11-13-2009 05:00 AM - edited 03-04-2019 06:42 AM
Hi,
Just wondered if anyone can assist with this as it's a urgent request from our customer.
Basically, we have a site with 2 x 34mb WAN links. The links work as traditional Primary / Backup so all traffic (e.g. 192.168.0.0) is routed in/out of the Primary link under normal operation. Should the Primary fail them all traffic routes over the Backup link.
Over the last few weeks Primary 34mb circuit has become overloaded so the customer has asked us to route just the IPT subnets over the backup link.
We use EIGRP on the LAN side and redistribute into BGP on the WAN side.
So, now the customer wants us to route juts the IPT subnet 10.2.0.0 in/out over the Backup link while all 192.168.0.0 traffic continues to use the Primary cirucit . But should the Backup link fail we would need the IPT subnet to route back via the Primary link. Hope that makes sense.
Does anyone know the best way to achieve this.?
We use the following commands under EIGRP / BGP to route all traffic in/out over the Primary link. I've changed the ip addresses but hopefully you get the drift.
Thanks for any help in advance.
John
interface GigabitEthernet0
bandwidth 34000
!
interface GigabitEthernet0.16
description WAN Primary
ip address 192.168.1.1. 255.255.255.0
router eigrp 8001
network 192.168.0.0
no auto-summary
timers active-time 10
redistribute bgp 49 route-map bgp-eigrp
!
router bgp 49
redistribute eigrp 8001 route-map eigrp-bgp
neighbor x.x.x.x remote-as 6xxx
neighbor x.x.x.x default-originate
neighbor x.x.x.x route-map set-localpref-pri in
neighbor x.x.x.x route-map set-med-pri out
maximum-paths 2
no auto-summary
route-map bgp-eigrp deny 10
description block any prev bgp-eigrp redistr routes
match tag 999
!
route-map bgp-eigrp permit 30
description set eigrp metric and set tag
set metric 34000 100 255 1 1500
set tag 999
!
route-map eigrp-bgp deny 10
description block any prev bgp-eigrp redistr routes
match tag 999
!
route-map eigrp-bgp permit 20
description permit all other routes learned via EIGRP
set metric 100
!
route-map set-med-pri permit 10
description set bgp med to influence inbound routing. Lower is better
set metric 100
!
route-map set-locafpref-pri permit 10
description set bgp local pref to influence outbound routing. higher is better
set local-preference 150
11-13-2009 05:07 AM
John
For outbound traffic PBR (Policy Based routing) is the answer. You could also tie this in with IP SLA tracking to check if the next-hop is up and if not fall back to the primary link.
Are you familiar with PBR and tracking ?
For return traffic if you want it to use the backup link then you can use MED within BGP to influence which path inbound traffic takes.
Jon
Jon
11-13-2009 05:32 AM
Hi Jon,
Yes, we've done a bit of PBR and tracking but only for VPN.
Are you able to shed a bit more light.?
Many thanks for your help.
Cheers
John
11-13-2009 05:46 AM
John
Apologies for the lack of detail, i'm on a bit of a tight schedule this afternoon so i'll have to be brief :-)
This link provides an example of using PBR with the "set ip next-hop verify-availability" which allows you to check if the next hop is up before using PBR. If it isn't up then the normal routing table will be used ie. the primary link in your case -
http://www.cisco.com/en/US/docs/ios/12_3t/ip_route/command/reference/ip2_s1gt.html#wp1091258
As for MED, you advertise the same subnet(s) out of both links but you add a weighting so that the backup link is preferred for your IPT subnet(s). If the link goes down then because the primary link is also advertising out the subnet traffic just comes in on the primary link. MED can be applied per IP address/subnet so it will only affect the IPT traffic.
Hope that's enough for you to be going on with. I'll check back later today.
Jon
11-13-2009 08:37 AM
Cheers Jon. I'll have a look and get back to you on Monday.
Thanks again.
John
11-13-2009 08:40 AM
Why don't you load share on these links ?
You will have the best resource utilization and backup protection without none of the added complications of PBR.
11-13-2009 09:45 AM
We were looking into this as well using GLBP. Do you some experience of this as it's not something we've doen before.?
Cheers
John
11-13-2009 09:50 AM
There is absolutely nothing special about it, just simple routing. Any decently certified technician should be able to do that.
For the details, a complete diagram would need to be seen.
11-13-2009 10:43 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide