Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
376
Views
0
Helpful
2
Replies

Interesting Policy Based Routing Question

lee
Level 1
Level 1

‎03-15-2006 10:49 AM - edited ‎03-03-2019 12:04 PM

Hi,

I have a site with three distinct departments that need to traverse two different PVCs on the same choked DS3. They teminate at a 3745 with 4 ethernet interfaces, dept. A (WIRE) uses f0/0 and f0/1 (one for backup) dept B (BRANCH) and C (IMAGE) use f1/0. A DSL backup is there on f3/0 for WIRE and BRANCH to use in case of DS3 failure - dept C CANNOT use this DSL. If the DS3 fails, IMAGE is gone, no worries.

BRANCH/WIRE use PVC 1/500. IMAGE traffic uses PVC 1/501.

How do I policy route this so niether IMAGE, nor BRACH traffic will use the other PVC in case of failure. Also, if the DS3 fails, I need to only route BRANCH/WIRE out the DSL backup. Here is my current config. I have not included any config for DSL backup yet. Also, there is a route-map on the

*****************************************

interface FastEthernet0/0

description connection to Wire_pri

ip address 10.4.22.1 255.255.255.252

ip policy route-map NACHI_WORM_WIRE_USE_PVC500

speed 100

full-duplex

!

interface FastEthernet0/1

description local lan

ip address 10.4.208.1 255.255.248.0 secondary

ip address 10.48.40.1 255.255.248.0

ip helper-address 10.1.100.39

ip helper-address 10.48.40.1

speed 100

full-duplex

!

interface FastEthernet1/0

description connection to Wire_bck

ip address 10.4.22.5 255.255.255.252

no ip unreachables

ip pim sparse-dense-mode

ip multicast boundary 94

ip policy route-map NACHI_WORM_WIRE_USE_PVC500

load-interval 30

speed 100

full-duplex

!

!

interface FastEthernet3/0

description DSL L3 Interface, Circuit ID:

ip address 65.233.92.37 255.255.255.0

ip access-group vpn_only in

ip route-cache policy

ip policy route-map nachi-worm

speed 100

full-duplex

crypto map vpnmap

**********************************

ip access-list extended

BRANCH_ROUTEMAP_ACL

permit ip 10.4.208.0 0.0.7.255 any

permit ip 10.48.40.0 0.0.7.255 any

ip access-list extended IMAGE_ROUTEMAP_ACL

permit ip 10.4.24.0 0.0.0.255 any

ip access-list extended WIRE_ROUTEMAP_ACL

permit ip any any

access-list 150 permit icmp any any echo

access-list 150 permit icmp any any echo-reply

!

****************************************

route-map BRANCH_IMAGE_PRB permit 10

match ip address BRANCH_ROUTEMAP_ACL

set ip next-hop 10.25.0.14

!

route-map BRANCH_IMAGE_PRB permit 20

match ip address IMAGE_ROUTEMAP_ACL

set interface Null0

set ip next-hop 10.26.0.5

!

route-map nachi-worm permit 10

match ip address 150

match length 92 92

set interface Null0

!

route-map NACHI_WORM_WIRE_USE_PVC500 permit 10

match ip address 150

match length 92 92

set interface Null0

!

route-map NACHI_WORM_WIRE_USE_PVC500 permit 20

match ip address WIRE_ROUTEMAP_ACL

set interface Null0

set ip next-hop 10.25.0.14

Any help is hugely appreciated.

Labels:
0 Helpful
2 Replies 2

b.speltz
Level 4
Level 4

‎03-21-2006 10:42 AM

In addition to these configurations sent, can you also send me the network topology and the configuartions in WIRE and BRANCH departments?. Thus, it will be easy for me to specify the exact policy routing details.

0 Helpful

jamshednet
Level 1
Level 1
In response to b.speltz

‎03-21-2006 12:23 PM

i agree with u.. send topology and connectively diagram, then its posible to give ur solution.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card