Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1153
Views
5
Helpful
9
Replies

controlling inbound/outbound traffic in 2 wan links

Go to solution
Danilo Dy
VIP Alumni
VIP Alumni

‎05-09-2007 06:22 AM - edited ‎03-03-2019 04:54 PM

Hi,

This is about PBR.

If I have two WAN links to same ISP who provides me two LAN Subnets and I want to control the inbound/outbound traffic as;

1. Traffic to/from LAN SubnetA uses Link1 as primary and Link2 as backup.

2. Traffic to/from LAN SubnetB uses Link2 as primary and Link1 as backup.

I can fix the incoming using BGP (private ASN between me and my ISP). For outgoing (if connection is triggered from LAN), I wonder if PBR's route-map can set two ip default next-hop with different AD or is there other alternative for outgoing?

Dandy

Labels:
0 Helpful
3 Accepted Solutions

Accepted Solutions

Go to solution
mohammedmahmoud
Level 11
Level 11

‎05-09-2007 06:34 AM

Hi,

I think that you can set more than next-hop, if the first fails the second is used:

set ip next-hop

Another option why not using a next-hop and a default next-hop, if the next-hop is not recursive, the default next-hop shall be used as backup, i haven't used it before, but you should give it a try:

!

route-map next permit 10

match ip address 10

set ip next-hop

set ip default next-hop

!

HTH, please do rate all helpful replies,

Mohammed Mahmoud.

View solution in original post

0 Helpful

Go to solution
royalblues
Level 10
Level 10
In response to mohammedmahmoud

‎05-09-2007 06:51 AM

Friend,

Mohammed is right. You can set more than next-hop. I have used it in my network and it works fine. But the next hop should be directly connected and the protocol should go down before the 2nd one takes over

HTH, rate if it does

Narayan

View solution in original post

0 Helpful

Go to solution
sundar.palaniappan
Level 10
Level 10
In response to mohammedmahmoud

‎05-09-2007 06:52 AM

Configure two 'set ip next-hop' statements under the route-map and the router would use the first reachable next hop. There's no need to use'set ip default next-hop' option as this command would be executed only when a route to the destination doesn't exist in the routing table.

HTH

Sundar

View solution in original post

9 Replies 9

Go to solution
mohammedmahmoud
Level 11
Level 11

‎05-09-2007 06:34 AM

Hi,

I think that you can set more than next-hop, if the first fails the second is used:

set ip next-hop

Another option why not using a next-hop and a default next-hop, if the next-hop is not recursive, the default next-hop shall be used as backup, i haven't used it before, but you should give it a try:

!

route-map next permit 10

match ip address 10

set ip next-hop

set ip default next-hop

!

HTH, please do rate all helpful replies,

Mohammed Mahmoud.

0 Helpful

Go to solution
Danilo Dy
VIP Alumni
VIP Alumni
In response to mohammedmahmoud

‎05-09-2007 06:47 AM

Hi,

I'll try it in a lab and give you points when it does :)

I was thinking about this while walking home :)

Thanks,

Dandy

0 Helpful

Go to solution
mohammedmahmoud
Level 11
Level 11
In response to Danilo Dy

‎05-09-2007 06:52 AM

Hi,

You are welcomed :), please re-read my first post, i've edited it.

HTH,

Mohammed Mahmoud.

0 Helpful

Go to solution
royalblues
Level 10
Level 10
In response to mohammedmahmoud

‎05-09-2007 06:51 AM

Friend,

Mohammed is right. You can set more than next-hop. I have used it in my network and it works fine. But the next hop should be directly connected and the protocol should go down before the 2nd one takes over

HTH, rate if it does

Narayan

0 Helpful

Go to solution
sundar.palaniappan
Level 10
Level 10
In response to mohammedmahmoud

‎05-09-2007 06:52 AM

Configure two 'set ip next-hop' statements under the route-map and the router would use the first reachable next hop. There's no need to use'set ip default next-hop' option as this command would be executed only when a route to the destination doesn't exist in the routing table.

HTH

Sundar

Go to solution
mohammedmahmoud
Level 11
Level 11
In response to sundar.palaniappan

‎05-09-2007 06:58 AM

Hi,

Sundar is right the ip default next-hop option would be executed only when a route to the destination doesn't exist in the routing table which most probably might introduce problems, accordingly the first method (setting multiple next-hops in a single statement) is the only recommended method in your case.

HTH,

Mohammed Mahmoud.

0 Helpful

Go to solution
Danilo Dy
VIP Alumni
VIP Alumni
In response to sundar.palaniappan

‎05-09-2007 07:00 AM

Hi All,

I will try if below will work to my expectation;

!

interface FastEthernet0/0

ip policy route-map outgoing

!

interface Serial0/0

!

interface Serial0/1

!

access-list 101 permit ip LAN-SubnetA TO_ANY

access-list 102 permit ip LAN-SubnetB TO_ANY

!

route-map outgoing permit 101

match ip address 101

set ip next-hop LINK1

set ip nex-thop recursive LINK2

!

route-map outgoing permit 102

match ip addres 102

set ip next-hop LINK2

set ip next-hop recursive LINK1

Regards,

Dandy

0 Helpful

Go to solution
mohammedmahmoud
Level 11
Level 11
In response to Danilo Dy

‎05-09-2007 10:49 AM

Hi,

I think that your proposed solution shall work, as if both a next-hop and a recursive next-hop IP address are present in the same route-map entry, the next-hop is used. If the next-hop is not available, the recursive next-hop is used. If the recursive next-hop is not available and no other IP address is present, the packet is routed using the default routing table.

The only constrain is that only one recursive next-hop IP address is supported per route-map entry which is fine in your case.

But any way i think that using 2 next-hops in the same set statement is the most common solution, please try both and feed us back.

HTH,

Mohammed Mahmoud.

0 Helpful

Go to solution
Danilo Dy
VIP Alumni
VIP Alumni
In response to mohammedmahmoud

‎05-11-2007 06:30 AM

Hi Guys,

You've been very helpful. I don't have time to try it in a lab as I'm busy playing with PacketShaper' Direct Standby and Access-Link Monitoring :) since you're helpful and your recommendation makes sense, I give you each 5 points.

Edited: I'm having problem with my mouse which automatically tick "Resolve" :)

Dandy

0 Helpful
Top