Network Topology
Topo:
Problem Description
The network has 4 external network providers (ISP1----ISP4), which are connected through OSPF, two of which are connected to router1 and two to router2. Each ISP has nqa track to check the network connectivity. If there is a problem with the currently used ISP1 and the network fails, it is necessary to switch the OSPF policy to automatically publish the network segment to another ISP. But before that, there needs to be a judgment condition to ensure that the second ISP channel is normal. If the second ISP channel does not work, then go to judge the third ISP, and so on, to ensure that there is no problem. ISP channel, and select the correct isp channel as soon as possible.
Process Analysis
We can use nqa to detect the connectivity of the ISP link, and cooperate with the track function for linkage. When the track is positive, use rtm-cli to execute related commands.
Solution
The following is the design idea:
#
track 1 nqa entry test 1 reaction 1
#
track 2 nqa entry test 2 reaction 1
#
track 101 list boolean and
object 1
object 1000 not
#
track 201 list boolean and
object 1 not
object 2
object 1000 not
#
track 202 list boolean and
#
track 1000 list boolean and
object 1 not
object 2 not
#
ospf 1
area 0.0.0.0
network 192.168.1.0 0.0.0.255
#
ospf 2
area 0.0.0.0
network 172.16.1.0 0.0.0.255
network 192.168.2.0 0.0.0.255
#
nqa entry test 1
type icmp-echo
destination ip 8.8.8.8
frequency 10
history-record enable
history-record number 10
next-hop ip 192.168.1.2
probe count 5
probe timeout 1500
reaction 1 checked-element probe-fail threshold-type consecutive 10 action-type trigger-only
source ip 1.1.1.1
#
nqa entry test 2
type icmp-echo
destination ip 8.8.8.8
frequency 10
history-record enable
history-record number 10
next-hop ip 192.168.2.2
probe count 5
probe timeout 1500
reaction 1 checked-element probe-fail threshold-type consecutive 10 action-type trigger-only
source ip 1.1.1.1
#
nqa schedule test 1 start-time now lifetime forever
nqa schedule test 2 start-time now lifetime forever
#
interface LoopBack0
shutdown
ip address 3.3.3.3 255.255.255.255
#
interface LoopBack1
ip address 1.1.1.1 255.255.255.255
#
interface LoopBack100
ip address 172.16.1.253 255.255.255.0
#
interface GigabitEthernet0/0
port link-mode route
combo enable copper
ip address 192.168.5.1 255.255.255.0
#
interface GigabitEthernet0/1
port link-mode route
combo enable copper
shutdown
ip address 192.168.1.1 255.255.255.0
#
interface GigabitEthernet0/2
port link-mode route
combo enable copper
shutdown
ip address 192.168.2.1 255.255.255.0
#
rtm cli-policy 101
event track 101 state positive
action 0 cli sys
action 1 cli ospf 2
action 2 cli area 0
action 3 cli undo network 172.16.1.0 0.0.0.255
action 4 cli ospf 1
action 5 cli area 0
action 6 cli network 172.16.1.0 0.0.0.255
user-role network-admin
#
rtm cli-policy 201
event track 201 state positive
action 0 cli sys
action 1 cli ospf 1
action 2 cli area 0
action 3 cli undo network 172.16.1.0 0.0.0.255
action 4 cli ospf 2
action 5 cli area 0
action 6 cli network 172.16.1.0 0.0.0.255
user-role network-admin
#
rtm cli-policy 1000
event track 1000 state positive
action 0 cli sys
action 1 cli int loop 0
action 2 cli shutdown
user-role network-admin
#
track 3 nqa entry test 3 reaction 1
#
track 4 nqa entry test 4 reaction 1
#
track 301 list boolean and
object 3
object 1000 not
#
track 401 list boolean and
object 3 not
object 4
object 1000 not
#
track 1000 nqa entry test 1000 reaction 1
#
ospf 3
area 0.0.0.0
network 172.16.1.0 0.0.0.255
network 192.168.3.0 0.0.0.255
#
ospf 4
area 0.0.0.0
network 192.168.4.0 0.0.0.255
#
nqa entry test 1000
type icmp-echo
destination ip 3.3.3.3
frequency 10000
history-record enable
history-record number 10
next-hop ip 192.168.5.1
probe count 5
probe timeout 1500
reaction 1 checked-element probe-fail threshold-type consecutive 10 action-type trigger-only
source ip 4.4.4.4
#
nqa entry test 3
type icmp-echo
destination ip 8.8.8.8
frequency 10000
history-record enable
history-record number 10
next-hop ip 192.168.3.2
probe count 5
probe timeout 1500
reaction 1 checked-element probe-fail threshold-type consecutive 10 action-type trigger-only
source ip 2.2.2.2
#
nqa entry test 4
type icmp-echo
destination ip 8.8.8.8
frequency 10000
history-record enable
history-record number 10
next-hop ip 192.168.4.2
probe count 5
probe timeout 1500
reaction 1 checked-element probe-fail threshold-type consecutive 10 action-type trigger-only
source ip 2.2.2.2
#
nqa schedule test 1000 start-time now lifetime forever
nqa schedule test 3 start-time now lifetime forever
nqa schedule test 4 start-time now lifetime forever
#
interface LoopBack0
ip address 4.4.4.4 255.255.255.255
#
interface LoopBack1
ip address 2.2.2.2 255.255.255.255
#
interface LoopBack100
ip address 172.16.1.252 255.255.255.0
#
interface GigabitEthernet0/0
port link-mode route
combo enable copper
ip address 192.168.5.2 255.255.255.0
#
interface GigabitEthernet0/1
port link-mode route
combo enable copper
ip address 192.168.3.1 255.255.255.0
#
interface GigabitEthernet0/2
port link-mode route
combo enable copper
ip address 192.168.4.1 255.255.255.0
#
ip route-static 3.3.3.3 32 192.168.5.1
ip route-static 8.8.8.8 32 192.168.3.2 preference 55
ip route-static 8.8.8.8 32 192.168.4.2
#
rtm cli-policy 301
event track 301 state positive
action 0 cli sys
action 1 cli ospf 4
action 2 cli area 0
action 3 cli undo network 172.16.1.0 0.0.0.255
action 4 cli ospf 3
action 5 cli area 0
action 6 cli network 172.16.1.0 0.0.0.255
user-role network-admin
#
rtm cli-policy 401
event track 401 state positive
action 0 cli sys
action 1 cli ospf 3
action 2 cli area 0
action 3 cli undo network 172.16.1.0 0.0.0.255
action 4 cli ospf 4
action 5 cli area 0
action 6 cli network 172.16.1.0 0.0.0.255
user-role network-admin
#