09-26-2017 11:53 PM - edited 03-05-2019 09:12 AM
hey Community Team'
Recently I am observing an issue with route-maps. Two links from different service providers are terminated on Router 2911. Default route is set to ISP1 & all traffic is working normally. When I applied route-map to send some traffice through an ISP2, then some of websites like (yahoo.com, cisco.com etc) are not opening with ERR-Connection-Timed-Out through ISP2 but at the same time some of websites like (facebook.com, twitter.com, youtube.com etc) are working normally.
any respone will be highly appreciated.
Regards'
Azib.
Solved! Go to Solution.
09-28-2017 01:23 AM
Hey Community Members'
I have figured out the problem & solved it. Actually I have applied a wrong access-list cisin in right dierection like ip access-group cisin out. After applying right access-list in right direction issue has been solved. Thanks for your suggestions & advises.
Regards'
09-27-2017 01:34 AM
Hello
Was you trying to policy route traffic? - Can you poist the configuration of what you applied?
res
Paul
09-27-2017 02:14 AM
Hey @paul driver'
Network Diagram has been attached. Route-map command has been applied on interface Gi 0/2. As earlier I mentioned that default route set to ISP1 & through ISP1 everything has been working well. I have advertised 6 class c networks 4 through ISP1 & 2 through ISP2 using BGP. By default all 6 networks traffic passing through ISP1. I want to pass one of my network or some host traffic through ISP2 using route-map & after applying route-map traffic start passing through ISP2 but as earlier I mentioned that some of websites are not opening through ISP2. Route-Map configuration is given below for the review.
show running-config | section route-map
ip policy route-map wateen-gw
route-map wateen-gw permit 10
match ip address wateenroute
set ip next-hop 58.27.222.101
interface GigabitEthernet0/1
description "70 Mbps UP-Link to Wateen Telecom"
ip address 58.27.222.102 255.255.255.252
ip access-group cisin in
ip access-group cisin out
duplex auto
speed auto
no cdp enable
end
show running-config interface gigabitEthernet 0/2
Building configuration...
Current configuration : 286 bytes
!
interface GigabitEthernet0/2
description "Point to Pint Link Between R2911 to SKT-3750G"
ip address 255.255.255.252 secondary
ip address 172.16.30.101 255.255.255.252
ip policy route-map wateen-gw
ip ospf 7590 area 0
load-interval 30
duplex auto
speed auto
end
Regards'
09-27-2017 05:35 AM
Hello
What do the access-lists state?
Also can you post the bgp routing stanza config?
res
Paul
09-27-2017 08:52 AM
Hello,
Three hosts IP Address has been added into Access-lists to forward traffic to ISP2 using Route-Map.
I didn't understand your second question. is bgp config required or bgp routing table required? Please brief.
Regards'
09-27-2017 12:02 PM
You have multiple access lists. In addition to the access list used for policy based routing you also have an access list applied to the interface cisin. I would like to see the content of that access list.
I have seen situations where some web sites worked ok while other web sites had issues that were caused by MTU issues. Is it possible that there is something on the link for ISP2 that impacts MTU? Perhaps some encapsulation, or some tunneling, or QinQ processing? You might try using ip tcp adjust-mss to set a lower negotiated MTU and see if it helps.
HTH
Rick
09-28-2017 01:23 AM
Hey Community Members'
I have figured out the problem & solved it. Actually I have applied a wrong access-list cisin in right dierection like ip access-group cisin out. After applying right access-list in right direction issue has been solved. Thanks for your suggestions & advises.
Regards'
09-28-2017 06:41 AM
Azib
Thank you for posting back to the forum and letting us know that you have solved your own problem and that the problem was incorrect application of the access list. It is always nice to see an issue where the original poster was able to find their own solution and to share that with the forum.
HTH
Rick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide