Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Outbound rating based on application type

What is an ideal way to route outbound traffic based on the type? For example, if our router has two Internet links, how could we route HTTP/FTP, etc, for the desktops out G0/0, and all other traffic (servers, static NATs) through G0/1?

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Blue

Re: Outbound rating based on application type

Hi Tony

As far as outbound traffic goes you can do this with Policy Based Routing eg.

Assume desktop subnet = 192.168.5.0/24

access-list 101 permit tcp 192.168.5.0 0.0.0.255 any eq http

access-list 101 permit tcp 192.168.5.0 0.0.0.255 any eq ftp

access-list 101 permit tcp 192.168.5.0 0.0.0.255 any eq ftp-data

route map Internet-access permit 10

match ip address 101

set interface g0/0

route-map Internet-access permit 20

set interface gi0/1

On your internal interface

int fa0/0

ip policy route-map Internet-access

Return traffic is slightly different. If you have spearate NAT pools that you can allocate to each interface ie. gi0/0 and gi0/1 then you make sure that traffic is always routed back to the interface it went out on.

Attached is a link to a doc on PBR that gives a good overview.

http://www.cisco.com/en/US/products/ps6599/products_white_paper09186a00800a4409.shtml

HTH

Jon

2 REPLIES
Hall of Fame Super Blue

Re: Outbound rating based on application type

Hi Tony

As far as outbound traffic goes you can do this with Policy Based Routing eg.

Assume desktop subnet = 192.168.5.0/24

access-list 101 permit tcp 192.168.5.0 0.0.0.255 any eq http

access-list 101 permit tcp 192.168.5.0 0.0.0.255 any eq ftp

access-list 101 permit tcp 192.168.5.0 0.0.0.255 any eq ftp-data

route map Internet-access permit 10

match ip address 101

set interface g0/0

route-map Internet-access permit 20

set interface gi0/1

On your internal interface

int fa0/0

ip policy route-map Internet-access

Return traffic is slightly different. If you have spearate NAT pools that you can allocate to each interface ie. gi0/0 and gi0/1 then you make sure that traffic is always routed back to the interface it went out on.

Attached is a link to a doc on PBR that gives a good overview.

http://www.cisco.com/en/US/products/ps6599/products_white_paper09186a00800a4409.shtml

HTH

Jon

New Member

Re: Outbound rating based on application type

That looks like exactly what we needed. Thanks!

134
Views
0
Helpful
2
Replies
CreatePlease to create content