Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
362
Views
0
Helpful
4
Replies

Access list reducing

Pushpa Ranathunga
Level 1
Level 1

‎01-13-2016 05:20 AM - edited ‎03-05-2019 03:06 AM

Hi

I am an IT guy owned a company with 25 branches

I have take two links from two service providers and i did a policy based routing

In HQ router, i applied the PBR as follows

track 1 ip route 1.1.1.180 255.255.255.255 reachability
delay down 5 up 5
!

interface GigabitEthernet0/1
ip address 192.168.100.198 255.255.255.0
ip policy route-map PBR
duplex auto
speed auto
standby 10 ip 192.168.100.199
standby 10 timers 1 15
standby 10 priority 150
standby 10 preempt
standby 10 track 2 decrement 100
!

ip access-list extended PBR-SP1
permit ip 192.168.100.0 0.0.0.7 192.168.180.0 0.0.0.255
permit ip host 192.168.100.8 192.168.180.0 0.0.0.255
permit ip host 192.168.100.9 192.168.180.0 0.0.0.255
permit ip host 192.168.100.160 192.168.180.0 0.0.0.255
permit ip host 192.168.100.180 192.168.180.0 0.0.0.255
deny ip any any
!

route-map PBR permit 10
match ip address PBR-SP1
set ip next-hop verify-availability 192.168.100.197 1 track 1
!

Track object is to check the availability of a particular branch (192.168.180.0/24)

Since i need to track other 3 branches as well, i will input them in route-map PBR 20,30,40 ..... sequences

Then i will need create following

1. 23 track objects

2. 23 ip access-lists

Is it OK to do that with the router??? will that cause any issue related to router performances ??

My router is cisco 1941

Labels:
0 Helpful
4 Replies 4

Philip D'Ath
VIP Alumni
VIP Alumni

‎01-15-2016 01:33 AM

I think you might be doing this the hard way.  Have you considered using EIGRP and OTP (Over The Top)?

http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/ip-routing/whitepaper_C11-730404.html

Basically you configure static EIGRP neighbours on each wan, and then specify "lisp-encap" and EIGRP will automatically tunnel the packet.  The service providers don't have to know anything about your routing and vice versa.  You can then use EIGRP metrics to control which path is used.   Failover is all automatic.

neighbor A.B.C.D <WAN-intf> remote <2-100> lisp-encap [1-1999]

If that is all a bit scary you could also use plain multipoint GRE tunnels to do the same thing, one for each service provider, and EIGRP to dynamically failover and select the routing path.

0 Helpful

Pushpa Ranathunga
Level 1
Level 1
In response to Philip D'Ath

‎01-15-2016 07:22 AM

I think GRE is OK. But how i will fulfill my requirement with GRE???

I think you haven't understood my question  

0 Helpful

Philip D'Ath
VIP Alumni
VIP Alumni

‎01-15-2016 01:35 AM

If you are still keen on using route tracking combine it with IP SLA.  Check out this article:

https://supportforums.cisco.com/document/30296/using-ipsla-change-routing

0 Helpful

Pushpa Ranathunga
Level 1
Level 1
In response to Philip D'Ath

‎01-15-2016 07:20 AM

Thanks for this

This is not suited for this since the requirement is complex in this one

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card