Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
730
Views
0
Helpful
4
Replies

Policy Based Routing and Failover

pblume
Level 1
Level 1

‎02-11-2003 05:51 PM - edited ‎03-02-2019 05:00 AM

I have a remote site with 2 routers and 2 circuits back to my data center. There are only workstations at the remote site; each workstation has multiple applications and has a single default gateway to only 1 WAN router.

I want application a, b, c from each workstation to use the first circuit to my data center and application x, y, z to use the second circuit to my data center. I want to use policy based routing to accomplish this. So, when one of the WAN routers receives IP traffic from a workstation, it will either forward it directly over the WAN circuit up to the data center, or forward it back over the LAN to the second WAN router which will then forward it to the data center over the second WAN circuit.

However, if 1 of my WAN circuits fail, is there any way that the application will failover to the remaining WAN circuit given that I am using policy based routing? If yes, what would the config look like?

Labels:
0 Helpful
4 Replies 4

steve.barlow
Level 7
Level 7

‎02-12-2003 06:14 AM

You need to know the ports that the apps use, then you can try:

router1

int e0

description remote site LAN

ip add 1.1.1.1 255.255.255.0

ip policy route-map test

!

int s0

description WAN1 link

ip add 3.3.3.1 255.255.255.252

!

route-map test permit 10

match ip add 111

set ip next-hop 1.1.1.2 3.3.3.2 (if 1.1.1.2 drops, then failover to 3.3.3.2)

route-map test permit 20

match ip add 112

set ip next-hop 3.3.3.2 1.1.1.2 (if 3.3.3.2 drops, then failover to 1.1.1.2)

!

access-list 111 permit tcp/udp any any eq xxxx (application ports you want over WAN2)

access-list 112 permit tcp/udp any any eq yyyy (application ports you want over WAN1)

router2

int e0

description remote site LAN

ip add 1.1.1.2 255.255.255.0

ip policy route-map test

!

int s0

description WAN2 link

ip add 4.4.4.1 255.255.255.252

!

route-map test permit 10

match ip add 111

set ip next-hop 1.1.1.1 4.4.4.2

route-map test permit 20

match ip add 112

set ip next-hop 4.4.4.2 1.1.1.1

!

access-list 111 permit tcp/udp any any eq yyyy (application ports you want over WAN1)

access-list 112 permit tcp/udp any any eq xxxx (application ports you want over WAN2)

You can also look into the 'set ip next-hop verify-availability' command to see if it helps you.

Hope it helps.

Steve

0 Helpful

chkoid
Level 1
Level 1
In response to steve.barlow

‎02-14-2003 01:42 AM

Hi

i am having the problem as well.

If the WAN 1 is failed, LAN ip of 1.1.1.2 is still remain reachable,

will "set ip next-hop 1.1.1.2 3.3.3.2 " statement still forward the traffic to 1.1.1.2 & cause the traffic in the loop ?

thks

0 Helpful

dan.lowry
Level 1
Level 1
In response to chkoid

‎02-14-2003 01:49 AM

Not sure if it's possible, but is there a chance you can set the next hop to be the Wan Interface of the other router, and learn that address via a routing update across the lan . If the link goes down, that address will be flushed from the routing table?

0 Helpful

rwiesmann
Level 4
Level 4

‎02-14-2003 02:26 AM

I'm not sure if i understand you correct, but i guess you could solve it if you would implement in combination of policy routing and HSRP. With HSRP you could track the WAN-Link and if thisone fails the HSRP Address will move over to the second router.

So if all ist o.k the router 1 will policy route the packet according you policy routing. If the WAN link fails the HSRP address moves over to router 2 and

router 2 will handle all the packets.

Regards

Roger

0 Helpful
Customers Also Viewed These Support Documents