cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
430
Views
0
Helpful
3
Replies

Redirecting HTTP to a different ISP to save bandwidth

mlinsemier
Level 1
Level 1

I am looking into methods of redirecting HTTP traffic and other high bandwidth protocols for users that are browsing the web to another ISP (Comcast Business) that has a much higher bandwidth than our existing tier 1 business ISP. Our configuration looks like the following:

Core <--> ASA 5510 <--> Switch <--> Packeteer <--> 3845

I am thinking about moving our Comcast business connection to the dirty DMZ switch in-between the ASA and the Packeteer. Is there an easy way to take HTTP traffic leaving the ASA or hitting the permitter and send that to the Comcast ISP.

I was thinking that I could put a new router in-between dirty DMZ switch and the Comcast ISP, and then use WCCP at the ASA to send it on to the new router.

Is there a less expensive way to achieve this? Any input would be greatly appreciated.

3 Replies 3

yagnesh_tel
Level 1
Level 1

Hi Matthew,

Not able to understand your topology completely but I interpret that both your ISP connections are connected to 3845 router.

So how about matching http and other high bandwidth traffic and sending them on particular ISP interface using Policy based routing?

For example on your 3845 router:

access-list 110 permit tcp any any eq 443

access-list 110 permit tcp any any eq 80

!

interface

ip policy route-map HTTP_REDIRECT

!

route-map HTTP_REDIRECT permit 10

match ip address 110

set interface

So basically, I would connect the Comcast cable modem to a secondary interface on the 3845 (say gigabit ethernet0/1), set it for DHCP so it gets a public IP address, then implement the PBR off of that interface, and everything should be good to go? I haven't done a whole lot PBR.

Matt

Yes, partly correct. You need to apply policy route-map on interface connected to your inside network i.e. to Packeteer. So basically packets will be matched as they enter into inside interface using defined ACL and matched packets will be directly send to interface specified using 'set interface' command without consulting routing table. For all other(unmatched) traffic, router will consult routing table as usual.

Refer this for more information on PBR:

http://www.cisco.com/en/US/products/ps6599/products_white_paper09186a00800a4409.shtml

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: