cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
678
Views
0
Helpful
6
Replies

Trafic engineering

i want to know how to manage trafic using policies.

I mean how i can tell my SD-WAN to send for exemple ICMP by public-internet and as buckup in mpls, and send web trafic in mpls and as buckup in public-internet.

 

Thank you for the help.

6 Replies 6

Hi

 You can use TLOC extention if your public-internet are in one router and the mpls in the other router. Then, you can use policy to create the rules.

 

You may look this video to understand tloc:

https://www.youtube.com/watch?v=RbDp2kK_QYM 

 

And this one, to understand policy traffic.

 

https://www.youtube.com/watch?v=KR4jqWmcRTk&t=273s 

i was asked to use policies other than AAR.

There is no TLOC extension in my lab.

 

thank you for your help.

I only mentioned TLOC in case you have two routers and you want to send traffic from one router to another. It is very common companies connect the MPLS in one router and the internet in another router to have hardware redundancy and link redundancy.

But, if you lab is only one router, you dont need TLOC.  Then, you can focous on the second video that talk about policy.

the second video uses AAR as à policy,

My teacgher asked me to not use AAR but managing traffic in a static methode ( using policies other than AAR).

 

Thank you for your help.

Hi,

 

Do you use NAT on underlay?

If not, answer is so simple.

Match respective packet type and set respective local-tloc using data policy from service-tunnel.

sequence 1

match: icmp

set: local-tloc biz-internet

sequence 11

match: [you can use application or port based]

set: local-tloc mpls

 

 

Please note that, local-tloc is "loose" action i.e if tloc is not available it will send over another interface (of course, you can stop this behavior with restrict keywork)

 

https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/policies/ios-xe-17/policies-book-xe/centralized-policy.html#id_107619

 

Regards,

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

i want to use AAR to control icmp and http, i want them to go out and come back only by mpls as prefered color.

the problem is when i set my AAR the traffic get out by the 'mpls' but get back by 'mpls' and 'public-internet' .

is there a solution.

thank you for your help. 

Review Cisco Networking for a $25 gift card