Re: Verifying routing

acastilloh5690 · ‎06-26-2019

Hello. I have a switch L3 that connects to two ISPs. The routing protocol used is BGP (one ISP is configured with a neighbor weight of 100 and the other is left by default). There is a route-map applied for the two of the ISP that only allows the default route in. I would like to test if I have internet connectivity using the backup ISP, but I cannot bring down any interface or change the configuration, due the fact that this is a production network. Is there a way I can force my tracert or ping to go through the secondary ISP to test the connectivity through it?

Georg Pauwen · ‎06-26-2019

Hello,

the easiest way to test would to just ping e.g. 8.8.8.8 using the IP address or the interface of the backup.

ping 8.8.8.8 source

Giuseppe Larosa · ‎06-26-2019

Hello ,

you can use PBR = Policy Based Routing

access-list 15 permit host x.x.x.x

route-map PBR permit 10

match address 15

set ip next-hop <Secondary-ISP-next-hop>

on internal interface like SVI interface Vlan 50 you apply

interface Vlan 50

ip policy route-map PBR

Note : PBR works only on the incoming direction so it needs to be applied on internal interface.

In this way a single specific host can test the backup path in the upstream direction.

Warning: I supposed you are not doing NAT on your L3 switch but before.

So the x.x.x.x address should be a public address.

To avoid to impact all traffic use a static NAT entry on device performing NAT

Hope to help

Giuseppe

acastilloh5690 · ‎06-27-2019

Thank you.