Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1565
Views
0
Helpful
5
Replies

Ironport - do p1 and p2 use same routing table?

justins
Level 1
Level 1

‎09-24-2013 11:55 AM

Hi,

I have a use case to connect P1 and P2 to different networks (same building but segmented networks0, but I need the routing table for each interface to be separate so traffic coming into P1 will use the DF route for P1 network, and traffic coming into P2 will use DF route for P2 network. We use WCCP to redirect traffic to ironport.

Has anyone tried this before and/or know if they use a separate routing table?

Labels:
0 Helpful
5 Replies 5

Vance Kwan
Cisco Employee
Cisco Employee

‎09-25-2013 12:47 AM

P1 & P2 will be classified as the "Data" routing table.

These two interfaces should never be on the same network.  I don't know what would happen if they were...

In the routing table, as long as you specify the interface's gateway, the OS is intelligent enough to recognize which interface it belongs to.

So yes, your use case will work.

-Vance

0 Helpful

justins
Level 1
Level 1
In response to Vance Kwan

‎09-25-2013 10:45 AM

Cool thanks Vance. Yes they will be different network/subnet. We should have this setup by next week so hopefully it works for us.

Justin.

0 Helpful

Vance Kwan
Cisco Employee
Cisco Employee
In response to justins

‎09-25-2013 11:01 PM

I just re-read your original post.

Just to clarify, you are not trying to use 2 separate internet connections are you?

As in, requests received on P1 will also be made on behalf of the clients using P1; and requests received on P2 will be requested on behalf of the clients on P2?

If you are trying to do the above, this will not work.  The static routes are defined by destination only.

Only 1 interface will be used to make requests out to the internet.  Unless you split the public IP address space in half and assign 1 to P1, and 1 to P2 (which would be a bit awkward).

0 Helpful

justins
Level 1
Level 1
In response to Vance Kwan

‎09-26-2013 12:37 PM

Using the same edge internet connection but the interfaces will connect to two different "core" routers behind the edge. So I assume if I put 0/0 route for P1 and 0/0 route for P2, only the P1 route will be used or will they load balance?

Either way doesnt really matter to me, I just need to connect P1 and P2 with WCCP up to two different networks (they are treated as independant datacenters) just wasnt sure if they shared the same routing table or not and how the outbound/return traffic would be handled.

0 Helpful

Vance Kwan
Cisco Employee
Cisco Employee
In response to justins

‎09-29-2013 12:29 AM

Justin,

The WSA will only send the WCCP HIA packets out of 1 interface.  So if P1 is doing WCCP for network 1, P1 should be given a route to access the IP address for the second network that you are wanting to do WCCP.

-Vance

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents