cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
758
Views
5
Helpful
9
Replies

controlling inbound/outbound traffic in 2 wan links

Danilo Dy
VIP Alumni
VIP Alumni

Hi,

This is about PBR.

If I have two WAN links to same ISP who provides me two LAN Subnets and I want to control the inbound/outbound traffic as;

1. Traffic to/from LAN SubnetA uses Link1 as primary and Link2 as backup.

2. Traffic to/from LAN SubnetB uses Link2 as primary and Link1 as backup.

I can fix the incoming using BGP (private ASN between me and my ISP). For outgoing (if connection is triggered from LAN), I wonder if PBR's route-map can set two ip default next-hop with different AD or is there other alternative for outgoing?

Dandy

3 Accepted Solutions

Accepted Solutions

mohammedmahmoud
Level 11
Level 11

Hi,

I think that you can set more than next-hop, if the first fails the second is used:

set ip next-hop

Another option why not using a next-hop and a default next-hop, if the next-hop is not recursive, the default next-hop shall be used as backup, i haven't used it before, but you should give it a try:

!

route-map next permit 10

match ip address 10

set ip next-hop

set ip default next-hop

!

HTH, please do rate all helpful replies,

Mohammed Mahmoud.

View solution in original post

Friend,

Mohammed is right. You can set more than next-hop. I have used it in my network and it works fine. But the next hop should be directly connected and the protocol should go down before the 2nd one takes over

HTH, rate if it does

Narayan

View solution in original post

Configure two 'set ip next-hop' statements under the route-map and the router would use the first reachable next hop. There's no need to use'set ip default next-hop' option as this command would be executed only when a route to the destination doesn't exist in the routing table.

HTH

Sundar

View solution in original post

9 Replies 9

mohammedmahmoud
Level 11
Level 11

Hi,

I think that you can set more than next-hop, if the first fails the second is used:

set ip next-hop

Another option why not using a next-hop and a default next-hop, if the next-hop is not recursive, the default next-hop shall be used as backup, i haven't used it before, but you should give it a try:

!

route-map next permit 10

match ip address 10

set ip next-hop

set ip default next-hop

!

HTH, please do rate all helpful replies,

Mohammed Mahmoud.

Hi,

I'll try it in a lab and give you points when it does :)

I was thinking about this while walking home :)

Thanks,

Dandy

Hi,

You are welcomed :), please re-read my first post, i've edited it.

HTH,

Mohammed Mahmoud.

Friend,

Mohammed is right. You can set more than next-hop. I have used it in my network and it works fine. But the next hop should be directly connected and the protocol should go down before the 2nd one takes over

HTH, rate if it does

Narayan

Configure two 'set ip next-hop' statements under the route-map and the router would use the first reachable next hop. There's no need to use'set ip default next-hop' option as this command would be executed only when a route to the destination doesn't exist in the routing table.

HTH

Sundar

Hi,

Sundar is right the ip default next-hop option would be executed only when a route to the destination doesn't exist in the routing table which most probably might introduce problems, accordingly the first method (setting multiple next-hops in a single statement) is the only recommended method in your case.

HTH,

Mohammed Mahmoud.

Hi All,

I will try if below will work to my expectation;

!

interface FastEthernet0/0

ip policy route-map outgoing

!

interface Serial0/0

!

interface Serial0/1

!

access-list 101 permit ip LAN-SubnetA TO_ANY

access-list 102 permit ip LAN-SubnetB TO_ANY

!

route-map outgoing permit 101

match ip address 101

set ip next-hop LINK1

set ip nex-thop recursive LINK2

!

route-map outgoing permit 102

match ip addres 102

set ip next-hop LINK2

set ip next-hop recursive LINK1

Regards,

Dandy

Hi,

I think that your proposed solution shall work, as if both a next-hop and a recursive next-hop IP address are present in the same route-map entry, the next-hop is used. If the next-hop is not available, the recursive next-hop is used. If the recursive next-hop is not available and no other IP address is present, the packet is routed using the default routing table.

The only constrain is that only one recursive next-hop IP address is supported per route-map entry which is fine in your case.

But any way i think that using 2 next-hops in the same set statement is the most common solution, please try both and feed us back.

HTH,

Mohammed Mahmoud.

Hi Guys,

You've been very helpful. I don't have time to try it in a lab as I'm busy playing with PacketShaper' Direct Standby and Access-Link Monitoring :) since you're helpful and your recommendation makes sense, I give you each 5 points.

Edited: I'm having problem with my mouse which automatically tick "Resolve" :)

Dandy

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco