cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
754
Views
5
Helpful
4
Replies

Policy routing or offset list?

jkeeffe
Level 2
Level 2

I want to send a particular data stream (source-A  destination-B) through only one of two WAN routers to a remote site. The remote site also has two WAN routers. Traffic from source-A will travel through a core and distribution layer of 6500 L3 switches, running 12.2(33)SXH8, to the WAN routers which are two ASR1006s.  The remote end is the same - two ASR1006 WAN routers to 6500 distribution and Core L3 switches.  All 6500s are L3 uplinked to each other and to the WAN routers.  All traffic from the local site to the remote site routes throuh only one of the two WAN routers.  I want to move only traffic from source-A to source-B to the second WAN router to the remote site.

Would it be best to use policy-based routing or an offset list of some sort to accomplish this?  I've done PBR before where you just hand off traffic described in an ACL to a particular outbound port and basically hand carry the traffic to a point in the network where EIGRP prefers the route you want.

3 Accepted Solutions

Accepted Solutions

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Jkeeffe,

what is the root cause for :

>>

All traffic from the local site to the remote site routes throuh only one of the two WAN routers. 

Are you using HSRP on client vlans with  HSRP active for all clients on catalyst A?

Or actually the primary WAN routers provide better routes ( with a lower metric) and are used regardless of who is the default gateway (between the two C6500) on client vlans?

To be noted if the use of primary routers is driven only by HSRP or VRRP on client Vlans all you need to do is to have Catalyst B HSRP active for that specific subnet on site A and the same on site B.

(if EIGRP costs are equal between RA1-RB1 and RA2-RB2 WAN routers)

In any case, the use of offset list is possible if you mean from a whole subnet in site A to a whole subnet in site B and viceversa.

If so all you need to do is to make the two subnets with a better metric on WAN RA2 to WAN RB2 by applying offset lists on the primary WAN routers to have delay  metric component increased only for those two IP subnets.

If you mean at host level or more specific then subnet mask PBR is the only way to go.

Hope to help

Giuseppe

View solution in original post

As I read the original post he wants to specify Source and Destination of the traffic. If it was sufficient to manage by destination then I agree that manipulating routing metrics would be sufficient. But if the criteria include both Source and Destination then I do not know anything that can do it other than PBR.

HTH

Rick

HTH

Rick

View solution in original post

smehrnia
Level 7
Level 7

Hi,

despite you have full L3 connectivity between your 6500 and WAN routers, PBR is probabely the best and most flexible way and if you've dont it before, then there should be no problem for you. you have to apply the route-map to your incomming (Source) interface(s).

Although if you want to control traffic path selection for both of your sites (A-to-B & B-to-A) then you have to do it on your both Sites. (Site A and Site B).

just for the record and public education purposes I lay down a example here :

access-list 25 permit ip 1.1.1.1

!

route-map EXAMPLE permit 10

   match ip address 25

   set ip next-hop 3.3.3.3

!

interface fa 0/1

   ip policy route-map EXAMPLE

plz Rate if it helped.

Soroush.

Hope it Helps!

Soroush.

View solution in original post

4 Replies 4

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Jkeeffe,

what is the root cause for :

>>

All traffic from the local site to the remote site routes throuh only one of the two WAN routers. 

Are you using HSRP on client vlans with  HSRP active for all clients on catalyst A?

Or actually the primary WAN routers provide better routes ( with a lower metric) and are used regardless of who is the default gateway (between the two C6500) on client vlans?

To be noted if the use of primary routers is driven only by HSRP or VRRP on client Vlans all you need to do is to have Catalyst B HSRP active for that specific subnet on site A and the same on site B.

(if EIGRP costs are equal between RA1-RB1 and RA2-RB2 WAN routers)

In any case, the use of offset list is possible if you mean from a whole subnet in site A to a whole subnet in site B and viceversa.

If so all you need to do is to make the two subnets with a better metric on WAN RA2 to WAN RB2 by applying offset lists on the primary WAN routers to have delay  metric component increased only for those two IP subnets.

If you mean at host level or more specific then subnet mask PBR is the only way to go.

Hope to help

Giuseppe

As I read the original post he wants to specify Source and Destination of the traffic. If it was sufficient to manage by destination then I agree that manipulating routing metrics would be sufficient. But if the criteria include both Source and Destination then I do not know anything that can do it other than PBR.

HTH

Rick

HTH

Rick

Hello Richard,

I agree you are right on this

playing with offset lists would not provide this level of control just  a different path for selected destinations regardless of the source.

Thanks for your correction

Best Regards

Giuseppe

smehrnia
Level 7
Level 7

Hi,

despite you have full L3 connectivity between your 6500 and WAN routers, PBR is probabely the best and most flexible way and if you've dont it before, then there should be no problem for you. you have to apply the route-map to your incomming (Source) interface(s).

Although if you want to control traffic path selection for both of your sites (A-to-B & B-to-A) then you have to do it on your both Sites. (Site A and Site B).

just for the record and public education purposes I lay down a example here :

access-list 25 permit ip 1.1.1.1

!

route-map EXAMPLE permit 10

   match ip address 25

   set ip next-hop 3.3.3.3

!

interface fa 0/1

   ip policy route-map EXAMPLE

plz Rate if it helped.

Soroush.

Hope it Helps!

Soroush.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco

Ā