04-14-2011 09:50 AM - edited 03-06-2019 04:37 PM
Hello,
can please someone clarify me a doubt ?
suppose the following:
I have 1 router connected to 2 different ISP... and i have 1 e-mail server inside my network and my public domain is reachable from 2 different public IP's.
my question is: if I initiate connection from outside to 1 of the publics IP's the returning traffic will flow to the initiated interface or will go to the less metric route?
Routes:
access-list 102 permit tcp host 172.16.60.2 any eq smtp
!
route-map REDIRECT_TRAFFIC_SMTP permit 10
match ip address 102
set ip next-hop verify-availability 64.30.154.81 1 track 3
set ip next-hop verify-availability 66.110.117.33 10 track 2
!
best regards
04-14-2011 10:58 AM
If there are two routes in the routing table to that destination, then it will have a 50/50 shot of going back the same way. The router isn't going keep state for which interface the traffic flow is coming in and going on, it's not even going to keep state on the ACL, unless the established key-word is there, but that is usually used for outbound traffic to get back into the network through a router acting as a firewall.
Though "if I initiate connection from outside to 1 of the publics IP's the returning traffic will flow to the initiated interface or will go to the less metric route?" i'm not sure I understand this statement.
Are you trying to state:
Will the returning traffic flow go back through the interface it was recieved on? If that's the question (Answer) -- If that is the only way to get to the original source of the traffic, then yes it will. But if there are two ways to get to the original source, say through interface f0/0 and f0/1, and the traffic was received on int f0/0 to get to the server, then you have a 50/50 shot of it going out the f0/0 interface.
Make Sense??
04-14-2011 03:24 PM
Hi Mitchell,
thanks for your response, in fact i don't understood what you mean by 50/50...
and please explain me:
"unless the established key-word is there, but that is usually used for outbound traffic to get back into the network through a router acting as a firewall"
so, there is a way to get ingress traffic returning to the same interface that receive the traffic? 'couse is really important to get that track.
traffic entering in int fa0/0 must return in the same direction the same way traffic entering in int fa0/1 must return in the same direction
best regards,
Alcides
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide