01-14-2010 06:57 AM - edited 03-06-2019 09:17 AM
Multiple default routes in routing table but with different metrics OSPF.
The high-level design is two Cisco ASA firewalls, two ISPs, and two L3 core switches.
ASA A is used for outbound traffic.
ASA B is used for inbound traffic such as SMTP, Web, FTP.
ASA A connected to ISP A and ASA B connected to ISP B.
Both ASA A and ASA B connect to internal Core L3 Switches Core-1, and Core-2.
ASA A, ASA B, Core-1, Core-2 all run OSPF and learn default routes from the ASA A and B.
ASA B advertises the default route with a higher metric.
All servers belong to the same internal network.
A route map will be used to send a handful of servers to use ASA B as its primary default gateway.
Will the route MAP send the default route to ASA B upon matching the access list for only a handful of hosts if the route is not in the routing tables of the core switches but in the OSPF database?
How can I have both default routes in the routing tables but one with a higher metric so it is never used unless the primary default route is lost but only used by the route MAP?
The L3 switches are Cisco 3560 with enhanced image.
Thanks a bunch.
Regards,
Juan
Solved! Go to Solution.
01-14-2010 07:04 AM
juan-ruiz wrote:
Multiple default routes in routing table but with different metrics OSPF.
The high-level design is two Cisco ASA firewalls, two ISPs, and two L3 core switches.
ASA A is used for outbound traffic.
ASA B is used for inbound traffic such as SMTP, Web, FTP.
ASA A connected to ISP A and ASA B connected to ISP B.
Both ASA A and ASA B connect to internal Core L3 Switches Core-1, and Core-2.
ASA A, ASA B, Core-1, Core-2 all run OSPF and learn default routes from the ASA A and B.
ASA B advertises the default route with a higher metric.
All servers belong to the same internal network.
A route map will be used to send a handful of servers to use ASA B as its primary default gateway.
Will the route MAP send the default route to ASA B upon matching the access list for only a handful of hosts if the route is not in the routing tables of the core switches but in the OSPF database?
How can I have both default routes in the routing tables but one with a higher metric so it is never used unless the primary default route is lost but only used by the route MAP?
The L3 switches are Cisco 3560 with enhanced image.
Thanks a bunch.
Regards,
Juan
Juan
Not sure what you are asking here. If you are using PBR with a route-map then you override the routing table ie. you do not look for a route in the routing table at all. So if you have PBR set up for some servers with the next-hop as ASA B then it is irrelevant what is in the routing table or the OSPF database, the server traffic will still be sent to ASA B.
Is that what you were asking ?
Jon
01-14-2010 07:06 AM
Hello Juan,
PBR works on traffic not routes.
until the PBR IP next-hop of ASA B is seen as reachable PBR will work.
To be noted that ASA B may suppress its advertisement of an external defaul route. But again this is not a problem
Depending on your devices you should look for ways to check to verify availability of next hop.
Hope to help
Giuseppe
01-14-2010 07:04 AM
juan-ruiz wrote:
Multiple default routes in routing table but with different metrics OSPF.
The high-level design is two Cisco ASA firewalls, two ISPs, and two L3 core switches.
ASA A is used for outbound traffic.
ASA B is used for inbound traffic such as SMTP, Web, FTP.
ASA A connected to ISP A and ASA B connected to ISP B.
Both ASA A and ASA B connect to internal Core L3 Switches Core-1, and Core-2.
ASA A, ASA B, Core-1, Core-2 all run OSPF and learn default routes from the ASA A and B.
ASA B advertises the default route with a higher metric.
All servers belong to the same internal network.
A route map will be used to send a handful of servers to use ASA B as its primary default gateway.
Will the route MAP send the default route to ASA B upon matching the access list for only a handful of hosts if the route is not in the routing tables of the core switches but in the OSPF database?
How can I have both default routes in the routing tables but one with a higher metric so it is never used unless the primary default route is lost but only used by the route MAP?
The L3 switches are Cisco 3560 with enhanced image.
Thanks a bunch.
Regards,
Juan
Juan
Not sure what you are asking here. If you are using PBR with a route-map then you override the routing table ie. you do not look for a route in the routing table at all. So if you have PBR set up for some servers with the next-hop as ASA B then it is irrelevant what is in the routing table or the OSPF database, the server traffic will still be sent to ASA B.
Is that what you were asking ?
Jon
01-15-2010 12:25 PM
Yes this is correct.
Thanks for the reply
01-14-2010 07:06 AM
Hello Juan,
PBR works on traffic not routes.
until the PBR IP next-hop of ASA B is seen as reachable PBR will work.
To be noted that ASA B may suppress its advertisement of an external defaul route. But again this is not a problem
Depending on your devices you should look for ways to check to verify availability of next hop.
Hope to help
Giuseppe
01-15-2010 12:39 PM
Thanks for the reply this helps a lot
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: