|
Home > Archive > CCNP > August 2002 > Policy based routing
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Policy based routing
|
|
| Shazee 2002-08-04, 10:59 am |
| we have got two locations,
at headoffice we have got one router with two serials connected to remote location, we want to use both the links togather using one for the mail and other for our other traffic,
on the remote location
i have configured the access lists and have made the route map and applied to the ethernet and tracert route shows it taking the right path ,,
just the prob is that how should i configure the router in the headoffice ,,it alwyas take the defualt path to reach the destination for all the packets , please can som etell me how can i configure that or if some one can give me any example will be great, | |
| Yankee 2002-08-05, 3:19 am |
| I'm afraid there isn't enough info here. Have you done the policy routing on both the core and the remote site? You have to or the return path will always be choosen from the routing table and routed normally (ie what you call your default path).
Yankee | |
| Shazee 2002-08-05, 4:35 am |
| i have done it for the remote location , and for the core, i am not sure how will it be done, on the core router defult path is given to one serioal and other is kept for the secondary,
on the core router how will we segreate the traffic as it is all to one pritiuclar destination ,, how can i say that only route www traffic thoruhg the serial to 172.17.9.0 and route 25 traffic to other ,, coz bot of them are destinated to same network | |
| Yankee 2002-08-05, 5:46 am |
| As I understand you have two seperate serial connections between the routers. If the metrics for the two serials are differnt you would only need to route map what you want to transverse the lesser (less prefered route) and let everything else route normally. This typically would be would be done in one route map with two levels. The first with a lower weight say 10 and the second with a deny statement weighted 20, so it will be routed normally.
In your "access-list" define the protocol SMTP to take the one path and if this is the lesser preferred route, the second statement can point all IP traffic to the other path either directly point to your preferred interface or if it is the favored route you can simply deny that traffic with means it will be routed normally.
Remember that the SMTP traffic is the more defined traffic and should be listed first or it will fall under the ip any any statement and be normally routed.
Hope that helps,
Yankee | |
|
| Let’s assume that the source network/addresses [Lan or whatever] that you want to apply this specific route to them are 192.168.20.0 network and the destination is any or whatever. and assume also that we will call that specific route tazbeeet-1. and let's say that the 1st gateway is serial 1 and the 2nd gateway is serial 2..
get to the #prompt and then to the global prompt--> config t
type the following:
ip access-list 101 permit ip 192.168.20.0 0.0.0.255 any eq 80
ip access-list 102 permit ip 192.168.20.0 0.0.0.255 any eq 25
now you must be on the global mode..[config t]
Router(config)# route-map tazbeeet-1 permit 10
now the prompt will change,
Router(config-route-map)# match ip address 101
Router(config-route-map)# set default interface serial1
again we will do the same for the other gateway so type exit to get back to global mode
Router(config)# route-map tazbeeet-1 permit 20
Router(config-route-map)# match ip address 102
Router(config-route-map)# set default interface serial2
now..
ctrl z, show run to see the changes, copy run start to save the changes...
is it cool man..??
yours Tamer Bayomy..
192.168.20.0 serial 1 tazbeeet-1 serial 2 ip access-list 101 permit ip 192.168.20.0 0.0.0.255 any eq 80 ip access-list 102 permit ip 192.168.20.0 0.0.0.255 any eq 25 Router(config)# route-map tazbeeet-1 permit 10 Router(config-route-map)# match ip address 101 Router(config-route-map)# set default interface serial1 Router(config)# route-map tazbeeet-1 permit 20 Router(config-route-map)# match ip address 102 Router(config-route-map)# set default interface serial2 | |
|
| forgot to tell you.. after applying the stuff below you have to remove any static route for this network.. beside you also have to apply it to the lan interface.. follow the steps:
Router(config)# interface fastether 0
now the prompt will change,
[/COLOR] Router(config-if)# ip policy route-map tazbeeet-1
ctrl z, show run to see the changes, copy run start to save the changes...
Tamer Bayomy | |
| Yankee 2002-08-06, 2:56 am |
| Don't think the statics to that network if you have any would make any difference. The problem with the answer given is that all other traffic not port 80 or 25 will be normally routed. At least that doesn't help the original question where mail goes one way and everything else the other, but at least he should be on the right track now.
Yankee | |
|
| Dear Yankee,
through the access list he can customize whatever he wants he can make it standard access list to permit a certain network to go through a certain gateway and so on..
Tamer Bayomy | |
| Shazee 2002-08-06, 5:59 am |
| thanks guys, really it was a great help, my idea is cleard with that iwill be trying it out today and let you know ,  thanks | |
| Yankee 2002-08-07, 2:25 am |
| We use policy routing this way quite a bit but have never seen it documented in this manner. One warning, it is near impossible to test without using hosts. In other words don't trace from on the router to check your config because you may not get accurate results. Do the traces from the hosts.
Yankee |
|
|
|
|