Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

PBR and the Gateway of last resorts?

Status
Not open for further replies.

Texmansru47

IS-IT--Management
Jul 19, 2005
30
US
Can you do something like this:
two T-1s inbound from two different networks. You desire to route only particular data over each link. You have created PBR as such:

route-map T1ONE permit 10
match ip address 10
set ip next-hop 10.10.10.254

(ACL for that traffic - access-list 10 permit 10.20.10.0 0.0.0.255)

route-map T1TWO permit 10
match ip address 20
set ip next-hop 10.10.10.1

(ACL for that traffic - access-list 20 permit 192.168.0.0 0.0.0.255)

Now would it be correct to have a gateway of last resorts for the rest of the IP traffic (ip route 0.0.0.0 0.0.0.0 10.10.10.254) OR add another ACL to the route-map T1ONE:

access-list 10 permit ip any any

Just questioning the logic... and just desired to see what everyone else thinks of this scenario.

Texman
 
If you want all the traffic to go out 10.10.10.254 except for the 192.168.0.x/24 then you should just use one route-map and then a default gateway.
 
Good idea. I thought about the two route-map for ease of identification if I'm not around and someone who is new to networking would be able to understand it, but the single route-map is very solid. Thanks for your input.
 
each interface can only have one route-map on it... but you can have multiple entries in that routemap..

route-map T1-Select permit 10
description T1 1
match ip address 10
set ip next hop XXXX

route-map T1-Select permit 20
description T1 2
match ip address 20
set ip next hop XXXX

route-map T1-Select permit 30


example to apply it...

int fa0/0
ip policy route-map T1-Select



anything that doesnt match your first two statements will then be passed to the global routing table of the router and will not be policy routed.. so they would use a default route if you had one entered.
 
Great. Basically this is on my test network so I'm just playing for now. Once all the kinks are worked out then we will deploy to production. On the route-map we are only looking to split the traffic over two different T-1s (one for corporate MPLS and the other for the local business ISP). This way our local VPN users do not have to be routed via NYC to get attached.

 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top