Routing issue, to reach same destination through two interfaces

Unanswered Question
Aug 10th, 2010
User Badges:

Hi!


I have a Cisco router A that is configured witch two vlan interface x and vlan interface y. How can I redirecte traffic to the same destination with source ip from vlan x throug interface F0 on router B and with source ip from vlan y throug interface F1 on router C? Both router B and c are directtly connected to router A. Many tanks in advance!


Regards

SF 

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Hitesh Vinzoda Tue, 08/10/2010 - 11:32
User Badges:
  • Silver, 250 points or more

Use route-map/policy based routing and set the next-hops for the traffic from desired vlan's to router B and router C


HTH


Hitesh Vinzoda


Pls rate useful posts

Giuseppe Larosa Tue, 08/10/2010 - 11:35
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello SF,


if you want to route based on source address you need PBR = Policy Based Routing


normal routing is destination based only either using static routes or dynamic routing protocols (including BGP)



example:


access-list 11 permit 10.10.20.0 0.0.0.255


route-map divert-to-RB permit 10

match ip address 11

set ip next-hop



interface f0/0

ip address 10.10.20.1 255.255.255.0

ip policy-map divert-to-RB


PBR has to be applied on the interface(s) that receive the traffic that should be diverted


A similar setup can be done for second LAN interface



access-list 12 permit 10.10.30.0 0.0.0.255


route-map divert-to-RC permit 10

match ip address 12

set ip next-hop



interface f0/1

ip address 10.10.30.1 255.255.255.0

ip policy-map divert-to-RC


to be noted an extended ACL can be used or other criteria including packet size or IP precedence or DSCP settings


Hope to help

Giuseppe

sfanayei Wed, 08/11/2010 - 05:17
User Badges:

Hi Giuseppe,

Tanks a lot for your reply, and I am trying to implement your soultion, It sounds good, but I have a couple of question. I can not see any where in your example where destination network is indicated. I assumed that Access-lists 11 and 12 are source ip as they shoud be.  I have sendt my network diagram as attached file and configuration in below. Please look at it and tell me more specific what I shoud do. And what is "permit 10" in end of your access-list?


Router A#

interface Vlan X
description Vlan X
ip address 10.98.2.1 255.255.255.0
ip helper-address 10.96.1.2
no ip unreachables
no ip mroute-cache
ip policy route-map divert-to-RB
!
interface Vlan Y
description Vlan Y
ip address 10.98.4.1 255.255.255.0
ip helper-address 10.96.1.2
no ip unreachables
no ip mroute-cache
ip policy route-map divert-to-RC


Router A(config)#access-list 11 permit 10.98.2.0 0.0.0.255
Router A(config)#access-list 12 permit 10.98.4.0 0.0.0.255

Router A(config)#
route-map divert-to-RB permit 10
match ip address 11
set ip next-hop 10.96.2.10  (router B, interface ip)


Router A(config)#
route-map divert-to-RC permit 10
match ip address 12
set ip next-hop 10.98.255.253 (router C, interface ip)


Many tanks again.

SF

shahhardik Wed, 08/11/2010 - 05:39
User Badges:

Hi SF,


now its seems to have a proper configuration with you,


Answer to your question, "Permit 10" is nothing but the route map permit statement with sequence no 10,


Example:


You can have as many route-map statement as you want, every individule differ with the sequence no it has,


Route-map xxxxx permit 10

match xxxx

set xxxx


Route-map xxxxx permit 20

match xxxx

set xxxx



Hope this will help you out.


Correct me if i'm wrong somewhere.


Regards,


Hardik.

sfanayei Wed, 08/11/2010 - 05:56
User Badges:

Hi Hardic


Tanks for reply, but it still not working. Before this scenario I had only Router B and static route in Router A to destination network. That worked properly.

But now I am trying to implement route map policy for one of my source netwok (vlan X) where I still having the static route in router A and I kan see that the trafik fra source vlan X is still using the static route.


Regards SF

Giuseppe Larosa Wed, 08/11/2010 - 06:05
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello SF,


you can make PBR destination selective by using extended ACLs instead of standard ACLs


access-list 111 permit ip 10.98.4.0 0.0.0.255 x.y.z.0 0.0.0.255


and by invoking the ACL inside the route-map in place of the standard ACL


>> here I still having the static route in router A and I kan see that the trafik fra source vlan X is still using the static route.


Sorry for the basic questions:


Have you applied the command ip policy on SVI Vlan X?


is the source IP address of this packet the expected one?


have you tried to use debug ip policy as a form of help in understanding what is happening?


What device are you using ?

if C4500 or C6500 post sh module



Hope to help

Giuseppe

sfanayei Wed, 08/11/2010 - 06:16
User Badges:

Yes, I have tryied with extended ACLs too. And I have applied the ip policy on Vlan X, but connection is running throug static route:(


Regards SF

shahhardik Wed, 08/11/2010 - 21:56
User Badges:

Hey SF,


why dont you remove the static route and have a check, though you are using PBR, i dont think so you will require static route in place.


Because even if you have PBR it will going to select static over it, since it finds it best path over others.


Cheers,

Hardik

sfanayei Thu, 08/12/2010 - 03:33
User Badges:

Hi Hardic


I have removed now static route, and now it seems that traffic are diverted through my defalut gateway. I don't tink that ip policy route-map is used.


Regards SF

Actions

This Discussion