Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2506
Views
45
Helpful
16
Replies

Policy Based Routing - Doubt

simoesmarco8626982
Level 1
Level 1

‎10-26-2021 05:48 AM - edited ‎10-26-2021 05:50 AM

hi all,

 

I've done some config with PBR and prepared the config ready to be applied to several L3 Switches 9300 and applied the next-hop verify-availability and sla but I have one doubt though. Having in account the image attached, I have the TCP traffic going clockwise and the UDP going anticlockwise, this is all good but if one link stops working, OSPF will take over and send the traffic the other way and if I have PBR applied on the other switches interfaces that link switch to switch (like I have), the traffic will enter and the switch will see that it's TCP or UDP and depending of the PBR will forward the traffic the same way where the traffic came from since in it's PBR it's saying that UDP or TCP has to go that way. Am I correct?

 

For what I understand if I remove the PBR from the links linking the switches, they won't follow the PBR but the switches will do PBR to all the other interfaces (configured like this), but if I don't apply PBR to the interface that links the switches, one switch will send the data to the other in accordance to the PBR but when the traffic enters the next switch because no PBR is present in the link between switches, OSPF will take over and depending on how the routing table is it can forward the traffic again to where it came from. 

 

Am I correct in assuming all of this? What's the best way to deal/configure the switches to deal with this please?

 

This is an example of the configuration I have applied to the switches:

 

ip sla 1
icmp-echo 10.6.254.1
frequency 10
!
ip sla schedule 1 life forever start-time now
!
ip sla 2
icmp-echo 10.1.254.2
frequency 10
!
ip sla schedule 2 life forever start-time now
!
track 1 ip sla 1 reachability
track 2 ip sla 2 reachability
!
route-map TCP_UDP_RM permit 10
match ip address 101
set ip next-hop verify-availability 10.6.254.1 track 1
!
route-map TCP_UDP_RM permit 20
match ip address 100
set ip next-hop verify-availability 10.1.254.2 track 2
!
ip access-list extended 100
10 permit udp any any
!
ip access-list extended 101
10 permit tcp any any

 

Thank you

Labels:
Preview file
10 KB
0 Helpful
16 Replies 16

paul driver
VIP
VIP
In response to simoesmarco8626982

‎10-26-2021 10:49 AM

Hello
Using an IGP like Eigrp delay metric or OSPF interface costing but as I have already stated I believe what is being asked by your consultant isn’t an optimal routing suggestion!


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

balaji.bandi
Hall of Fame
Hall of Fame
In response to simoesmarco8626982

‎10-31-2021 03:09 PM

Sure there may be other solution possible other than PBR in your case, based on the trigger conditions, but never deploy..so look around.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents