Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
549
Views
0
Helpful
7
Replies

Routing of traffic to two FE ports

kan
Level 1
Level 1

‎12-20-2002 04:44 AM - edited ‎03-02-2019 03:44 AM

Hi guys,

Sorry if this question is too amateurish, but I am clueless on how to solve this problem.

The story is like this - I have a 7204VXR router connected to a 45 Mbps satellite downlink via a HSSI interface. I have a PA-2FE-TX module on the router and currently Fa1/0 (IP: 10.1.1.254) is connected to Server A (IP: 10.1.1.1). Traffic coming in from the satellite is being routed to Server A.

There is a default ip route which goes like this:

ip route 0.0.0.0 0.0.0.0 10.1.1.1

There are access-lists implemented on Fa1/0 such that only certain ports are being permitted to be routed to Server A.

The question: I would like to make use of the other FE port and implement another set of different access rules such that the traffic from the satellite will also go to Server B (IP: 10.2.2.2). The problem is traffic is only flowing to the Fa1/0 interface, and not onto the other Fa1/1 interface. How could I have two streams of data ‘duplicated’ out onto the two interfaces? Some guy I’ve asked mentioned something about IRB. Is this correct?

Basically if this is a switch, I could think of doing a SPAN where the satellite downstream is being replicated onto 2 FE ports. How could I achieve this on a router?

Thanks for any suggestions. Appreciated it.

Labels:
0 Helpful
7 Replies 7

prafuljaded
Level 3
Level 3

‎12-21-2002 11:28 PM

You need to add static routes to the servers (next hop) which are connected to Fa1/1 on the router. Then define the access rules and apply it to Fa1/1 (outbound).

I think all your traffic is going to Fa1/0 because of the default route.

Or else remove the default route and add specific static routes(next hop) on both Fa1/0 and Fa1/1.

0 Helpful

kan
Level 1
Level 1
In response to prafuljaded

‎12-22-2002 01:37 AM

Hi,

Thanks for the response. Adding specific routes may not work either, as I need all routes to go out via Fa1/0 and Fa1/1 simultaneously. Is there anything like a SPAN feature on a router?

Adding another default route to Fa1/1 will not work as this will result in a load balance scenario where 50% of the traffic will go to Fa1/0 and 50% will go to Fa1/1. What I need is 100% of traffic going to Fa1/0 and Fa1/1, after which I can apply the necessary access-lists on the interfaces.

0 Helpful

msingla
Level 1
Level 1
In response to kan

‎12-22-2002 07:11 AM

Hi,

whats the use of doing this.I couldn't geta point why you want to do this.The traffic is destined to server A so sending it on server B is useless.Yes by Nat u can change the destination address of packets coming to server A to go to serverB,without going to server A.But simutaneously on both servers same stream, I have not heard.Yes if you could able to span then also the other server B will reject the packets as the packets were addressed to Server A initially.What I think is that after spenning traffic if we are able to apply access list by replacing the destination address or if your Server B is in promiscous mode then traffic can reach there with the assumption we are able to perform span.Last but not the least Hub could be taken advantage of somehow

0 Helpful

kan
Level 1
Level 1
In response to msingla

‎12-22-2002 02:23 PM

Hi,

Thanks for the reply. So I suppose this could not be done on a router. A hub would not be able to handle the traffic. I guess I would be looking into using a Catalyst switch and performing SPAN on it. But in this way, I could not have the granularity of implementing different access lists on the two interfaces. Probably I need to do the filtering after the catalyst switch instead of at the current 7204 router.

0 Helpful

msingla
Level 1
Level 1
In response to kan

‎12-22-2002 04:16 PM

There are many experts in this world ,there might be some way lets see if anybody has any sol'definitely there would be some sol on the router by confguring it .as u earlier reffered IRB might be able to make this as hub instead of bridge,I dont know .Lets wait and see.True Hubs cannot handle the load.

Meery Christmas

Munit

0 Helpful

mark_cairns
Level 1
Level 1
In response to msingla

‎12-31-2002 11:13 AM

Assuming that the servers can run in a promiscuous mode and both servers do not need to see traffic destined for the same port, could you put a route map in place for the HSSI interface and match against an extended access list that only looks at TCP and UDP ports and will set the next hop for the packet to the server that should receive those port numbers? Rather long winded but you already use a static route to push all traffic directly to Server A. You could remove that route. Just a thought.

0 Helpful

kan
Level 1
Level 1
In response to mark_cairns

‎12-31-2002 05:44 PM

Hi,

Thanks for the suggestion. I will be toying around with route maps and see what I can come up with...

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents