Routing Help *Part2*

Answered Question
Sep 10th, 2009

Hi,

Scenario has changed since the last post, so can someone advice if solution still Ok with additional requirement

In Our Scenario Site_A is connected to Site_B via IPSEC GRE Tunnel running OSPF as routing protocol.

Site_A host all applications for Site_B.

We already have inplace another point-2-point link between Site_A to Site_B and

have specific requirement.

POS_Server only from Site_A should send traffic on this P-2-P link to Site_B.

Any traffic initiated from Site_B to POS_Server on Site_A should be via P-2-P link.

All other traffic should pass IPSEC-Gre_Tunnel

/// Solution proposed by ediortiz :-\\\\

On the router at Site_A

access-list 101 permit ip [server_ip] [site_b subnet]

route-map server_pbr

match address 101

set ip next-hop [p-2-p link]

interface fx/x

description LAN facing interface

ip policy route-map server_pbr

On the router at Site_B

access-list 101 permit ip [site_b subnet] [server_ip]

route-map server_pbr

match address 101

set ip next-hop [p-2-p link]

interface fx/x

description LAN facing interface

ip policy route-map server_pbr

(((Additional Scenario)))

If there is another Site IPSEC GRE Tunnel running OSPF added on _A connected to Site_C via

All traffic from Site_A to Site_C will pass using the Tunnel.

Site_A------IPSEC_GRE_Tunnel------Site_B

Site_A---------P_2_P--------------Site_B

Site_A------IPSEC_GRE_Tunnel------Site_C

Will the above configuration impact the traffic from POS_Server located on Site_A to Site_C

Correct Answer by Edison Ortiz about 7 years 5 months ago

It will use the routing table as the ACL being used for the PBR won't match the new site (Site_C) as a destination.

The PBR will only be used for, source POS_Server - destination Site_B subnet.

All other traffic will use the routing table.

__

Edison.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
yagnesh_tel Thu, 09/10/2009 - 05:00

Amin,

This depends on how you define your access list 101 on site A. If ACL 101 is just matching traffic going towards site B, you won't have any issue.

It seems from your description that that ACL 101 is defined correct way and it wont affect your traffic going towards site C.

Correct Answer
Edison Ortiz Thu, 09/10/2009 - 05:58

It will use the routing table as the ACL being used for the PBR won't match the new site (Site_C) as a destination.

The PBR will only be used for, source POS_Server - destination Site_B subnet.

All other traffic will use the routing table.

__

Edison.

Actions

This Discussion