Solved: Re: Policy base routing over 2 FA ports

superduperlopez · ‎04-13-2006

Hi,

I am using a 2811 and a 2621 to simulate a network.

I have configured the 2621 to be the LAN router and the 2811 to be ISP.

On the 2621 I have configured some route policy which establishes that all traffic that comes from network 192.168.82.0 is to leave the router by interface fa 0/0

I also have another policy that establishes that traffic from network 192.168.81.0 is to leave through interface Serial 0/0

The traffic through the Serial works like a dream.....however, I can't get the traffic through the FA interface to work...

when I debug I get the following.....

Mar 1 00:15:26.228: IP: s=192.168.82.2 (FastEthernet0/1.82), d=100.100.100.100, len 60, policy match

*Mar 1 00:15:26.228: IP: route map OutDialer2, item 10, permit

*Mar 1 00:15:26.228: IP: s=192.168.82.2 (FastEthernet0/1.82), d=100.100.100.100 (FastEthernet0/0), len 60, policy routed

*Mar 1 00:15:26.228: IP: FastEthernet0/1.82 to FastEthernet0/0 100.100.100.100

*Mar 1 00:15:26.228: NAT: map match OutDialer2

*Mar 1 00:15:26.232: NAT: creating portlist proto 1 globaladdr 88.96.38.94

*Mar 1 00:15:26.232: NAT: Allocated Port for 192.168.82.2 -> 88.96.38.94: wanted 512 g

Satra_router#ot 512

*Mar 1 00:15:26.232: NAT: i: icmp (192.168.82.2, 512) -> (100.100.100.100, 512) [171]

*Mar 1 00:15:26.232: NAT: s=192.168.82.2->88.96.38.94, d=100.100.100.100 [171]

*Mar 1 00:15:26.236: IP: s=88.96.38.94 (FastEthernet0/1.82), d=100.100.100.100 (FastEthernet0/0), g=100.100.100.100, len 60, forward

*Mar 1 00:15:26.236: IP ARP: creating incomplete entry for IP address: 100.100.100.100 interface FastEthernet0/0

*Mar 1 00:15:26.236: IP ARP: sent req src 88.96.38.94 0001.96db.1900,

dst 100.100.100.100 0000.0000.0000 FastEthernet0/0

*Mar 1 00:15:26.240: IP: s=88.96.38.94 (FastEthernet0/1.82), d=100.100.100.100 (FastEthernet0/0), len 60, encapsulation failed

*Mar 1 00:15:26.240: MobileIP: FastEthernet0/0 add 100.100.100.100 rejected

*Mar 1 00:15:26.240: IP ARP rep filtered src 100.100.100.100 0015.fad7.aff0, dst 88.96.38.94 0001.96db.1900 wrong cable, interface FastEthernet0/0

The wrong cable bit really bugs me, as I am using a crossover cable which I know is the right cable.....

my config for the 2621 (the LAN router) is as follows.......

interface FastEthernet0/0

description TO ISP

ip address 88.98.38.98 255.255.255.240

ip access-group 150 in

no ip redirects

no ip unreachables

no ip proxy-arp

ip nat outside

service-policy output policing

speed auto

half-duplex

hold-queue 224 in

interface FastEthernet0/1.82

encapsulation dot1Q 82

ip address 192.168.82.1 255.255.255.0

ip nat inside

ip policy route-map OutDialer2

ip nat inside source route-map OutDialer2 interface FastEthernet0/0 overload

access-list 182 deny ip 192.168.82.0 0.0.0.255 192.168.0.0 0.0.255.255

access-list 182 permit ip 192.168.82.0 0.0.0.255 any

route-map OutDialer2 permit 10

match ip address 182

set default interface FastEthernet0/0

Any ideas on what is wrong with the traffic going through the FA interface..

Thank you for any help

pkhatri · ‎04-13-2006

Hi,

The problem is that you can't really use the 'set default interface' command with a multiaccess interface like ethernet. Instead of that, use 'set ip next-hop ', where the x.x.x.x is the IP address of the router at the other end, where you want your traffic to go.

Pls do remember to rate posts.

Paresh

View solution in original post

pkhatri · ‎04-13-2006

Hi,

The problem is that you can't really use the 'set default interface' command with a multiaccess interface like ethernet. Instead of that, use 'set ip next-hop ', where the x.x.x.x is the IP address of the router at the other end, where you want your traffic to go.

Pls do remember to rate posts.

Paresh