Re: Policy Routing WWW traffic

steven_alilovic · ‎02-22-2002

Company has two internet connection 1 x 128K and 1 x T1

Each connection is connected to a different Router.

Router 1 1600 128K

Router 2 806 1.54Mbit

Router 1 Ethernet Address 10.1.1.1

Router 2 Ethernet Address 10.1.1.2

I would like to set everyones default gateway to 10.1.1.1, but have a policy on the ethernet interface that forwards all web traffic to 10.1.1.2

Is this possible, I have tried my own route-map can't seem to get it to work.

Any help is appreciated.

ruwhite · ‎02-22-2002

Are these routers peers on the same subnet--in other words, would policy routing www traffic along router 2 reuire that the traffic come into router 1, then exit through the same interface, and then go out router 2? If so, you might be creating more problems than you are solving in the long run. :-)

Second, are you checking source or destination port? Most html traffic will be destined to port 80 from the client to the server, but from the server to the client it will be sourced from port 80.

Finally, if these two connect to the internet through a service provider, note that you won't be able to control the majority of the html traffic--the inbound stuff from the internet--through policy routing. Instead, you'll have to do it through your service provider, or through some sort of nat scheme which results in the html traffic being nat'd into one pool, and the rest being nat'd into another pool, or something similar. This gets real messy real fast.

Email me if you need further info.

Russ

bryan.king · ‎02-22-2002

You've tried setting up extended access-lists with policy-based routing?

something like:

Interface FastEthernet0

ip address 10.1.1.1 255.255.255.0

ip policy route-map web_traffic

access-list 101 permit tcp 10.1.1.0 0.0.0.255 eq www any

access-list 101 permit tcp 10.1.1.0 0.0.0.255 eq 443 any

route-map web_traffic permit 10

match ip address 101

set ip next-hop 10.1.1.2

HTH!