Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1270
Views
5
Helpful
4
Replies

IP SLA

Go to solution
Kurt Warner
Level 1
Level 1

‎05-19-2021 06:03 AM

We have had to add an additional firewall due to high usage. We set up IP SLA  and the load has been split across the two links and this has been working ( for the most part).  I need all traffic from  10.1.1.x  to go out track 1 . I tried adding a route  

 

ip route 10.1.1.0  0.0.0.255 192.168.1.2 track 1 ( said inconsitant mask) 

then 

ip route 10.1.1.0  255.255.255.0 192.168.1.2 track 1 ( stopped all data flowing) 

 

 

current working config 

!
ip route 0.0.0.0 0.0.0.0 192.168.1.2 track 1
ip route 0.0.0.0 0.0.0.0 192.168.1.3 track 2
ip route 8.8.4.4 255.255.255.255 192.168.1.3
ip route 8.8.8.8 255.255.255.255 192.168.1.2

 

!
ip sla 1
icmp-echo 8.8.8.8
threshold 100
frequency 5
ip sla schedule 1 life forever start-time now
ip sla 2
icmp-echo 8.8.4.4
threshold 100
frequency 5
ip sla schedule 2 life forever start-time now

 

any ideas? 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni

‎05-19-2021 06:25 AM - edited ‎05-19-2021 06:25 AM

Hi there,

I think you are getting the usage of the route statement confused. A route statement specifies the next-hop for a destination prefix, not the source.

If you want to control the traffic based on the source of the traffic then you need to look at Policy Based Routing. Something like this:

!
access-list 10 permit ip 10.1.1.0 255.255.255.0 any
!
int gi0/1
  ip policy route-map PRB01
!
route-map PBR01 permit 10
  match ip address 10
  set ip next-hop 192.168.1.2
!

...where gi0/1 is the ingress interface for the traffic flows from 10.1.1.0/24.

 

cheers,

Seb.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni

‎05-19-2021 06:25 AM - edited ‎05-19-2021 06:25 AM

Hi there,

I think you are getting the usage of the route statement confused. A route statement specifies the next-hop for a destination prefix, not the source.

If you want to control the traffic based on the source of the traffic then you need to look at Policy Based Routing. Something like this:

!
access-list 10 permit ip 10.1.1.0 255.255.255.0 any
!
int gi0/1
  ip policy route-map PRB01
!
route-map PBR01 permit 10
  match ip address 10
  set ip next-hop 192.168.1.2
!

...where gi0/1 is the ingress interface for the traffic flows from 10.1.1.0/24.

 

cheers,

Seb.

0 Helpful

Go to solution
Kurt Warner
Level 1
Level 1
In response to Seb Rupik

‎05-21-2021 05:30 AM

This worked !!! 

 

access-list 101 permit ip 10.1.1.0 0.0.0.255 any  ( wild card mask) 

!

route-map PBR01 permit 10
match ip address 101
set ip next-hop 192.168.1.2
!

int g0/1
ip policy route-map PBR01

0 Helpful

Go to solution
Kurt Warner
Level 1
Level 1

‎05-19-2021 06:55 AM

So if i added that to the interface g0/1 only traffic from 10.1.1.0/24 could use that interface? 

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Kurt Warner

‎05-19-2021 07:02 AM

 

No, any traffic could use it but only traffic with a source IP in the 10.1.1.0/24 subnet would be policy routed, the rest would just use the normal routing table. 

 

Jon

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card