Hi all I've reached a dead end in my mind regarding policy based routing and need some pointers This is my case. I've got two 1921 routers connected over a WAN provided by an ISP. The ISP are able to route some of our RFC1918 subnets but not all and for those I experimenting with GRE tunnels as a solution. HQ Router connects directly to the ISP router so does the remote router. Both have the local ISP router as default gateway and they can ping each other on the ISP provided IPs, so far all good. Now, the ISP can route some of our subnets but not all and I'd like to send those subnets in a tunnel to the remote site, let's say 192.168.30.0/24 at the remote site is not routable but 10.10.0.0/24 is. I've set up the interfaces on the remote router an can ping 10.10.0.1 ok but not 192.168.30.1 as expected. I've set up the tunnels on both ends and logging shows that traffic towards 192.168.30.1 is passing through the tunnel from HQ to remote site but is then lost since the remote router has the ISP router as default GW. My gut tells me this would be a case for policy based routing but I've only used that before for "outbound" traffic based on source of destination IP. But this time I need to send the returning traffic through a tunnel, the incoming traffic towards 192.168.30.1 on the remote router is already coming through the tunnel but not the return traffic. Am I totally lost or what?
Might be corny but I'll answer my question myself since I've solved my problem.
I was hoping to avoid having to use VRF but ended up doing that anyway. On the remote site I set up a VRF that included the tunnel, the 192.168.30.0/24 subnet and nessecary routes to establish the tunnel. The 10.10.0.0/24 subnet was left as it was and is not sent through the tunnel.
[toc:faq]The ProblemOn traditional switches whenever we have a trunk
interface we use the VLAN tag to demultiplex the VLANs. The switch needs
to determine which MAC Address table to look in for a forwarding
decision. To do this we require the switch to do...
[toc:faq]Introduction:Netdr is a tool available on a RSP720, Sup720 or
Sup32 that allows one to capture packets on the RP or SP inband. The
netdr command can be used to capture both Tx and Rx packets in the
software switching path. This is not a substitut...
IntroductionOSPF, being a link-state protocol, allows for every router
in the network to know of every link and OSPF speaker in the entire
network. From this picture each router independently runs the Shortest
Path First (SPF) algorithm to determine the b...