cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Cisco Community Designated VIP Class of 2020

1067
Views
0
Helpful
0
Replies
Highlighted
Enthusiast

L-4 Redirect on Cisco ASR to Cache Server

Lookign for some help setting up a L-4 redirect to a set of CacheServers. I am looking to forward all port 80 traffic going through a ASR 1001 to a group of cache servers. I am not looking for authenticated access through radius. I am just looking to forward port 80 traffic to a goup of cache servers. I know how to do this with WCCP but I am looking to use the ISG function instead of the WCCP capabilities of tthe ASR to fulfill this requirement. I have built it to what I believe it should look like however, I don't see any redirect translations being created on the ASR. Below is a cleaned version of my config.

!
version 15.2
service timestamps debug datetime msec
service timestamps log datetime localtime
service password-encryption
service counters max age 10
no platform punt-keepalive disable-kernel-core
!
hostname ASR1K-Core
!
boot-start-marker
boot-end-marker
!
!
vrf definition Mgmt-intf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
logging buffered 16384

!
no aaa new-model
clock timezone EST -5 0
clock summer-time DST recurring
!
!
!

ip name-server 10.206.16.18
ip name-server 10.206.16.19
ip multicast-routing distributed
!
!
!
ipv6 multicast rpf use-bgp
!
!
multilink bundle-name authenticated
!
!
!
!

!
redundancy
mode none
redirect server-group CacheServer
server ip 10.1.1.201 port 80
server ip 10.1.1.202 port 80
server ip 10.1.1.203 port 80
!
!
!
!
ip tftp source-interface GigabitEthernet0
ip ssh version 2
class-map type traffic match-any L4R-CLASS-TRAFFIC-REDI
match access-group input name L4R-CLASS-TRAFFIC-REDI-ACL
!
class-map type traffic match-any Cache
match access-group input name Cache-IN
match access-group output name Cache-OUT
!
policy-map type service L4R
10 class type traffic L4R-CLASS-TRAFFIC-REDI
  redirect to group CacheServer
!
!
policy-map type control ISG-SESSION
class type control always event session-start
  10 service-policy type service name L4R
  20 service-policy type service name Cache
!
!
!
!
!

interface GigabitEthernet0/0/0
description **Connection to 6509**
ip address 169.150.3.2 255.255.255.0 secondary
ip address 10.206.0.2 255.255.240.0
negotiation auto
cdp enable
!
interface GigabitEthernet0/0/1
description **Default route to Internet**
ip address 10.1.1.193 255.255.255.240
negotiation auto
cdp enable
service-policy type control ISG-SESSION
ip subscriber routed
  initiator unclassified ip-address
!
interface GigabitEthernet0/0/2

no ip address
negotiation auto
!
interface GigabitEthernet0/0/3
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0
vrf forwarding Mgmt-intf
no ip address
shutdown
negotiation auto
!
!
router eigrp 1
network 10.0.0.0
network 169.150.0.0
redistribute static metric 100000 100 255 1 1500
!
ip forward-protocol nd
ip forward-protocol udp 12223
!
ip flow-export source GigabitEthernet0/0/0
ip flow-export destination 169.150.128.150 2055
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 10.1.1.195
ip route 10.1.10.192 255.255.255.224 10.188.24.37
ip route 10.8.0.0 255.254.0.0 10.188.24.37
ip route 10.16.0.0 255.254.0.0 10.188.24.37
ip route 10.36.0.0 255.254.0.0 10.188.24.37
ip route 10.48.0.0 255.254.0.0 10.188.24.37
ip route 10.66.0.0 255.254.0.0 10.188.24.37
ip route 10.82.0.0 255.254.0.0 10.188.24.37
ip route 10.132.0.0 255.254.0.0 10.188.24.37
ip route 10.160.251.208 255.255.255.240 10.188.24.37
ip route 10.188.24.0 255.255.248.0 10.188.24.37
ip route 10.206.19.0 255.255.255.0 10.206.17.2
ip route 10.255.254.0 255.255.254.0 10.188.24.37
ip route 169.150.8.0 255.255.254.0 10.188.24.37
ip route 169.150.48.0 255.255.254.0 10.252.0.24
ip route 169.150.92.0 255.255.254.0 10.188.24.37
ip route 169.150.124.0 255.255.254.0 10.188.24.37
ip route 169.150.132.0 255.255.254.0 10.188.24.37
ip route 169.150.188.0 255.255.254.0 10.188.24.37
ip route 169.150.220.0 255.255.254.0 10.188.24.37
ip route 198.31.193.211 255.255.255.255 10.252.0.201
!
ip access-list extended Cache-IN
permit ip any host 10.1.1.201
permit ip any host 10.1.1.202
permit ip any host 10.1.1.203
permit ip any 10.206.0.0 0.0.255.255
ip access-list extended Cache-OUT
permit ip host 10.1.1.201 any
permit ip host 10.1.1.202 any
permit ip host 10.1.1.203 any
permit ip host 10.206.16.18 any
permit ip host 10.206.16.19 any
permit ip 10.206.0.0 0.0.255.255 any
ip access-list extended L4R-CLASS-TRAFFIC-REDI-ACL
deny   tcp any host 10.1.1.201 eq www
deny   tcp any host 10.1.1.203 eq www
deny   tcp any host 10.1.1.202 eq www
deny   tcp any 10.206.0.0 0.0.255.255 eq www
permit tcp any any eq www
deny   ip any any log

!
logging trap critical
logging host 10.206.7.2

cdp run

!
control-plane
!

!
line con 0
session-timeout 5
logging synchronous
login local
stopbits 1
line aux 0
stopbits 1
line vty 0 4

logging synchronous
login local
!

!
ntp master
ntp server 199.4.29.166

Everyone's tags (4)
CreatePlease to create content
Content for Community-Ad
FusionCharts will render here