11-23-2022
04:32 AM
- last edited on
11-24-2022
08:39 PM
by
Translator
Hi
Can I setup PBR for some destination IP and only for selected source IPs? If yes then what will be the configuration?
for example
Source IPs: 172.16.1.10-20
First Destination IP: x.x.x.x/32
Second Destination IP: y.y.y.y/32
Solved! Go to Solution.
11-23-2022
04:46 AM
- last edited on
11-24-2022
08:39 PM
by
Translator
ip access-list extended 100
permit ip <Source IPs: 172.16.1.10-20> <First Destination IP: x.x.x.x/32 >
ip access-list extended 110
permit ip <Source IPs: 172.16.1.10-20> < Second Destination IP: y.y.y.y/32 >
route-map MHM permit 10
match ip add 100
set ip next-hop <ISP1>
route-map MHM permit 20
match ip add 110
set ip next-hop <ISP2>
interface <LAN>
ip policy route-map MHM
11-23-2022
04:46 AM
- last edited on
11-24-2022
08:39 PM
by
Translator
ip access-list extended 100
permit ip <Source IPs: 172.16.1.10-20> <First Destination IP: x.x.x.x/32 >
ip access-list extended 110
permit ip <Source IPs: 172.16.1.10-20> < Second Destination IP: y.y.y.y/32 >
route-map MHM permit 10
match ip add 100
set ip next-hop <ISP1>
route-map MHM permit 20
match ip add 110
set ip next-hop <ISP2>
interface <LAN>
ip policy route-map MHM
11-23-2022 09:21 PM
Many thanks MHM Cisco World for details output. I was looking for the same and really appreciate that.
11-24-2022
11:32 AM
- last edited on
11-24-2022
08:42 PM
by
Translator
Hello MHM
I have one router + 2 ISP
One question... I have something similar, but in my case is all the trafic I recive from internet and Nat for a particular private host, if all the traffic I recive ( source any from internet) is reaching me by ISP 1 and some traffic is reaching me by ISP 2 how can I return that trafict by that same ISP 2, I mean:
ip nat source static 1.1.1.1 1024 180.x.x.x. ( my public ISP 1) 1024
ip nat source static 1.1.1.2 8000 180.x.x.x. ( my public ISP 2) 8000
How can I return 1.1.1.1 ----> any by ISP2 if my default route 0.0.0.0 is ISP1 and ISP 2 is floating.
11-23-2022
05:58 AM
- last edited on
11-24-2022
08:47 PM
by
Translator
Hello @Adnan Khan ,
yes it can be done by using extended ip
access-list
as a match criteria in the PBR related
route-map
configuration. This is supported.
All traffic that will not match the ACL(s) will be processed by standard destination based routing i.e. using the RIB on the device.
Effective PBR requires application of the ip policy
route-map
PBR on the inbound rx direction where the packets are received (the LAN interface)
A configuration example has been provided by @MHM Cisco World .
Final note:
try to think more in binary also for your examples:
source IP 172.16.1.10 -20
is not that immediate when you have the write the ACL
172.16.1.1-172.16.1.15 could be rendered with a single line 172.16.1.0 0.0.0.15
Hope to help
Giuseppe
11-23-2022 09:19 PM
Many thanks for reply. My desired result is some source IP with specific destination should route through next hop i define in PBR and any other traffic for the same source users and rest of the users should pass through normal RIB. Just trying to load balance some traffic for some users for specific destinations on internet. Is there any config sample you care to share here please.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide