Challenge on complex Policy Based Routing

Unanswered Question
Apr 25th, 2007
User Badges:

Please help me on this?.

I need to forward traffic to two different next hops based on source IP and the attribute (tag, community, other your suggestion) the BGP passes with the route that points that source IP.

I?ll try with an example: I have two different remote sites. Traffic from both sites comes to my first router (R1). On this router R1 the routes to the sites are passed via BGP. The route to Site1 has a community set to ?blue? and the route Site2 has a community set to ?red?. Now when traffic comes from bule-site must be forwarded to R2 and if traffic comes from a red-site must be forwarded to R3.

Any suggestion? I actually can change almost everything? I mean I can use route tagging or a different bgp attribute or even a different routing protocol.

Thanks a lot


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
paolo bevilacqua Wed, 04/25/2007 - 14:47
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

Hi,


With PBR, the only discrimination parameters are the ones that are in the traffic itself. And traffic (packets), unlike routes, cannot carry tags.

That means your "match" statements must be the basic ones, like source address or ingress interface. No involvement of tags from routing protocols is possible, as far as I know.

Anyway, in this kind of situations, sometime VRF comes handy. I personally have seen it misbehave and would not use it unless absolutely necessary, but the tool is there.


Good luck!


Hope this helps, please rate all useful posts!



moitessier Fri, 04/27/2007 - 03:29
User Badges:

Thanks for your suggestion. I'm not very skilled with VRF, how would you use these to split the traffic based on routing attributes or tags?

paolo bevilacqua Fri, 04/27/2007 - 05:10
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

Hi, actually i was not suggesting to use VRF necessarily, what it does it splits the router in virtual router each one with its routing table and interfaces, that may or may not help in your case. PBR on the other had should be simple enough.


As a courtesy to those providing answers, please rate all posts using scrollbox below

justin.donoghue Fri, 04/27/2007 - 05:23
User Badges:

Hi

The easiest way is to create a route map which matchs a source address and then sets the ip next hop to whichever IP address you want. If you want to match community then the community needs to have been set on the incoming routes from the far end. The route map can be applied then to the incoming routes on the BGP neighbour statement

Actions

This Discussion