Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
8388
Views
0
Helpful
8
Replies

Force a specific route for destination ip with route-map

massimiliano.corvino
Level 1
Level 1

‎03-11-2014 03:54 AM - edited ‎03-04-2019 10:33 PM

Hi,

I'm using, on a 2600 Cisco Router, route-map command to have load balancing on two WAN interfaces (ethernet).

My configuration is this:

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 151.x.x.x

ip route 0.0.0.0 0.0.0.0 88.x.x.x

!

no ip http server

no ip http secure-server

ip nat inside source static tcp 192.168.27.100 1723 interface Ethernet1/0 1723

ip nat inside source static tcp 192.168.27.100 443 interface Ethernet1/0 443

ip nat inside source static tcp 192.168.27.101 1723 interface FastEthernet0/1 1723

ip nat inside source static tcp 192.168.27.101 443 interface FastEthernet0/1 443

ip nat inside source route-map Telecom-ISP interface Ethernet1/0 overload

ip nat inside source route-map Wind-ISP interface FastEthernet0/1 overload

!

ip access-list extended TRAFFIC-FROM-192.168.27.100

permit tcp host 192.168.27.100 eq 443 any

permit tcp host 192.168.27.100 eq 1723 any

ip access-list extended TRAFFIC-FROM-192.168.27.101

permit tcp host 192.168.27.101 eq 443 any

permit tcp host 192.168.27.101 eq 1723 any

!

access-list 110 permit ip 192.168.27.0 0.0.0.255 any

route-map Telecom-ISP permit 10

match ip address 110

match interface Ethernet1/0

set ip default next-hop 88.x.x.x

!

route-map Wind-ISP permit 10

match ip address 110

match interface FastEthernet0/1

set ip default next-hop 151.x.x.x

!

route-map STATIC-NAT permit 10

match ip address TRAFFIC-FROM-192.168.27.101

set interface FastEthernet0/1

!

route-map STATIC-NAT permit 20

match ip address TRAFFIC-FROM-192.168.27.100

set interface Ethernet1/0

How can I do do force a particulary ip destination, to use always Ethernet1/0 inteface?

Thanks

Labels:
0 Helpful
8 Replies 8

Sajid Ali
Level 1
Level 1

‎03-11-2014 04:09 AM

Hi massimiliano,

Call you router map on ingress interface, it will puch your traffic toword destination ip address via e1/0 because you set ip next-hope under route-map.

0 Helpful

massimiliano.corvino
Level 1
Level 1
In response to Sajid Ali

‎03-11-2014 04:17 AM

Hi,

thanks for your answer, but is not clear for me.

Can you tell me the command to use to call router map in "ingress" interface?

What's the meaning for "puch your traffic toword destination".

For example if I want to force this ip destination 173.194.116.23 -> Ethernet1/0...what's the configuration?

Thanks

0 Helpful

Sajid Ali
Level 1
Level 1
In response to massimiliano.corvino

‎03-11-2014 05:12 AM

Do you want to force (push) all ingress traffic towards ip destination 173.194.116.23 via Ethernet 1/0?

0 Helpful

massimiliano.corvino
Level 1
Level 1
In response to Sajid Ali

‎03-11-2014 05:32 AM

Yes.

Could I use this:

access-list 120 permit ip 192.168.27.0 0.0.0.255 172.194.116.23 255.255.255.255 
route-map FORCE-IP-ADDRESS permit 5 
 match ip address 120
 match interface Ethernet1/0
 set ip default next-hop 88.x.x.x

?

Thanks

0 Helpful

massimiliano.corvino
Level 1
Level 1
In response to massimiliano.corvino

‎03-11-2014 05:38 AM

wrong ACL...better:

access-list 120 permit ip any host 173.194.116.23

route-map FORCE-IP-ADDRESS permit 5 
 match ip address 120
 match interface Ethernet1/0
 set ip default next-hop 88.x.x.x

do you think it should work?

0 Helpful

Sajid Ali
Level 1
Level 1
In response to massimiliano.corvino

‎03-11-2014 01:05 PM

massimiliano,

If you need to forward you all ingress traffic towards destination via e 1/0, you have to follow below config exmple:

interface Ethernet1/1 >>>>> ingress interface
 ip address 192.168.27.1 255.255.255.0
 ip policy route-map test
!
interface Etnernet1/0 >>>> egress interface
 ip address 10.10.10.1 255.255.255.0
!
interface Serial2/0
 ip address 20.20.20.1 255.255.255.0
!
access-list 100 permit ip 192.168.27.0 0.0.0.255 host 173.194.116.23
!
route-map test permit 10
 match ip address 100
 set ip default next-hop 10.10.10.2

Now your ingress traffic will force to ethernet 1/0 for destination ip 173.194.116.23

0 Helpful

massimiliano.corvino
Level 1
Level 1
In response to Sajid Ali

‎03-12-2014 01:09 AM

It works! But I had an other

ip policy route-map

on inteface Ethernet 1/1

When I added the new ip policy map it removed the old. What can I do to have on the same interface both the policy map? Is there a way to use more than one policy map on the same interface or I've to create an unique policy map with all the conditions?

For example if I have to force an other ip addres on that route:

access-list 110 permit ip 192.168.27.0 0.0.0.255 host 173.194.116.24
!
route-map test2 permit 10
 match ip address 110
 set ip default next-hop 10.10.10.2

Thanks

Bye

0 Helpful

Sajid Ali
Level 1
Level 1
In response to massimiliano.corvino

‎03-12-2014 03:05 AM

 Massi,

Second one is right option, you should use unique route map with all conditions, Infact I configured it at some where else and its working fine. Try it and let me know if you have still an issue

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card