routeing

erimar · ‎05-08-2003

I am wondering if this is possible.

Here is my layout

Dunkirk = Ser 0/1.1= 192.168.22.5

Ser 0/1.2= 192.169.22.6

Eth0 = 166.166.50.10

Router 2 Ser 0/0.1 =64.25.*.*

Eth0= 166.166.50.15

Rome Router 1 Ser 0/0.1= 192.168.22.10

Eth0/0 = 200.0.2.5

Router 2 Ser0/0.1 192.168.21.4

Eth0/0 = 200.0.2.4

Utica Router 1 Ser 0/0.1= 192.168.22.9

Eth 0/0 = 200.1.2.9

Router 2 Ser 0/0.1 =192.168.21.3

Eth 0/0= 200.1.2.12

Is it possible to route all traffic coming from Dunkirk 166.166.*.* to 200.1.2.* traffic through router 1 in dunkirk and router 1 in Utica and route all other traffic coming from 0.0.0.0 (Internet) to Utica through the Routers in Rome.

Basiclly what I am trying to accomplish here is that only 166.166 traffic going to Utica From Dunkirk uses the Frame Relay between Utica and Dunkirk but all other Traffic from Dunkirk to Utica including the internet goes through the frame between Rome and Dunkirk and then out the T1 between Utica and Rome. I have been able to route all Utica traffic to the Internet through Rome and out to dunkirk but I cannot figure out how to make all the return traffic from the internet to Utica route through Rome

olorunloba · ‎05-08-2003

Well, I do not get your understanding, but the little I can get, you will need to configure policy based routing.

Check out the following link

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800c75d2.html

Regards

erimar · ‎05-08-2003

maybe this will help

I want all traffic coming from 166.166.0.0 to 200.1.2.0 to go through 192.168.22.9 and all traffic coming from anywhere else to 200.1.2.0 to go through 192.168.22.10 all traffic going through 1 router. SO my question is is it possible to route traffic based on originating IP.

Source Route

166.166.0.0 ----> 192.168.22.9

/ \ Destination

all traffic 200.1.2.9

\ /

0.0.0.0 ---------->192.168.22.10

Source Route

cymurai · ‎05-14-2003

I agree with the other post, you would use route-map/policy routing to filter incoming packets. It looks like you are using FR or x.25 from Dunkirk to both Rome and Utica. You would place route-map on Dunkirk and point traffic from 166.166.x.x to use Serial 0/1.2= 192.168.22.6 thereby going directly to Utica, then all other default traffic could be directed to Rome by using Ser 0/1.1= 192.168.22.5

Hope this helps!

erimar · ‎05-15-2003

Here is a update. Here is a bmp of my intranet with a footnote.

http://www.mmcomputers.com/routehelp.htm

I have tried the access with no luck. I know I am missing something simple. Could you please tell me what the access list should look like. I had

access-list 1

permit 166.166.0.0

permit 200.1.2.0

deny 0.0.0.0

access-list 2

permit any

int ser 0/0.1

Route-Map Utica permit 10

match ip address 1

set ip precedence critical

set next hop 192.168.22.6

int ser 0/0.1

Route-Map Utica permit 20

match ip address 2

set ip precedence normal

set next hop 192.168.22.10

bazauas · ‎05-15-2003

What routing protocol are you running on your network?

At DUNKIRK: you can influence the routing metrics on the Dunkirk-Utica link so it is prefered over the other one. Then, you can create a route-map stating that all traffic sourced from everywhere except 166.166.0.0, goes through Dunkirk-Rome link.

At UTICA: you can say that the link through utica2 is better and then create a route-map stating that all traffic to 166.166.0.0 (must be extended ACL) goes through utica.

BB.

spremkumar · ‎05-16-2003

Hi

I have come up with a solution,hope it may help i hvent tested this may be i am wrong also,if i am guyz pls mention whts wrong with this config.

u can create a acl like this with the source and desti mentioned ,use the acl to define in u r route-map.In the route-map serial interfaces has been set as s0/0.1,0/0.2 i.e., primary and secondary.(this is for the ips trying to reach citrix ser).so the traffic to citrix will flow thru the serial 0/0.1 during the idle conditions(when both the serial is up).so when ser0/0.1 goes down it will flow thru ser0/0.2 and reach the citrix server.

this route-map is binded @ u r ethernet port of DUNKIRK.

once the ser0/0.2 goes down all the traffic shuld come to ser0/0.1 for that i feel a route-map net-20 is enough which is mentioned with the pri,sec serial links as ser0/0.2, 0/0.1.this will get binded to u r serial 0/0.2.

access-list 111 permit ip 166.166.0.0 0.0.255.255 200.1.2.0 0.0.0.7

route-map net-10 permit 10

match ip address 111

set interface ser 0/0.1 ser 0/0.2

route-map net-20 permit 20

set interface ser 0/0.2 ser 0/0.1

int eth 0 (DUNKIRK)

ip policy route-map net-10

int ser 0/0.2(DUNKIRK)

ip policy route-map net-20

Regds

Prem

erimar · ‎05-17-2003

This does acomplish the citrix portion of it. But unfortunately it blocked all 0.0.0.0 traffic. Therefor niether Utica nor Rome could access the internet. So looking at the above posted network picture on the webpage, Here is what I am trying to accomplish.

At dunkirk I want to be able to filter the traffic going out the Utica Frame (Point2point,rip,eigrp) to only allow citrix traffic. All other traffic destined for Uitca to be routed out the rome frame (p2p,rip,eigrp).

olorunloba · ‎05-22-2003

Quite dicey, but try this,

On UTICA 1, configure default route to point to UTICA2, (that settles internet) then configure PBR for 166.166 to go through DUNKIRK 1

On DUNKIRK1 configure route for UTICA to go through ROME, then PBR for source address of 166.166.*.* to go through DUNKIRK. Try the following

UTICA 1

ip route 0.0.0.0 0.0.0.0 200.1.2.10

access list 100 permit ip 200.1.2.0 0.0.0.255 166.166.0.0 0.0.255.255

Route-Map Utica permit 10

match ip address 100

set next hop 192.168.22.5

int e0/0

ip policy route-map UTICA

On DUNKIRK

ip route 0.0.0.0 0.0.0.0 166.166.50.15

ip route 200.1.2.0 255.255.255.0 192.168.22.10

access list 100 permit ip 166.166.0.0 0.0.255.255 200.1.2.0 0.0.0.255

Route-Map DUNKIRK permit 10

match ip address 100

set next hop 192.168.22.6

int e0/0

ip policy route-map DUNKIRK

Hope this helps, lets know