PBR - Questions

Thiago Cella · ‎09-30-2014

Hi Friends,

Imagine the simple scenario, with interface inside to lan address, and two ISP links. I would like to know, if is possible, the follow situations, and please could you send the examples and articles explain how to do this, using router Cisco, with IOS universal:

Questions:

From inside all traffic with protocols HTTP,HTTPS,ICMP, uses the ISP1

From inside all traffic with protocols FTP, uses the ISP2

When the ISP1 is down, the traffic HTTP,HTTPS,ICMP use the ISP2

When the ISP2 is down, the traffic FTP use the ISP1

In the same scenario, there is a NAT to address from outisde access my server on port 3389, simultaneously by ISP1 and ISP2.

Tks

Terence Payet · ‎10-01-2014

Hi,

Yes you can, by using ip sla with track objects + your PBR config.

See below example:

ip sla1

icmp-echo 8.8.8.8 source-interface -> facing ISP1

frequency 10

ip sla 1 schedule 1 life forever start-time now

ip sla 2

icmp-echo 8.8.8.8 source-interface -> facing ISP2

frequency 10

ip sla 2 schedule 1 life forever start-time now

track 1 rtr 1 reachability

track 2 rtr 2 reachability

ip access-list extended ISP1_TRAFFIC

permit tcp LAN address any eq 80

permit tcp LAN address any eq 443

permit icmp LAN address any

p access-list extended ISP2_TRAFFIC

permit tcp LAN address any eq 20

permit tcp LAN address any eq 21

route-map ISP1_MAP permit 10

match ip address ISP1_TRAFFIC

set ip next-hop verify-availability 'ip next hop of ISP 1' track 1

route-map ISP2_MAP permit 10

match ip address ISP2_TRAFFIC

set ip next-hop verify-availability 'ip next hop of ISP 2' track 2

Now apply the route-map to the respective interfaces.

HTH.

Please rate helpful post.

Terence

Thiago Cella · ‎10-01-2014

Tks tpayet120 ,

But if ISP1 is down, the traffic http,https and icmp will work ISP 2?

And the ISP2 is down, the FTP goes to ISP1?

And the static nat, work simultaneously with two ISP?

t