Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
452
Views
0
Helpful
1
Replies

Can IP SLA inject/interact with Policy based Routing?

bjames
Level 5
Level 5

‎07-04-2005 02:17 PM - edited ‎03-03-2019 09:57 AM

Hi,

I am looking at using both IP SLA (rtr) and policy-based routing to send some traffic (smtp let's say) over a VPN link and all other traffic over the WAN. In the event the VPN tunnel goes down, I wish all traffic to go ver the WAN link, and as well, if the WAN link goes down, I want all traffic to go over the VPN link, silly eh!

I was thinking of using both IP SLA and Policy mapping, but I wanted to know if IP SLA could inject the next-hop into the policy-map statments?

Thanks in advance,

Bob

Labels:
0 Helpful
1 Reply 1

johansens
Level 4
Level 4

‎07-04-2005 03:26 PM

It's called "Policy Based Routing with the Multiple tracking options Feature" and came in 12.3(4)T. I wrote this example with 12.4 in mind:

!

ip sla monitor 10

type echo protocol ipIcmpEcho 10.10.10.2

ip sla monitor 20

type echo protocol ipIcmpEcho 10.10.20.2

ip sla monitor schedule 10 life forever start-time now

ip sla monitor schedule 20 life forever start-time now

!

track 10 rtr 10 reachability

track 20 rtr 20 reachability

!

interface Tunnel0

description VPN-tunnel to SMTP server

ip address 10.10.10.1 255.255.255.0

!

interface Serial0

description WAN

ip address 10.10.20.1 255.255.255.0

!

interface Ethernet0

description LAN

ip address 192.168.1.1 255.255.255.0

ip policy route-map PBR

!

ip route 0.0.0.0 0.0.0.0 10.10.20.2

!

ip access-list extended WAN-acl

permit ip 192.168.1.0 0.0.0.255 any

!

ip access-list extended VPN-acl

permit tcp 192.168.1.0 0.0.0.255 any eq smtp

!

!

route-map PBR permit 10

match ip address VPN-acl

set ip next-hop verify-availability 10.10.10.2 10 track 10

set ip next-hop verify-availability 10.10.20.2 20 track 20

set default interface Null0

!

route-map PBR permit 20

match ip address WAN-acl

set ip next-hop verify-availability 10.10.20.2 10 track 20

set ip next-hop verify-availability 10.10.10.2 20 track 10

set default interface Null0

!

route-map PBR permit 30

set default interface Null0

!

Check this link for more info on this feature:

http://www.cisco.com/en/US/tech/tk364/technologies_configuration_example09186a0080211f5c.shtml

Here's the doc from 12.4 (they changed it from RTR to IP SLA monitor):

http://www.cisco.com/en/US/partner/products/ps6350/products_configuration_guide_chapter09186a0080457bcc.html

0 Helpful
Customers Also Viewed These Support Documents