Static Route Removal

Showing results for 
Search instead for 
Did you mean: 

Static Route Removal

L3 Networker

Default route via ISP-A (primary) has not yet recovered, even though the monitored IP address (DNS server of ISP-A) is already rechable via the interface connected to ISP-A router. (tested via ping source x.x.x.x host y.y.y.y)


I have seen the logs from previous months that the firewall has detected path failure and was able to recover. So I assume the setup is correct?

Any other troubleshooting that I can do? Or any other things to double check on my setup?


L3 Networker

Update on this.

Current routing table is still via ISP-B.
Upon using traceroute source x.x.x.x host y.y.y.y, I saw that the DNS Server of ISP-A is being reached via ISP-B.

Do I need to put a specific static route pointing to DNS Server of ISP-A via ISP-A gateway?

Do you have separate interfaces connected to ISP-A and B?

How are your static routes configured? Sounds like path monitoring. What are you using for source interfaces on each route?

What is the metric configuration on each route?

if you are monitoring ISP A , then yes, the route for the tracking of that DNS(A) would have to be forced through ISP A only using the static routes.




You can also specify the interface. Hopefully each ISP has their own?



Hi All,


Here's my setup.

ISPA (eth1/1) and LAN interfaces on one VR1

ISPB (eth1/2) on another VR2


VR1 Routes:

-Default route  (defaul admin distance, metric 10) w/ path monitoring (Monitored IP - DNS of ISP-A, source eth1/1, other settings default)

-Backup default route to next VR (default admin distance, metric 20)

-Specific /32 route of DNS of ISP-A to force it via ISP-A Gateway.

-Tunnel Routes

VR2 Routes:
-Defaul route pointing to ISPB gateway

-Return routes to LAN segments (via next VR1)

I just added the specific /32 route going to DNS os ISP-A via the ISP-A Gateway.

ping source eth1/1 (ISP-A port) host DNS of ISPA, fails now. 


Stand-alone test worked fine.
Can reach the internet and the DNS of ISPA (monitored IP in path monitoring of default route)


So I guess the problem is on the PA? Anything that I need to double check?
Checking from previous logs, firewall was able to detect path failure and was also able to recover.


Do you have any dynamic routing between the VR's? Perhaps that is how it learned the routes? But sounds like you have it solved with the static /32 routes. I also use them to be super specific on certain destinations for monitring and dynamic routing.



Hi @OtakarKlier,


No Dynamic Routes between VR's.

Adding the specific /32 static route did not resolve the problem.


Path Monitoring status is stil down.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!