Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Issue with PBR and EIGRP routing - Delay

I currently have a problem where I have two routers setup on the same segment. One router is a in country Frame Relay network connection into it and the other is running a VPN encyrpted Tunnel over a public ADSL connection.

I am having a issue trying to get policy based routing to work. The Frame Relay router is the direction all traffic is flowing towards and is looking at DSCP marking to determine next hop = the VPN router remote end ip address of the tunnel.

The problem is when traffic is PBR'd to the VPN router the VPN router then has the best route to that other side of the tunnel as the Frame Relay router because of the amount of delay on the VPN tunnel. What this causes is basically a loop with PBR as the traffic bounces back and forth. By default I haven't added any delay command to the VPN tunnel and from my testing; if I do, then all I do is cause all traffic to shift over to the VPN router.

So I'm puzzled how I can get EIGRP consider the Frame Router as the Primary router and PBR to the VPN router, while also providing the VPN router as a backup if the Frame link were to go offline (down).

Any suggestion on how to get arount this issue.

6 REPLIES
New Member

Re: Issue with PBR and EIGRP routing - Delay

Hi

Your description is a bit confusing, maybe a network diagram?

If both routers is on the same segment I would suggest using HSRP or VRRP.

Regards

Phillip

New Member

Re: Issue with PBR and EIGRP routing - Delay

HSRP is a option and I believe I may have to look at it.

I'm not sure about a diagram.. let me toss something together.

New Member

Re: Issue with PBR and EIGRP routing - Delay

Here is a basic diagram..

I've been thinking about this more and at first I thought about just setting the delay on both links the exact same but then what would happen is the core switch would load balance the links or take the VPN router as its best route because the bandwidth on the frame connection is much smaller which would then just route all traffic over the vpn link.

I'm just puzzled why the traffic would route all the way back to the frame which is 5 interface hops away than when its on the router and the traffic is 1 interface away?

Hall of Fame Super Silver

Re: Issue with PBR and EIGRP routing - Delay

Matthew

It seems to me that the solution would be to implement Policy Based Routing on the VPN router similar to what you did on the Frame Relay router. This would have the advantage of leaving the dynamic routing logic as it naturally is and will direct the traffic as you wish. It probably also leaves a cleaner response if one of the network links fails.

HTH

Rick

New Member

Re: Issue with PBR and EIGRP routing - Delay

If I apply the same PBR rules on the VPN will that trumpt the EIGRP Routes?

Now that I am thinking about it that may work.. let me try test it out.

Hall of Fame Super Silver

Re: Issue with PBR and EIGRP routing - Delay

Matthew

PBR will provide the same kind of over ride of the EIGRP logic on the VPN router just as it did on the Frame Relay router.

Test it and let us know what results you get.

HTH

Rick

197
Views
0
Helpful
6
Replies