cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
659
Views
0
Helpful
6
Replies

Policy based routing and preferred paths

jmcgrady1
Level 1
Level 1

I have a setup with 3 sites. Site's 1 and 2 are data centres and interconnect via a layer 3 link using EIGRP. Site 3 is remote. Comms between Site 1 & 3 (WAN A) and site 2 & 3 (WAN B) is controlled by BGP. Each site has a router and core switch, internal comms at each site uses EIGRP.  Normal operation sees all traffic between the data centers and site 3 use the WAN link from site 1 to 3 (WAN A). So traffic from site 2 to 3 will traverse site 1.

 

Ive been asked if the standby link (B) between sites 2 & 3 can be used for some traffic.  For example, traffic between 1.1.1.1 (sites 1/2) and 2.2.2.2 (at site 3) should use WAN B. I'd imagine policy based routing specifying specific source and destination IPs would override the default costs to make WAN B preferred. However, routing from 1/2 to 3 has me scratching my head.  I want site1/2 to look at each packet and, if source is 1.1.1.1 and destination is 2.2.2.2, route via WAN B if 2.2.2.2 is being advertised as a reachable destination via B. If the source is not 1.1.1.1, then route to 2.2.2.2 via A as usual. If it were just static routes being used, this would be straightforward. The use of EIGRP and BGP makes it less so.

6 Replies 6

Dennis Mink
VIP Alumni
VIP Alumni

what you want to do, i.e. make routing descision based on source and destination, can only be done using PBR,  dynamic routing protocols can only be used with destinations.  you would be better off looking into tweaking metrics on your dynamic routing protocols to 'load balance' destinations and forget about PBR as it can only do a static next hop to route.

Please remember to rate useful posts, by clicking on the stars below.

Hello

PBR does seem a logical proposal however as you have dynamic routing then conditional path manipulation via this could also be a viable alternative.

 

Can you elaborate on what routes are being advertised between eigrp and bgp regards these three sites ( mutual redistribution, default routes etc...)


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Perhaps there is something in the original post that I am not understanding correctly. The main part of the original post seems straightforward: they want to route some traffic over WAN B and suggest the use of PBR to achieve this. If correctly configured PBR would certainly achieve the desired result that both site 1 and site 2 would route traffic from certain sources to site 3 using WAN B. 

 

Then the original post says "If it were just static routes being used, this would be straightforward. The use of EIGRP and BGP makes it less so." and I do not understand this. The basic purpose of PBR is over ride the normal routing logic and to forward specified traffic in a different way. It does not matter whether the normal routing logic was based on static routes or based on EIGRP or BGP. If there is something here I am not understanding correctly then please provide clarification.

 

HTH

 

Rick

 

 

 

HTH

Rick

@Richard Burtsmy thinking is this; we are using dynamic routing because we have dual redundant links. If i use PBR to override routing and set a next hop, i want to avoid the situation where that next hop cant get to the destination because of an impasse further down that link.

 

You can use IP SLA with PBR to check that the end to end connectivity is up. 

 

The key thing is the IP address you use with IP SLA must only be reachable via WAN B ie. it cannot be an IP that is also advertised across WAN A because then it would always be up and your PBR would always use WAN B even if there was an issue. 

 

Jon

@Jon Marshall makes an excellent suggestion. The parameter that you need to add to your set ip next-hop to achieve this is verify-availability. I have implemented it and it works well. I note a recent discussion in the community where we discovered that this functionality is supported on many platforms but that there are a few platforms where it is not supported. So perhaps we should ask what platform is being used here.

https://community.cisco.com/t5/routing/pbr-set-ip-next-hop-verify-availability-with-track-not-working/td-p/3834932

 

HTH

 

Rick

HTH

Rick
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: