Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Route prefix manipulation

Hello all,

I'm trying to route traffic to 10.1.21.204 though the static route listed below. However, due the longer prefix rule, the route will use BGP. Is there any way to manipulate this?

FYI the BGP route is coming from my ISP and the static is injected dynamically via Reverse Routing - which checks the acl applied to a cryptomap and then adds the routes based on the ACL.

access-list 123 permit ip 10.1.23.0 0.0.0.255 10.0.0.0 0.255.255.255

The above ACL added the static route you see below.

10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

S 10.0.0.0/8 [1/0] via 38.x.x.x

B 10.1.21.0/24 [20/0] via 10.1.99.200, 02:12:03

Thx.

8 REPLIES

Re: Route prefix manipulation

Hi

Yes there is, do try the following

ip route 10.1.21.204 255.255.255.255 38.x.x.x

This will create a host route and will beat the BGP learned route.

New Member

Re: Route prefix manipulation

Adam,

The 10.1.21.204 route is only one of hundreds and I've thought about the 32 bit mask. I don't know if there is any other way to change that route...hmmmm

Re: Route prefix manipulation

Hi

As an example, you can catch the class C using

ip route 10.1.21.0 255.255.255.0 38.x.x.x

This will override the BGP learned route as static AD beats BGP.

ip route 10.1.21.0 255.255.255.128 38.x.x.x

This will match 0 - 127

This method is assuming you are trying to match contiguous address space.

If you have discontiguous address's you will need to use multiple ip route statements.

If not, you could also look at using PBR (Policy based routing).

Hall of Fame Super Bronze

Re: Route prefix manipulation

Is there any way to manipulate this?

Add a host route which will give you the longest prefix possible.

ip route 10.1.21.204 255.255.255.255 38.x.x.x

HTH,

__

Edison.

New Member

Re: Route prefix manipulation

I should have been more specific in my description - sorry about that. I have hundreds of routes and the trick will be to modify this acl not to create the /8 network. My current network is 10.1.0.0 255.255.255.0 and I would have to modify the acl to create a 32 bit network for my scheme. I don't even know if its possible.

access-list 123 permit ip 10.1.23.0 0.0.0.255 10.0.0.0 0.255.255.255

Re: Route prefix manipulation

Reverse route is doing it's thing so unless you can be more specific with your destination on your crypto ACL (10.0.0.0 0.255.255.255 ), you are going to have to add more specific static routes I'm afraid.

New Member

Re: Route prefix manipulation

Adam,

I just figured it out - I think but I have to try it in my lab first. I will modify the acl with the following:

access-list 123 permit ip 10.1.23.0 0.0.0.255 10.0.0.0 0.255.255.128

access-list 123 permit ip 10.1.23.0 0.0.0.255 10.0.0.127 0.255.255.128

I'm hoping this should catch it.

New Member

Re: Route prefix manipulation

Ok the acl didn't work BUT I finally figured it out. I used something call Enhanced Object Tracking.

If my device and ping "A" then use "B" as the next hop. If my device can't ping "A" then use "C". In my case, send traffic through normal route processing.

The link is below that help me with this.

http://www.nil.com/ipcorner/SmallSiteMultiHoming/

Big ups to everyone that posted and big props to Adam.

287
Views
13
Helpful
8
Replies
CreatePlease login to create content