09-03-2010 06:21 AM - edited 03-04-2019 09:39 AM
Hi,
need your help.
I have a network set up of running OSPF accross the network.
need to send some traffic over one WAN link and some traffic over another WAN link.These links are not connected directly to the branches.
i will explain in details.
Branch A wan to communicate with Branch B
Primary path - A-C-B
Secondary path- A-C-D-B
need to do PBR on router C
09-03-2010 06:32 AM
Hi,
need your help.
I have a network set up of running OSPF accross the network.
need to send some traffic over one WAN link and some traffic over another WAN link.These links are not connected directly to the branches.
i will explain in details.
Branch A wan to communicate with Branch B
Primary path - A-C-B
Secondary path- A-C-D-B
need to do PBR on router C
Binu
Fairly straightforward with PBR eg.
2 subnets in A = 192.168.5.0/24 & 192.168.6.0/24
you want to send 192.168.5.0/24 via primary path and 192.168.6.0 via secondary path to destination subnet 192.168.7.0/24
access-list 101 permit ip 192.168.5.0 0.0.0.255 192.168.7.0 0.0.0.255
access-list 102 permit ip 192.168.6.0 0.0.0.255 192.168.7.0 0.0.0.255
route-map PBR permit 10
match ip address 101
set ip next-hop
route-map PBR permit 20
match ip address 102
set ip next-hop
finally on the C interface that connects to A -
int s0/0
ip policy route-map PBR
Jon
09-03-2010 06:49 AM
Jon responded before me but anyway i still post my suggestion
With policy-based routing yes you get the option to implement policies that selectively cause packets to take different paths. Additionally, PBR can mark packets so that certain types of traffic get prioritized. One example of PBR is, say that your OSPF routing protocol says that a packet with a destination of 10.1.1.1 should go out 192.168.1.1, you could create a policy so that packets destined to 10.1.1.1, instead, go to next hop 192.168.2.1
Let's look at an example of how we could use PBR. Say that we wanted to find any traffic that is destined for IP device 10.1.1.1 and, instead of sending it wherever the routing protocol says it should go, we are going to send it 192.168.2.1 next hop.
Router(config)# access-list 101 permit ip any host 10.1.1.1
Router(config)# route-map reroute10traffic permit 10
Router(config-route-map)#match ip address 101
Router(config-route-map)set ip next-hop 192.168.2.1
Router(config-route-map)#set interface Fa3/0
Router(config)# interface Fast Ethernet 3/0
Router(config-if)#ip policy route-map reroute10traffic
Hope that helps.
Francisco
09-03-2010 11:22 AM
Thanks Francisco.. but "set ip next-hop 192.168.2.1" whould be attached to the router where we apply policy-map..correct?..or can we configure remote IP as next hop IP in the local router.
09-03-2010 11:37 AM
Will PBR successful if we configure "set metric
09-03-2010 12:13 PM
09-03-2010 12:20 PM
Binu
What is wrong with what i have supplied as config ? Have you tried it, does it not work or do you need something else.
Jon
09-04-2010 10:06 AM
Hi Jon,
Thank you for your prompt help..It is not working to meet my requirement because traffic is again getting routed to the core link due to low ospf cost[even can't fine tune the ospf cost as that will affect all other routes]..
Is it possible to configure loopback or WAN IP of 4th hop as IP next-hop [recrusive] in 1st hop router,that will meet the requirement ?
Please advise..
IP next-hop recrusive, how it works?
Thanks in advance,
Stephen
09-04-2010 10:34 AM
Hi Jon,
Thank you for your prompt help..It is not working to meet my requirement because traffic is again getting routed to the core link due to low ospf cost[even can't fine tune the ospf cost as that will affect all other routes]..
Is it possible to configure loopback or WAN IP of 4th hop as IP next-hop [recrusive] in 1st hop router,that will meet the requirement ?
Please advise..
IP next-hop recrusive, how it works?
Thanks in advance,
Stephen
Stephen
Can you be more explicit in terms of what is not working ie. which path does traffic take and what it should take and also share config.
PBR overrides the routing table so it makes no difference what the OSPF costs are because the routing table is not consulted so either something is wrong with your config or you want to do something different than you explained in you original post.
Jon
09-04-2010 12:08 PM
Hi Jon, I have attached one network diagarm shows the set up, please advise on which router we need to do PBR configuration as per you suggested to meet the requirement in the attached diagram.
can we do this by enabling policy route map on routers B, H, E, J
09-05-2010 01:38 AM
Stephen
It would have helped if you had included the full topology with your original question because clearly it is nothing like the topology in your original thread.
In the mumbai branch office, is there a router/L3 switch behind the 2 wan routers ie. where is the routed interface for the network 10.10.10.x ?
Jon
09-05-2010 03:16 AM
Hi Jon, L3 switches [2nos] present at Mumbai branch as well as at Chennai branch.L3 swithes are connected together and each L3 switch is having uplink to WAN headned routers at branch.
09-05-2010 03:34 AM
Stephen
You can do this with PBR but you would need to apply it to any router where the path taken is not the one you want. With the routers you may be able to use PBR recursive next-hop although it depends on the routing table as the way to get to the recursive next hop may not be the path you want. The L3 switches would also need PBR to make sure the traffic went to the right router and i don't think, from memory, that they support recursive next-hop.
It is doable but as Giuseppe quite rightly points out, it will require a fair bit of configuration on a number of routers for both the outbound and return path. MPLS is a much better solution but that is not just additional config it involves a fair bit of redsign of your network which amy or may not be practical.
So yes it can be done with PBR but it will be messy.
Another way may be to look at OER/Pfr which may allow you to direct certain traffic down one path rather than the other but without knowing more details it's not possible to say whether that would work or not.
Whichever you choose will involve quite a lot of work.
Jon
09-05-2010 03:38 AM
Actually i'm not sure OER/Pfr would help because i don't think you can route based on source IP.
Jon
09-05-2010 02:48 AM
Hello Stephen,
Edit:
with the network diagram is more clear as noted by Jon you should have posted it before
>> can we do this by enabling policy route map on routers B, H, E, J
you need to do so as PBR can divert traffic on a single router ( hop by hop paradigm), but it does not provide the desired effect if applied on a single router as you have seen in an IP cloud as next router could send the traffic on best path if not configured to divert to desired path.
In this kind of scenarios, a possible alternative to multiple PBR rules on multiple routers is MPLS:
or better to use MPLS Traffic engineering tunnels. With MPLS TE you move behind hop by hop routing and you can specify an end-to-end path that is chosen by first router in the cloud.
But if you haven't MPLS enabled it would be quite a big change to enable MPLS and MPLS TE on your network.
Hope to help
Giuseppe
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide