10-23-2011 04:04 AM - edited 03-04-2019 02:01 PM
Hi,
I have got a router at branch having three interface card on it. I tried to give example as follows:
Main Server IP address: 192.168.11.5
In the central router I have routed as:
ip route 10.10.20.20 255.255.255.255 10.10.11.20
ip route 10.10.20.30 255,255.255.255 10.10.12.20
Branch Router
Int fa0/1
Desc ***** connected to lan *****
ip address 10.10.20.1/24
Int fa0/2
Desc **** connected to ISP 1 ****
ip address 10.10.11.20/24
Int fa0/3
Desc **** connected to ISP 2 *****
ip address 10.10.12.20/24
ip route 192.168.11.5 255.255.255.255 10.10.11.200 (to isp 1 gateway)
ip route 192.168.11.5 255.255.255.255 10.10.12.200 (to isp 2 gateway)
This routing will divide my packet one by one. I want such a type of routing so that the traffice from 10.10.20.20 goes to 192.168.11.5 through 10.10.11.200 only and traffic is from 10.10.20.30 goes through 10.10.12.200 gateway. What should I do ? I have connected several routers in-between.
Solved! Go to Solution.
10-23-2011 04:32 AM
Hi Bikas
PBR references multiple parameters one of which is access-list wehere we can specify an Extended-ACL which will permit on the basis of Source-Destination Pair
e.g)
CE1(config-route-map)#route-map PBR
CE1(config-route-map)#match ip address ?
<1-199> IP access-list number
<1300-2699> IP access-list number (expanded range)
WORD IP access-list name
prefix-list Match entries of prefix-lists
CE1(config-route-map)#match ip address 110
CE1(config)#access-list 110 permit ip ?
A.B.C.D Source address
any Any source host
host A single source host
CE1(config)#access-list 110 permit ip any ?
A.B.C.D Destination address
any Any destination host
host A single destination host
CE1(config)#access-list 110 permit ip any any
CE1(config)#
Hope this helps you in your traffic flow requirement.
Regards
Varma
10-23-2011 04:16 AM
Hi Bikas
The solution for this traffic flow requirement is to use Policy Based Routing on the Branch Router Fa0/1 Interface connecting to the 10.10.20.0/24 LAN which will do a match using extended Access--List on the Source-Destination Pair and route the traffic across the desired interface.
Please refer this very useful and comprehensive document which will help you achieve the required traffic flow.
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a008009481d.shtml
On a side note on the central router why are we doing host-based routing instead of the complete lan subnet 10.10.20.0/24. Just a suggestion as I have no visibility of the Central Router connectivity but when using PBR we need to ensure that if at the Central Router also we have multiple gateways then same PBR should be applied there also to avoid any assymetric routing.
Hope this helps to answer your query.
Regards
Varma
10-23-2011 04:24 AM
Thanks Varma,
Does the PBR looks for the source or destination ?
Regards,
Bikas
10-23-2011 04:32 AM
Hi Bikas
PBR references multiple parameters one of which is access-list wehere we can specify an Extended-ACL which will permit on the basis of Source-Destination Pair
e.g)
CE1(config-route-map)#route-map PBR
CE1(config-route-map)#match ip address ?
<1-199> IP access-list number
<1300-2699> IP access-list number (expanded range)
WORD IP access-list name
prefix-list Match entries of prefix-lists
CE1(config-route-map)#match ip address 110
CE1(config)#access-list 110 permit ip ?
A.B.C.D Source address
any Any source host
host A single source host
CE1(config)#access-list 110 permit ip any ?
A.B.C.D Destination address
any Any destination host
host A single destination host
CE1(config)#access-list 110 permit ip any any
CE1(config)#
Hope this helps you in your traffic flow requirement.
Regards
Varma
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide