyOYFTMMOObywk+nJokd9Jn =vXFK -----END PGP SIGNATURE----- _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/