10-28-2003 08:51 AM - edited 03-02-2019 11:18 AM
We have a PIX firewall that is connected to 2 perimeter Cisco 2610 routers. The routers are running HSRP and each is connected to its own ISP through a full T1 line. What we would like to do is to use one of the routers for transmit only and the other for receive only. I have figured they would have to be on a HD connection to the ISP, but how do I force a router for either transmit or receive?
Thanks.
10-28-2003 12:20 PM
After you have your routing to the ISP worked out you can force your "Transmit" router to HSRP active with the 'standby priority' command. Just give it a value higher than its peer (eg, 200 vs 100). This all assumes your PIX is forwarding the a default next-hop of the HSRP standby ip.
http://www.cisco.com/pcgi-bin/Support/browse/psp_view.pl?p=Technologies:HSRP
10-28-2003 01:51 PM
Thanks for your response.
The PIX is indeed forwarding the default next-hop of the HSRP standby ip. However, how do I force a router to transmit or receive only?
Thanks again.
10-30-2003 12:20 PM
Or, I guess, a better way of putting it is how to configure the inbound traffic to traverse one circuit but not the other? Would tweaking the BGP protocol do it?
Thanks.
10-31-2003 03:57 AM
There are various ways you can manipulate your traffic path with BPG. One possibility would be to use Local Preference to influence your outbound path and AS Path Prepending to influence your inbound path (if you connect to the same ISP on both routers a better approach would be to use MED to influence your inbound traffic)
In the following example to influence the outbound path the Outbound Router sets the Local Preference for all routes learnt from the EBGP to 150 and the Inbound Router to 50 (higher number is preferred). When these are exchanges via IBGP both routers will agree on the same outbound router (Local Preference is before AS Path length in the route selection process).
To influence the inbound path the Outbound router prepends two instances of its AS number to the AS Path (local routes would then be advertised to the EBGP peer with an AS Path of 64512 64512 64512 by the Outbound router and 64512 by the Inbound router). Upstream ISPs should then select the shortest AS Path to your routes via the Inbound router.
Outbound traffic now routes via the Outbound router and inbound traffic via the Inbound router.
OUTBOUND ROUTER
router bgp 64512
neighbor
neighbor
!
!
route-map SET-LOCAL-PREF permit 10
set local-preference 150
!
!
route-map SET-AP-PATH-PREPEND permit 10
set as-path prepend 64512 64512
!
INBOUND ROUTER
router bgp 64512
neighbor
!
!
route-map SET-LOCAL-PREF permit 10
set local-preference 50
!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide