The scenario goes like this. You are working at your office (R1) and need to change the IP address and default route on the remote device (R2). The issue a factor of two things. The first is the fact that R2 is connected to your network with only one link. The other issue is R2 cannot use any dynamic routing protocols so you are stuck with a default route that is pointing at the next hop. If you are to change either of these facts you lose connectivity to R2. While there are other solutions to making this change, I am going to take the concept of floating static routes and an IP SLA to change both the IP address and the default route.
Lets start out with the configuration of our current network. The details behind the Company Network are arbitrary in this case as we can safely assume full routing is in place. The key aspects are the links between R4 and R2 as well as the default route on R2.
R4 Link to R2
interface Ethernet0/1 ip address 192.168.0.1 255.255.255.0
R2 Configuration
interface Ethernet0/0 ip address 10.0.0.10 255.255.255.0 ! ip route 0.0.0.0 0.0.0.0 10.0.0.1
The first thing I am going to do in this scenario is to create a loopback interface on R1 with an arbitrary IP address (unique to the environment) that I can advertise into our routing domain. The routing protocol of choice is irrelevant in this case to which I will not post the advertisements configuration. The point of using the loopback is two-fold. The first, it is going to be the target point of the IP SLA. The second is placing that target on a device that is accessible to anyone else in the case someone may need to take over. Or heaven forbid your laptop dies. You could just as easy track the IP SLA against any other address, however the purpose is for it to be controllable in the sense that we can remove it’s reachability easily.
R1 Loopback configuration
interface Loopback100 ip address 100.100.100.100 255.255.255.255
At this point the best bet is to ping this loopback from R2 to verify you can indeed reach it. Again, I have advertised this address into our routing protocol, whichever you choose for the IGP is fine.
From here we need to create our IP SLA in which we will track our new default route which will also be a floating route. Our goal is to have the new default route in place for when we change the IP address on the interface. Tracking the old default route will allow us to remove it when it no longer has reachability to our newly created loopback address.
R2 IP SLA Configuration
ip sla 1 icmp-echo 100.100.100.100 frequency 5 ip sla schedule 1 life forever start-time now
After our IP SLA has been configured and scheduled to run it is a good idea to make sure it is working as we desire. At this point I will issue show ip sla statistics. Here we can see the IP SLA is returning a successful “OK” code.
R2 IP SLA Verification
IPSLAs Latest Operation Statistics IPSLA operation id: 1 Latest RTT: 2 milliseconds Latest operation start time: 21:03:29 UTC Mon Mar 16 2015 Latest operation return code: OK Number of successes: 7 Number of failures: 0 Operation time to live: Forever
Our next step is to create a track object. The track object is the item we will track the old default route against. When the track fails, it will ultimately leave the new floating static route to be entered into the routing table. We will then verify the track objects success code.
R2 Track Object and verification
track 1 ip sla 1 reachability R2#show track 1 Track 1 IP SLA 1 reachability Reachability is Up 1 change, last change 00:00:19 Latest operation return code: OK Latest RTT (millisecs) 2
At this point we can create our new default route pointing at what will be the next hop of the new Interface IP address. In this case I am going to move the IP address from 10.0.0.0/24 to 42.0.0.0/24 with the first address being the interface on R4. Remember, for it to be a floating static route we need to make sure the metric is higher than the old default route and we will use 5 in this instance.
R2 New Default Route
ip route 0.0.0.0 0.0.0.0 42.0.0.1 5
Now I am going to add a default route mirroring the original but adding the tracked object to remove the route once the IP SLA fails. I will also remove the original default route without the object tracking.
R2 Modified Original Default Route
ip route 0.0.0.0 0.0.0.0 10.0.0.1 track 1 no ip route 0.0.0.0 0.0.0.0 10.0.0.1
[warning]Be sure not to type no ip route 0.0.0.0 0.0.0.0 without any other arguments. It will remove all default routes in some parsers leaving you dead in the water.[/warning]
By issuing the show ip route command we can determine if we are still using the correct tracked route.
R2 Show IP Route
Gateway of last resort is 10.0.0.1 to network 0.0.0.0 S* 0.0.0.0/0 [1/0] via 10.0.0.1
We are now ready to do the scary part. We are going to change the IP address of the single interface connecting R2 to the rest of the network. If we have down our job right, the default route pointing to 10.0.0.1 will fail its tracking and be withdrawn from the routing table. This is due to the mismatched IP addresses on the link between R2 and R4. This is preventing reachability to 100.100.100.100. In turn, the route with the higher metric of 5 pointing at 42.0.0.1 is installed in the routing table. At this point we will eliminate our IP SLA target residing on the loopback to prevent that route from coming back. At that point we can change R4’s interface towards R2 to reflect the correct IP address and repair connectivity. From there we can play cleanup and remove the unnecessary routes.
R2 Change IP Address
interface Ethernet 0/0 ip address 42.0.0.10 255.255.255.0
R1 Confirm R2 is unreachable
R1#ping 10.0.0.10 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.0.0.10, timeout is 2 seconds: ..... Success rate is 0 percent (0/5)
R1 Shutdown Loopback Interface for IP SLA
interface loopback 100 shutdown
R4 Change Interface IP between R4 and R2
interface ethernet 0/0 ip address 42.0.0.1 255.255.255.0
[warning]Don’t forget to advertise the new IP address of R4 into your routing protocol[/warning]
R1 Verify Reachability to R2’s new address
R1#ping 42.0.0.10 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 42.0.0.10, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 5/5/5 ms
R2 Verify Track and SLA failed and new default route in RIB
R2#show ip sla stati IPSLAs Latest Operation Statistics IPSLA operation id: 1 Latest RTT: NoConnection/Busy/Timeout Latest operation start time: 21:27:04 UTC Mon Mar 16 2015 Latest operation return code: Timeout Number of successes: 226 Number of failures: 42 Operation time to live: Forever R2#show track 1 Track 1 IP SLA 1 reachability Reachability is Down 2 changes, last change 00:05:16 Latest operation return code: Timeout Tracked by: Static IP Routing 0 R2#show ip route Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP a - application route + - replicated route, % - next hop override Gateway of last resort is 42.0.0.1 to network 0.0.0.0 S* 0.0.0.0/0 [5/0] via 42.0.0.1
At this point we can remove the Loopback interface from R1, and the old default routes from R2 as well as fix the new routes metric.
R1 Remove Loopback
no interface loopback 100
R2 Remove Old Routes and fix new route.
no ip route 0.0.0.0 0.0.0.0 10.0.0.1 track 1 ip route 0.0.0.0 0.0.0.0 42.0.0.1 1