I need some help setting up a 7606s so that I can send certain traffic through a DPI platform. The vendor has suggested that using a VRF would be better than using PBR, but does not have any examples. I have a circuit terminating on Gi1/22 with 2 subinterfaces. One is in a VRF that goes on to another router and the other gets sent out an ISP circuit that terminates on this 7606:
interface GigabitEthernet1/22 description Customer Traffic no ip address speed nonegotiate ! interface GigabitEthernet1/22.56 encapsulation dot1Q 56 ip vrf forwarding POP_A_VRF ip address 10.50.50.134 255.255.255.252 ! interface GigabitEthernet1/22.100
description To Internet encapsulation dot1Q 100 ip address 10.10.1.1 255.255.255.252
The DPI platform is on Gi1/13 and 1/14. 1/13 is the 'internet' side and 14 is the customer-facing side. I need traffic coming in on gi1/22.100 destined for the internet to go out gi1/14 and back in on gi1/13. I have seen one example using static arp entries but didn't quite follow it. Any help would be greatly appreciated.
Thanks for the quick reply Edison. Do you have any suggestions on how I should address Gi1/13 and 1/14? I saw where someone used a /30 for both, for example 10.1.1.1/30 for Gi1/13 and 10.1.1.2/30 for Gi1/14, which I didn't quite understand. Also, I assume I need a static route statement as well, as I am not running an IGP?
No - no addresses on the DPI box. It doesn't even ARP.
I actually got it working by making the internal interface part of the DPI VRF and the outside interface in the global RT, and doing a static default route in the DPI VRF to the outside interface's address. I'm just not sure now if this is the best way to do it.
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.