Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
877
Views
0
Helpful
7
Replies

Routing Guide

Hamidsattarrana
Level 1
Level 1

‎08-03-2020 02:56 AM

Hi Hope you guys are well.

I am in situation where I have to route all traffic to next hop for Web-Server (https://voipserver.com) via Policy Based Routing. But the issue is that DNS request for that Web-Server is resolved via 8.8.8.8. And 8.8.8.8 is not allowed on next hop. Only traffic destined for specific server (https://voipserver) is allowed.

I am using 8.8.8.8 8.8.4.4 as name server.

I want to do route DNS traffic for that specific Web-Server to Specific next hop. All other traffic should take the default route.

Need Suggestion?

 

0 Helpful
7 Replies 7

Jon Marshall
Hall of Fame
Hall of Fame

‎08-03-2020 04:06 AM

 

So just add a line in your PBR acl for that specific traffic and it will be policy routed. 

 

Although not clear why you need to do this as DNS resolution is independent of the web traffic. 

 

Jon

0 Helpful

Hamidsattarrana
Level 1
Level 1
In response to Jon Marshall

‎08-03-2020 04:17 AM

Basically it's web server. We are using WebRTC. Let's say it's ip address is 200.100.100.1/24.
Traffic for that web-server is routed via PBR. But it's name resolution request is going via another ISP which is destined for 8.8.8.8.
How can I route DNS traffic for that specific web-server?

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to Hamidsattarrana

‎08-03-2020 04:21 AM

 

Why do you need to ie. it doesn't really matter where the DNS traffic goes as it is independent of the web traffic. 

 

However if you really must route that traffic via PBR then as I said just add a line in your acl that you use with your PBR configuration to match that traffic eg. 

 

permit udp any host 8.8.8.8 eq 53 

 

Jon 

0 Helpful

Hamidsattarrana
Level 1
Level 1
In response to Jon Marshall

‎08-03-2020 04:33 AM

Can't add that line. This will route all DNS traffic to that IP.
I don't want all DNS traffic to go through that ISP. I just want that VOIP server DNS traffic to go through that ISP.
All other web-servers traffic must go
0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to Hamidsattarrana

‎08-03-2020 05:32 AM

 

You won't be able to do that because you basically need to be able to inspect the actual DNS request to see what name is being requested. 

 

Not sure whether you could do anything with NBAR but it's not clear why you have this requirement. 

 

Jon

0 Helpful

Hamidsattarrana
Level 1
Level 1
In response to Jon Marshall

‎08-03-2020 06:00 AM

I have 2 ISPs.
1 for Data
1 for VOIP Only
I have configured PBR for FTP traffic for the same server https://voipserver.com so FTP can go via Data ISP.
But I want all other traffic go via VOIP ISP except FTP which is going via Data ISP.
0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to Hamidsattarrana

‎08-03-2020 06:26 AM - edited ‎08-03-2020 06:29 AM

 

Don't really know what else to say. 

 

I am not sure why you need to split DNS traffic between ISPs depending upon the destination server but like I say you would need something that could inspect the DNS packet to see which name is being looked up. 

 

DNS requests are very small and whichever ISP is used for the DNS request does not affect which ISP is used for the actual traffic. 

 

Maybe someone else has a suggestion. 

 

Jon

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card