Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Very Important - help needed (PBR on a 2611 with 2 Internet links)

I just need a little help, but it's very important.

I would like to explain my environment and see if someone could help me if there is something wrong. I have 2 internet links through distinct ISP's and they have no relationship with each other (no, it's not the problem).

My question here is, I would like to use one link - the "Alpha" link (just for reference) - to connect the LAN clients to the Internet and publish some servers (address pool). The other link - "Beta" - should be used just to publish new servers, through another address pool.

I have a 2611 (in case that you need: IOS Fw, 12.0(7)XK1, 32MB) with these interfaces:

Eth0/1 (Company's LAN)

10.0.0.4/255.255.248.0

Eth0/0 (Servers - Address Pools from links A and B)

X.L.M.62/255.255.255.192 (Pool from link A)

X.Y.Z.30/255.255.255.248 (conf'ed using "ip addr <addr> <mask> secondary" - Pool from link B)

Ser0/0 (Alpha)

X.L.T.70/255.255.255.252

Ser0/1.1 p-t-p (Beta - FR)

X.Y.K.2/255.255.255.252

route to network 0 is Ser0.

All the funcionality of the link Alpha is Ok (since everything was previously configured to it) and both links are working right (on link B I can reach the other end, X.Y.K.1), but obviously, there is no connectivity from the Internet to link B, since I need a default route for it. To solve this, I thought that using PBR should solve the problem.

So I created an acl for the pool B like this:

access-list 14 permit X.Y.Z.24 0.0.0.7

And created a route map for it:

route-map Telesc-BRT permit 10

match ip address 14

set ip next-hop X.Y.K.1

#I've tried "set interface Ser0/1.1" too

But when I apply it to the interface, the router begins to reply in timed "bursts" (maybe the CPU usage is too high), I don't get the link B working (I cannot access it from the Internet as desired but the link stills up) and since I access it from the ip on Ser0/0, it's almost impossible to work with it. I know that when PBR is active the CPU usage grows a little, but not that much... and maybe something else is wrong or missing... I really don't know.

If someone got time to analyse this case, you can't imagine how grateful I will be. It's very important.

Thanks in advance and please contact me if something is not clear!

2 REPLIES
New Member

Re: Very Important - help needed (PBR on a 2611 with 2 Internet

The config looks correct. I've only used PBR with extended ACLs (100-199) not standard. Although, I don't know why a standard wouldn't work.

After applying to your E0/0, if you issue a Show Route-map does it show 'matches'.

If you traceroute does it make it to your beta ISP correctly.

Is the ISP not advertising the XYZ subnet on the Net?

If you sit somewhere else on the net and trace to your XYZ does it go to your Beta ISP?

New Member

Re: Very Important - help needed (PBR on a 2611 with 2 Internet

I haven't issued show route-map yet. I'll try.

A trace from my station to the an address of the subnet seems to go to the correct path, but never reach the end. The ISP swears to me that everything is fine.

I'll check how it behaves with an ext. acl.

Thanks for the tips.

And btw, if you got more info, please tell.

92
Views
0
Helpful
2
Replies
CreatePlease to create content