How to configure a backup for a Cisco Router

There are multiple backup technologies for Cisco routers. Here we will introduce the router's own backup technology and line backup technology.

Generally, a router is a bridge between a LAN and a wan.

The so-called router's own backup technology is designed to solve a router's own hardware (such as memory, CPU) or software IOS fault or local port fault, network breakdown caused by the failure of the port or line of the connected local area device.

The router backup requires at least one router with the same functions as the active primary router. When the active router is paralyzed, it replaces the primary router in some way to provide routing services for LAN users.

For LAN computers, how to find a backup router when the master router is paralyzed is as follows:

· Proxy ARP
· IRDP
· Dynamic Routing
· HSRP
　　
· Proxy ARP
Computers that support Proxy ARP send ARP broadcasts to find the MAC address corresponding to the destination address, whether they communicate with computers in different network segments or in this network segment, the router that knows the destination address will respond to the ARP request and broadcast its MAC address to the source computer. Then, the source computer will send the IP packet to the router, the router finally sends the data packet to the destination.

When the master router crashes and the computer communicates again, it will continue to send the Proxy ARP broadcast, back up the router to respond to the request and transmit data.
　　
Disadvantages:
If the main router is paralyzed when data is being transmitted, the computer that is communicating before sending another Proxy ARP request. it is impossible to know that the master router is paralyzed and will continue to send packets to the router, resulting in transmission interruption, the computer that is in communication can find the backup router for transmission only after another Proxy ARP request is sent or restarted.
Cisco routers support Proxy ARP
　　
· IRDP
Computers that support IRDP in the LAN will listen to the Multi-Point broadcast information packet "Hello" sent by the master router. If the computer no longer receives the "Hello" message, it uses the backup router for data transmission.
　　
· Dynamic Routing
Some computers support dynamic RIP routing to find routers. The disadvantage of this method is that the conversion between the primary router and the backup router is slow.

The above three methods are mainly used on the computer side. The Cisco router provides the HSRP technology, which does not require any computer settings, the switching between the primary router and the backup router is transparent, and the switching speed between them is fast.
　　
A group of routers that use HSRP for backup share a virtual MAC address and virtual IP address. Each local port that participates in HSRP has a local IP address and MAC address, each vro has a weight value, and the highest weight is used as the master router. Others do not work. When the master router is paralyzed, The vro with the highest weight will act as the master router, and so on. Vrouters regularly exchange weights to determine the working status of the vro. If the primary Router does not send this information packet for a period of time, other backup routers will think that the router is broken, and the backup router with a high weight will take over the virtual MAC address and IP address, responsible for data transmission. Once the primary router returns to normal, it will automatically switch back and take over data transmission again. Then, the backup router stops transmission and is in the backup state. In addition, HSRP allows the router to monitor the working status of some ports. Once the port fails, it also performs automatic failover.
　　
In short, for LAN computers, there is only one gateway, that is, a virtual IP address. All the backup work is automatically completed by the router.
HSRP is applicable to the situations where the routes of the primary router and the backup router are exactly the same.
Using the HSRP function, we recommend that you use dynamic routing protocols with fast convergence speed, such as OSPF and VPN.
　　
Basic HSRP configuration steps:
1. Under port configuration, set the port IP address,
Ip address port IP address Subnet Mask

2. Enable the HSRP function under port configuration and set the virtual IP Address
Standby group number IP virtual IP Address
Only routers with the same group number belong to the same hsrp group, and the virtual addresses of all routers belonging to the same hsrp group must be consistent.

3. Set HSRP preemption in the port setting status
Standby group number preempt
This setting allows other routers in the hsrp group to be the primary router. This option should be set for all routers so that each router can become a backup router for other routers. If this option is not set, the weight of the vro。 is higher than that of the primary router.

4. Set the hsrp weight of the vro
Standby group number priority weight
If this item is not set, the default weight is 100, and the weight number is large, the priority of preemptible master router is higher.

5. Set the hsrp group router authentication string
Standby group number authentication string
　　
This option is optional. If this option is set, all vrouters In the hsrp group must perform this option, and only vrouters in the group with the same string can perform hsrp.
6. Set the hsrp switching time
Standby group number time parameter 1 time parameter 2
　　
The Time Parameter 1 indicates how long the router exchanges the hello message at each interval to indicate whether the router is faulty or working properly. The Time Parameter 2 indicates the time in which other routers in the same group did not receive the information of the primary router, and the primary router is declared paralyzed. The default values are 3 seconds and 10 seconds respectively. If you want to change the default value, all the vrouters In the hsrp group must have the same settings.
　　
7. Port tracking settings
Standby group number track port number
This option is optional.
This setting indicates that if the monitored port fails, the router is also switched. Multiple external ports can be tracked.
　　
NOTE: If multiple lines are tracked on the primary router, when one line fails, it will switch to the backup router, even if everything else works normally, the route can only be resold after the primary router works normally. This setting can be fully implemented by the line backup function in practical applications. In most cases, this setting does not make much sense.

In addition, hsrp has many other settings and applications. For more information, see the Cisco site or Cisco Document or contact the Technical Support Center.
　　
　　
★Instance:
Vro backup between 2511-1 and 2511-2
　　
2511-1 Configuration
2511-1 # sho run
Building configuration...
　　
Current role atoin:
!
Version 11.3:
No service password-encryption
!
Hostname 251l-l
!
Enable password cisco
!
User name 2505 password 0 cisco

[1] [2] [3] [4] [5] [6] Next page

Article entry: csh responsible editor: csh

No ip domain-lookup
!
Interface Ethernet0
Ip address 192.4.1.99 255.255.255.0
No ip redirects
Standby 1 timers 5 15
Standby 1 priority 110
Standby 1 preempt
Standby 1 authentication cisco
Standby 1 ip 192.4.1.1
Standby 1 track Serial0
Standby 1 track Seriall
!
Interface serial0
Ip address l92.3.1.1 255.255.255.0
Encapsulation frame-relay IETF
Ip ospf message-digest-key 1 md5 kim
No ip mroute-cache
Bandwidx 2000
Frame-relay map ip 192.3.1.2 100 broadcast
Frame-relay lm-type cisco
!
Interface Serial1
Ip address 192.7.l.l 255.255.2550
Encapesulation ppp
Ip ospf message-digest-key 1 md5 kim
Ip ospf network non-broadcast
Bandwidth 64
Ppp authentication chap
!
Router ospf 1
Passive-interface Ethernet0
Network 192.3.1.0 0.0.0.255 area 0
Network 192.4.l.0 0.0.0.255 area 0
Network 192.7.l.0 0.0.0.255 area 0
Neighbor 192.7.1.2 priority 1
Neighbor 192.3.1.2 priority 1
Area 0 authentication message-digest
!
No ip classless
!
Line con 0
Line 1 8
Line aux 0
Line vty 0 4
Password cisco
Login
!
End
　　
2511-2 Configuration
2511-2 # sho run
Building configuration...
Current configuration:
!
Version 11.3:
No servicc password-encryption
!
Host Name 2511-2
Enable secret 5 $1 $ 7o5F $ MSyFWzVf6JBgnjLJghHSB.
!
!
Interface Ethernet0
Ip address 192.4.1.lOO 255.255.255.0
No ip redirects
Standby 1 timers 5 15
Standby 1 priority 100
Staidby 1 preempt
Standby 1 authentication cisco
Sandby 1 ip address 192.4.1.1
!
Interface Serial0
Ip address 192.8.1.2 255.255.255.0
Encapsulation x25
Ip ospf missage-digest-key 2 md5 cisco
No ip mroute-cache
X25 IP address 5678
X25 htc 16
X25 nvc 4
X25 map ip 192.8.l.1 1234 broadcast
!
Interface Serial1
No ip address
No ip mroute-cachc
Bandwidx 2000
Clockrate 2000000
!
Router ospt 1
Passive-interface Ethernet0
Network 192.8.1.0 0.0.0.255 area 0
Network 192.4.1.0 0.0.0.255 area 0
Neighbor 192.8.1.1 priority 1
Area 0 authentication message-digest
!
Ip classless
!
Line con 0
Line 1 8
Line aux 0
Line vty 0 4
Login
!
End
　　
2514 Configuration
2514 # sho run
Building configuration...
!
Current configuration:
!
Version 11.2:
No service udp-small-servers
No service tcp-small-servers
!
Hostname 2514
!
Enable secret 5 $1 $ uoHU $ Vks/1YCRi33z4TXs4qekI0
!
Frame-relay switching
!
Interface Ethernet0
No ip address
!
Interface Ethernet1
No ip address

Previous Page [1] [2] [3] [4] [5] [6] Next page

Article entry: csh responsible editor: csh

Shutdown
!
Interfacc Serial0
Ip address 192.3.1.2 255.255.255.0
Encapsulation frame-relay IETF
Ip ospf message-digest-key 1 md5 kim
Bandwidx 2000
Clockrate 2000000
Frame-relay map ip 192.3.1.1 100 broadcast
Frame-relay intf-type dce
!
Interface Serial1
Ip address 192.8.1.1 255.255.255.0
No ip mroute-cache
Enthpsulation x25 dce
Ip ospf message-digest-key 2 md5 cisco
Bandwidth 64
X25 IP address 1234
X25 htc 16
X25 nvc 4
X25 map ip 192.8.1.2 5678 broadcast
Clockrate 64000
!
Router ospf 1
Passive-interface Ethernet0
Network 192.3.1.0 0.0.0.255 area 0
Network 192.8.1.O 0.0.0.255 area 0
Neighbor 192.8.l.2 priority 1
Neighbor 192.3.1.1 priority 1
Area 0 authentication message-digest
!
No ip classless
!
Line con 0
Line aux 0
Line vty 0 4
Login
!
End
　　
2505 Configuration
Building infrastructure aiion...
Current configuration :!
Version 11.2:
No service udp-small-servers
No service tcp-small-servers
!
Hostname 2505
!
Enable secret 5 $1 $ b43o $ CpEYSTc2EPwnRlQGDvIm //
!
User name 2511-1 password 7 1511021F0725
!
Hub ether 0 1
Link-test
Auto-polarity
!
Hub ether O 2
Link-test
Auto-polarity
!
Hub ether 0 3
Link-test
Auto-polarity
!
Hub ether 0 4
Link-test
Auto-polarity
!
Hub ether 0 5
Link-test
Auto-polarity
!
Hub ether 0 6
Link-test
Auto-polarity
!
Hub ether 0 7
Link-test
Auto-polarity
!
Hub ether 0 8
Link-test
Auto-polarity
!
Interface Ethernet0
Ip address 192.1.4.1 255.255.255.0
!
Interfacc Serial0
Ip address 192. l.2.1 255.255.255.0
Ip ospf message-digest-key 1 md5 cisco
Ip ospf network non-broadcast
Bandwidx 2000
Clockrate 2000000
!
Interface Serial1
Ip address 192.7.1.2 255.255.255.0
Encapsulation ppp
Ip ospf message-digdest-key 1 md5 kim
Ip ospf network non-broadcast
Bandwidth 64
Clockrate 64000
Ppp authentication chap
!
Router ospf 1
Passive-interface Ethernet0
Network 192. l.2.0 0.0.0.255 area 2
Network 192. l.4.O 0.0.0.255 area 2
Network 192.7.1.0 0.0.0.255 area 0
Neighbor 192.7.l.1 priority 1
Neighbor 192.1.2.2 priority 1
Area 0 authentication message-digest
Area 2 authentication message-digest
Area 2 range 192.1.0.0 255.255.0.0
!
No ip classless
Ip ospf name-lookup
!
Line con 0
Line aux 0
Iine vty 0 4
Login
!
In fact, the most unreliable factor in end line backup over WAN connections is in most cases on lines, ports, and external devices. Line backup is more important.

There are several main methods for line backup:
· Automatic Backup Using Dynamic Routing
· Use the display backup (backup) method to enter the backup

Previous Page [1] [2] [3] [4] [5] [6] Next page

Article entry: csh responsible editor: csh

· Use floating Static Routing for backup
　　
Method 1 involves multiple redundant lines in the network, and the router learns how all lines work through dynamic routing. based on the routing algorithm, select the optimal route as the primary route. Once a primary route fails, the router will automatically delete the path through the route after a period of time, re-calculate the optimal path, and re-select an optimal path through a redundant line. All these processes are automatically completed by the dynamic routing protocol without any additional settings.
　　
Method 2 display backup methods

This method indicates which trunk line and which one is a backup line. If the main line fails, the backup line will work in place of the main line within the specified time. If the primary route returns to normal, after the specified time, the system automatically switches back to the primary route to back up the line again.

After the backup is set to display, the vro monitors the CD signal. Once the CD signal disappears, the vro considers the line to be faulty. If the CD signal always exists, the router considers the main route to work normally.

This backup method is applicable when the ddnleased line is used as the main line. Because for the ddnleased line, if the line is broken, the CD signal of the routers on both sides will disappear, and this method does not apply to the X.25 line, because when the X.25 line fails, in most cases, virtual circuits cannot be built, while CD signals often exist. In addition, if one end of the X.25 line fails, and the other end of the X.25 line is often normal, so if the normal end of the router has data transmitted to the abnormal end, the router considers the X.25 line to work normally. Therefore, there is no backup line at all.
　　
Steps for displaying backup Method Configuration
　　
1. Correctly configure trunk lines for normal communication
2. Correctly configure the backup line for normal communication
3. In the port connected by the main trunk line, it is shown which line is the backup line.
Backup interface backup line port number
4. Specify how long the backup line will be enabled after the main line fails and how long it will take to switch back to the main line after the main line recovers to normal. Backup line recovery to backup status
Backup delay Time Parameter 1 (seconds) Time Parameter 2 (seconds)
Time Parameter 1 specifies the time after which the backup line is enabled when the main line fails. Time Parameter 2 specifies the time after the main line recovers to the normal state, switch back to the main line, and restore the backup line to the backup state.
　　
You can configure a route for a backup line in any way, but the bandwidth of the backup line is generally lower than that of the primary route, and there will be additional costs for dynamic routing. Therefore, Static Routing is generally used on the backup line.

In Global Setting Mode
Ip route subnet address subnet mask adjacent router port address
In principle, the backup line can be any line. However, generally, a line with relatively low bandwidth and low costs is used as a backup line.
Generally, X.25 or PSTN can be used for DDN line backup.
The following example uses the Cisco2501 AUX port to simulate the dial-up backup of the ddnleased line.
　　
Instance:
　　
Configuration of Cisco 2501-above
Current configuration:
!
Version 11.2:
No service udp-small-servers
No service tcp-small-servers
!
Hostname above
!
Current configuration:
!
Version 11.2:
No service udp-small-servers
No service tcp-small-servers
!
Hostname above
!
Enable secret 5 $1 $ O1aq $ Kxgp1A0Eulqug8SbCm6rdl
Enable password cisco
!
Username down password 7 095C5E19
Chat-script lab abort error abort busy abort "no answer" at h "OK" ATDT \ T"
TIMEOUT 60 CONNECT \ c
!
Interface Ethernet0
Ip address 192.192.193.1 255.255.255.0
! Interface Serial0
Ip address 192.192.192.1 255.255.255.0
Bandwidth 64
Clockrate 64000
!
Interface Serial1
No ip address
Shutdown
!
Interface Async1
Ip address 166.71.70.1 255.255.255.0
Encapsulation ppp
Async dynamic address
Async dynamic routing
Async mode dedicated
Dialer in-band
Dialer map ip 167.71.70.2 name down moden-script lab broadcast 3631
Dialer-group 1
No cdp enable
Ppp authentication chap
!
Router rip
Network l92.192.192.0
Nctwork 192.192.193.0
!
No ip classless
Ip route 0.0.0.0 0.0.0.0 166.71.70.2
Ip routc 192.192.191.0 255.255.255.0 166.71.70.2
Dialer-list 1 protocol ip permit
!
Line con 0
Line aux 0
Modem InOut
Modem autoconfigure discovery
Stopbits 1
Rxspeed 38400
Txspeed 38400
Flowcontrol hardware
Line vty 0 4
No login
!
End
! Cisco 2501 named down configuration
Cisco 2501-down configuration
Current configuration:

Previous Page [1] [2] [3] [4] [5] [6] Next page

Article entry: csh responsible editor: csh

!
Version 11.2:
No service udp-small-servers
No servicc tcp-small-servers
!
Hostname down
!
Enable secret 5 $1 $ m8S4 $ lnrkhnJDtCVtSvTpXO8v/0
Enable password cisco
!
Username above password 7 095C5E19
Chat-script lab abort error abort busy abort "no answer" at h "OK" ATDT \ T "TIMEOUT 60 CONNECT \ C
!
Interface Ethernet 0
Ip address 192.192.191.1 255.255.255.0
!
Interface Serial0
Backup delay 10 10
Backup interface Async1
Ip address 192.192.192.3 255.255.255.0
! Interface Seriall
No ip address
Shutdown
!
Interface Async1
Ip address 166.71.70.2 255.255.255.0
Encapsulation ppp
Async dynamic address
Async dynamic routing
Async mode dedicated
Dialer in-band
Dialer map ip 166.71.70.1 name above modem-script lab broadcast 3621
Dialer-group 1
No cdp enable
Ppp authentication chap
!
Router rip
Net work 192.192.192.0
Net work 192.192.191.0
!
No ip classless
Ip route 0.0.0.0 0.0.0.0 166.71.70.1
Ip route 192.192.193.0 255.255.255.0 166.71.70.1
Dialer-list 1 protocol ip permit
!
Line con 0
Line aux 0
Modem InOut
Modem autoconfigure discovery
Stopbits 1
Rxspeed 38400
Txspeed 38400
Flowcontrol hardware
Line vty 0 4
No login
! Method 3: A floating static route is used for backup. By default, Cisco routers select static routes, dynamic routes, and default routes, which are determined by the weights of various routes.

You can manually change the weight of a static route so that it can become a floating static route after a dynamic route. If no route exists in the dynamic routing table, the floating static route can be selected to transmit data. Generally, the X.25 line uses floating static routes for dial-up backup, which is particularly suitable. However, floating Static Routing can be used to back up any other line.
　　
Note: If a floating static route is used as the backup line of the X.25 line, the X.25 line must start a dynamic route; otherwise, bidirectional backup cannot be implemented.

Steps for configuring floating static routes:
1. Correctly configure the main route to ensure normal communication
2. configure a dynamic route for the main route
3. Correctly configure the backup line to ensure normal communication
4. configure a floating static route through the backup line
Ip route subnet address subnet mask adjacent router adjacent port address weight
The higher the weight value, the lower the route priority. The weight range is between 1 and.
　　
　　
Instance:
　　
COSCO 2501-abve Configuration
Current confignration:
!
Version 11.2:
No service udp-small-servers
No service tcp-small-servers
!
Hostname above
!
Enable secret 5 $1 $ O1aq $ KxgpIA0Eulqug8SbCm6rd1
Enable password cisco
!
Username down password 7 095C5E19
Chat-scrip lab abort error abort busy abort "no answer" at h "OK" ATDT \ T "TIMEOUT 60 CONNECT \ c
!
Interface Ethernet0
Ip address 192.192.193.1 255.255.255.0
!
Interface Serial0
Iu address 192.192.192.1 255.255.255.0
Bandwidth 64
Clockrate 64000
!
Interface Scrial1
No ip address
Shutdown
Interface Asyncl
Ip address 166.71.70.1 255.255.255.0
Encapsulation ppp
Async dynamic address
Async dynamic routing
Async mode dedicated
Dialer in-band
Dialer ip 166.71.70.2 name down modem-script lab broadcast 3631
Dialer-group 1
No cdp enable
Ppp authentication chap

Previous Page [1] [2] [3] [4] [5] [6] Next page

Article entry: csh responsible editor: csh

!
Router rip
Network 192.192.192.0
Network 192.192.193.0
!
No ip classless
Ip route 0.0.0.0 0.0.0.0 166.71.70.2 150
Ip route 192.192.191.0 255.255.255.0 166.71.70.2 150
Dialer-list 1 protocol ip permit
!
Line con 0
Line aux 0
Modem InOut
Modem autoconfigure discovery
Stopbits 1
Rxspeed 38400
Txspeed 38400
Flowcontrol hardware
Line vty 0 4
No login
!
End
Cisco 2501-down configuration
　　
Current configuration:
!
Version 11.2:
No service udp-small-servers
No service tep-small-servers
!
Hostname down
!
Enable secret 5 $1 $ m8S4 $ InrkhnJDtCVtSvTpXO8v/0
Enable password cisco
!
Username above password 7 095C5E19
Chat-script lab abort error abort busy abort "no answer" at h "OK" ATDT \ T "TIMEOUT 60 CONNECT \ c
!
Interface Ethernet0
Ip address 192.192.191.1 255.255.255.0
!
Interface Serial0
Ip address 192.192.192.3 255.255.255.0
　　
!
Interface Serial1
No ip address
Shutdown
!
Interface Asyncl
Ip address 166.71.70.2 255.255.255.0
Encapsulation ppp
Async dynamic address
Async dynamic routing
Async mode dedicated
Dialer in-band
Dialer map ip 166.71.70.1 name above modem-script lab broadcast 3621
Dialer-group 1
No cdp enable
Ppp authentication chap
!
Router rip
Network 192.192.192.0
Network 192.192.191.0
!
No ip classless
Ip route 0.0.0.0 0.0.0.0 166.71.70.1 150
Ip route 192.192.193.0 255.255.255.0 166.71.70.1 150
Dialer-list 1 protocol ip permit
!
Line con 0
Line aux 0
Modem InOut
Modem autoconfigure discovery
Stopbits 1
Rxspeed 38400
Txspeed 38400
Flowcontrol hardware
Line vty 0 4
No login
　　

Previous Page [1] [2] [3] [4] [5] [6]

Article entry: csh responsible editor: csh