×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Default-route in the network.

Unanswered Question
Nov 8th, 2011
User Badges:

Hello genius minds.


I have a network of about 50 sites connected via MPLs. We have a default- route in the network for Internet access. The company has decided to remove this default route and use proxy for Internet access for security purposes.


Now before we remove that. We would like to see what application or who ( source ip) is using this default route. So that we can try to see dependencies. How can I achieve this ?


Any ideas.


Thanks in advance


Sent from Cisco Technical Support iPad App

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
smitesh kharecha Tue, 11/08/2011 - 23:35
User Badges:
  • Silver, 250 points or more

Hi Amit,


Your MPLS provider has giving you a default route, so that you sent any traffic from your CE to PE ( either internet traffic or intranet traffic).

So what ever traffic which originates in all your sites will need that default route to get out of that particular site and go to where it has to got. Its is PE which will decide where and how to sent that traffic.


HTH,

Smitesh

milan.kulik Wed, 11/09/2011 - 00:01
User Badges:
  • Red, 2250 points or more

Hi,


I suppose you are receiving not only the default route from you provider but also routes for your sites?

So it might be possible to configure some ACLs on your CE routers logging packets sent to other destinations than your company IP range.


But the easiest way would be logging the traffic sent to the Internet.

I suppose you are using some FW on your Internet connection?

So why don't you start logging the traffic sent to the Internet and observe the source addresses in your FW log?


HTH,

Milan

Mahesh Gohil Wed, 11/09/2011 - 01:22
User Badges:
  • Silver, 250 points or more

Hi Amit,


If we have something like IP accounting with access-list then you may see which sources accessed internet.

You can apply this feature on your central site connecting interface towards provider. You can put all networks other than owned by your company (I mean internet destination).


If i am not wrong may be netflow also help you to achieve u want.


i have not implemented this so you can search internet for such features.


Regards

Mahesh

Latchum Naidu Wed, 11/09/2011 - 06:00
User Badges:
  • Blue, 1500 points or more

Hi Hi Amit,


It seems your setup looks like one of my customer have the same kind of setup..

It is like they have only MPLS connection at site and have internet connection at their HQ, So what they did is all required/known traffic to rest of the sites and to HQ routed over MPLS and the default-route/unknown/internet traffic pointed to the HQ gateway so that the internet traffic from other MPLS connected sites can get internet from their HQ site.


Is that what your setup?


Please rate the helpfull posts.
Regards,
Naidu.

Actions

This Discussion