Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

controlling inbound/outbound traffic in 2 wan links

Hi,

This is about PBR.

If I have two WAN links to same ISP who provides me two LAN Subnets and I want to control the inbound/outbound traffic as;

1. Traffic to/from LAN SubnetA uses Link1 as primary and Link2 as backup.

2. Traffic to/from LAN SubnetB uses Link2 as primary and Link1 as backup.

I can fix the incoming using BGP (private ASN between me and my ISP). For outgoing (if connection is triggered from LAN), I wonder if PBR's route-map can set two ip default next-hop with different AD or is there other alternative for outgoing?

Dandy

3 ACCEPTED SOLUTIONS

Accepted Solutions

Re: controlling inbound/outbound traffic in 2 wan links

Hi,

I think that you can set more than next-hop, if the first fails the second is used:

set ip next-hop

Another option why not using a next-hop and a default next-hop, if the next-hop is not recursive, the default next-hop shall be used as backup, i haven't used it before, but you should give it a try:

!

route-map next permit 10

match ip address 10

set ip next-hop

set ip default next-hop

!

HTH, please do rate all helpful replies,

Mohammed Mahmoud.

Re: controlling inbound/outbound traffic in 2 wan links

Friend,

Mohammed is right. You can set more than next-hop. I have used it in my network and it works fine. But the next hop should be directly connected and the protocol should go down before the 2nd one takes over

HTH, rate if it does

Narayan

Re: controlling inbound/outbound traffic in 2 wan links

Configure two 'set ip next-hop' statements under the route-map and the router would use the first reachable next hop. There's no need to use'set ip default next-hop' option as this command would be executed only when a route to the destination doesn't exist in the routing table.

HTH

Sundar

9 REPLIES

Re: controlling inbound/outbound traffic in 2 wan links

Hi,

I think that you can set more than next-hop, if the first fails the second is used:

set ip next-hop

Another option why not using a next-hop and a default next-hop, if the next-hop is not recursive, the default next-hop shall be used as backup, i haven't used it before, but you should give it a try:

!

route-map next permit 10

match ip address 10

set ip next-hop

set ip default next-hop

!

HTH, please do rate all helpful replies,

Mohammed Mahmoud.

Re: controlling inbound/outbound traffic in 2 wan links

Hi,

I'll try it in a lab and give you points when it does :)

I was thinking about this while walking home :)

Thanks,

Dandy

Re: controlling inbound/outbound traffic in 2 wan links

Hi,

You are welcomed :), please re-read my first post, i've edited it.

HTH,

Mohammed Mahmoud.

Re: controlling inbound/outbound traffic in 2 wan links

Friend,

Mohammed is right. You can set more than next-hop. I have used it in my network and it works fine. But the next hop should be directly connected and the protocol should go down before the 2nd one takes over

HTH, rate if it does

Narayan

Re: controlling inbound/outbound traffic in 2 wan links

Configure two 'set ip next-hop' statements under the route-map and the router would use the first reachable next hop. There's no need to use'set ip default next-hop' option as this command would be executed only when a route to the destination doesn't exist in the routing table.

HTH

Sundar

Re: controlling inbound/outbound traffic in 2 wan links

Hi,

Sundar is right the ip default next-hop option would be executed only when a route to the destination doesn't exist in the routing table which most probably might introduce problems, accordingly the first method (setting multiple next-hops in a single statement) is the only recommended method in your case.

HTH,

Mohammed Mahmoud.

Re: controlling inbound/outbound traffic in 2 wan links

Hi All,

I will try if below will work to my expectation;

!

interface FastEthernet0/0

ip policy route-map outgoing

!

interface Serial0/0

!

interface Serial0/1

!

access-list 101 permit ip LAN-SubnetA TO_ANY

access-list 102 permit ip LAN-SubnetB TO_ANY

!

route-map outgoing permit 101

match ip address 101

set ip next-hop LINK1

set ip nex-thop recursive LINK2

!

route-map outgoing permit 102

match ip addres 102

set ip next-hop LINK2

set ip next-hop recursive LINK1

Regards,

Dandy

Re: controlling inbound/outbound traffic in 2 wan links

Hi,

I think that your proposed solution shall work, as if both a next-hop and a recursive next-hop IP address are present in the same route-map entry, the next-hop is used. If the next-hop is not available, the recursive next-hop is used. If the recursive next-hop is not available and no other IP address is present, the packet is routed using the default routing table.

The only constrain is that only one recursive next-hop IP address is supported per route-map entry which is fine in your case.

But any way i think that using 2 next-hops in the same set statement is the most common solution, please try both and feed us back.

HTH,

Mohammed Mahmoud.

Re: controlling inbound/outbound traffic in 2 wan links

Hi Guys,

You've been very helpful. I don't have time to try it in a lab as I'm busy playing with PacketShaper' Direct Standby and Access-Link Monitoring :) since you're helpful and your recommendation makes sense, I give you each 5 points.

Edited: I'm having problem with my mouse which automatically tick "Resolve" :)

Dandy

220
Views
5
Helpful
9
Replies