09-09-2008 08:09 AM - edited 03-03-2019 11:28 PM
we have a 6 mg WAN pipe and a DSL connection would like to isolate the traffic to either the 6mg or the DSL by protocol or destination.
is anyone moving WAN traffic like that?
Thanks, Gary
09-09-2008 09:39 AM
Hello Gary,
in the outbound direction towards internet you can use PBR to use different criteria then just destination based routing.
PBR= policy based routing uses route-maps and the command has to be applied on the lan interface(s) that receive the traffic to be sent outbound.
the route-map can reference an extended ip access-list where you can define what protocols you want to reroute.
Example:
access-list 125 permit tcp any any eq 80
route-map pbr-web permit 10
match ip address 125
set ip next-hop next-hop.on.-adsl
what doesn't need to be rerouted can use normal routing and what doesn't match the route-map is not dropped but routed normally
on lan interface
int fas0/0
ip policy route-map pbr-web
For the traffic inbound coming from internet much less control is possible.
Hope to help
Giuseppe
09-09-2008 10:21 AM
route-map pbr-web permit 10
match ip address 125
set ip next-hop next-hop.on.-adsl
next-hop.on.-adsl = the IP of my DSL interface connected to my LAN, correct?
09-09-2008 10:54 AM
Hello Gary,
the next-hop ip address must be that on the other end of the DSL link not the one on your router : it is the same ip address you would use as next-hop in a static route.
otherwise you can use set interface name the name of your DSL interface that would be atm0 or atm0/0 or similar.
Hope to help
Giuseppe
09-09-2008 11:30 AM
We have an ASA 5505 between the cable modem and the path that we want some traffic to go out of. the ASA's interface that's connecting to the house router is called KWCH_LAN.
09-09-2008 01:06 PM
Hello Gary,
in this case the ip next-hop is that of the ASA 5505 towards the router where you want to configure PBR.
But the ASA needs to send out to the cable modem everything it receives in the internal lan interface (a default-route pointing to the cable-modem)
Hope to help
Giuseppe
09-09-2008 02:03 PM
okay, it's getting clearer.
i'll take a look at it.
Thanks for your help.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: