Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
949
Views
0
Helpful
3
Replies

Force Packet thru different VRF with route-map

mario.jost
Level 3
Level 3

‎11-04-2020 06:36 AM

I am working on a LTE backup configuration. I would like to have the cellular connection open constantly and establish a VPN connection even before a failure on the wired internet line occurs. This forces me to work with different VRFs. The VPN part, i have figured out and it is working fine. Sadly, the internet connection is used as a guest net for customers. So i have to think of a way to reroute the traffic from the wired, to the wireless (LTE) interface if there is an issue with the wired connection. I created following configuration:

 

ip vrf DSL
 description Wired internet
ip vrf LTE
 description Wireless internet

ip route vrf DSL 0.0.0.0 0.0.0.0 Dialer1
ip route vrf LTE 0.0.0.0 0.0.0.0 Cellular0/2/0

ip sla 111
 icmp-echo 157.240.17.35
  vrf DSL
  threshold 500
  timeout 800
  frequency 3
  
ip sla 222
 icmp-echo 104.244.42.1
  vrf DSL
  threshold 500
  timeout 800
  frequency 3
  
ip sla schedule 111 life forever start-time now
ip sla schedule 222 life forever start-time now

track 111 ip sla 111 reachability
track 222 ip sla 222 reachability

ip access-list extended FORCE_VRF_LTE
 10 permit icmp any host 104.244.42.1

route-map FORCE_VRF_LTE permit 10 
 match ip address FORCE_VRF_LTE
 set vrf LTE

ip local policy route-map FORCE_VRF_LTE

So basically, i have 2 VRFs with its corresponding default route. I create 2 IP SLAs in vrf DSL to simulate client traffic. Then, i want to force one of the pings out of the cellular interface. But this does not work. As soon as i enter the ip local policy command, the track 222 goes down. In the route-map i tried different commands like:

 

set ip default vrf LTE next-hop 1.1.1.1
set vrf LTE
set interface cellular0/2/0

But nothing worked so far. Is this even supposed to work? What am i missing? Pinging the different IPs manually from within the respecting VRF does work. 

Labels:
0 Helpful
3 Replies 3

Georg Pauwen
VIP
VIP

‎11-04-2020 08:05 AM

Hello,

 

you don't need 2 IP SLAs. Try the simplified config below:

 

ip vrf DSL
description Wired internet
ip vrf LTE
description Wireless internet
!
ip route vrf DSL 0.0.0.0 0.0.0.0 Dialer1 track 1
ip route vrf LTE 0.0.0.0 0.0.0.0 Cellular0/2/0 10
!
ip sla 1
icmp-echo 157.240.17.35 source-interface Dialer1
vrf DSL
threshold 500
timeout 800
frequency 3
!
ip sla schedule 1 life forever start-time now
!
track 1 ip sla 1 reachability
!
interface Dialer1
ip vrf forarding DSL
!
interface Cellular0/2/0
ip vrf forwarding LTE

0 Helpful

mario.jost
Level 3
Level 3
In response to Georg Pauwen

‎11-04-2020 11:15 PM

This does not work. There are just 2 default routes in different VRFs. How is this configuration supposed to put the traffic from vrf DSL into LTE?

0 Helpful

Georg Pauwen
VIP
VIP
In response to mario.jost

‎11-05-2020 01:01 AM

Hello,

 

you are absolutely right, that doesn't work. 

 

I wonder if there isn't an easier way to configure this. For example, in order to have the LTE up all the time, all you need is the 'dialer persistent' command on the dialer interface, provided you use one for the LTE.

 

Can you post the full configuration of your router, so I can lab this ?

0 Helpful
Customers Also Viewed These Support Documents