Re: policy routing to server

s-ralli · ‎03-25-2004

Dear all,

I have a specific requirement which I want to fulfill using policy based routing. However , it is not working as expected. The scenario is as follows:

I have a few vlans on MSFC, eg Interface vlan 1-5

with IP addresses 1.1.1.1 to 5.5.5.5 respectively.

I want all http traffic from clients on these vlans to be redirected to my proxy server on vlan 6 ( MSFC address 6.6.6.6/24 ) and the proxy server address 6.6.6.10/24

I am doing it as follows:

access-list 101 permit tcp any any eq www

route-map proxy permit 10

match ip address 101

set ip next-hop 6.6.6.10 255.255.255.0

route-map proxy permit 20

and then ip policy route-map proxy on all MSFC Vlans(Int vlan1-5).

request you all to let me know , if PBR can be used to redirect traffic in such a manner to a server or not ? if yes , pls also point me in the right direction.

TIA

Sudhir

Harold Ritter · ‎03-26-2004

This should work except that the syntax for the "st ip next-hop" is not correct. You should not include the netmask.

set ip next-hop 6.6.6.10

For more information on PBR configuration, refer to the following URL:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr_c/ipcprt2/1cfindep.htm#38608

Hope this helps,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Harold Ritter · ‎03-26-2004

BTW: shouldn't you set the proxy server address on the workstations?

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México