Re: Policy Routing and re-routing Scenario

From: Narbik Kocharians (narbikk@gmail.com)
Date: Wed Jan 10 2007 - 13:07:35 ART

• Next message: Muhammad Saleem: "Re: ned help CCIE Lab, upgrade 2500 IOS"
• Previous message: Tony Schaffran: "RE: ned help CCIE Lab, upgrade 2500 IOS"
• Maybe in reply to: ismail el-shalh: "Policy Routing and re-routing Scenario"
• Next in thread: ismail el-shalh: "Re: Policy Routing and re-routing Scenario"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Have you tried HSRP with interface tracking with two groups?

On 1/10/07, Josef A <josefnet@gmail.com> wrote:
>
> Ismail,
>
> Try policy routing with object tracking. You might want R6 to track R5's
> interface facing R2, and set next-hop appropriately
>
>
> http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cg/hirp_c/ch20/h_pbrtrk.htm
>
> Thanks
> Josef
>
> On 1/10/07, ismail el-shalh <ishelh_mdsa@yahoo.com> wrote:
> >
> > Hi Folks, I hope you are doing fine
> >
> >
> > I want to achieve policy routing and link re-routing at the same time ,
> > here is my scenario :
> >
> > R5
> > | \
> > | \
> > | \
> > R2 -------R6
> > |
> > PC
> > 172.16.7.80
> >
> >
> > The gateway should be R6 (172.16.7.200)
> > If the traffic sourced from the PC (172.16.7.80), the traffic should
> pass
> > via the link between R5 and R2
> >
> > If the link between R2 and R5 fails, the traffic which is sourced from
> the
> > PC should pass via the link between R5 and R6.
> >
> > This policy will serve that if any servers on the LAN initiate traffic,
> > they should be routed via the fast link which is between R6 and R5.
> > But if any normal PC , then the traffic should pass between R5 and R2.
> >
> > I used policy routing for this to happen, OSPF is configured between R5
> > and R2 and between R2 and R6. BGP is configured between R5 and R6.
> >
> >
> > The problem is occurring when I am setting the next hop on R6 to be
> toward
> > R2, now if the link between R2 and R5 is up, there will be no problem,
> but
> > if the link fails between R2 and R5, the BGP route will appear on R2
> (Since
> > redistribution is configured on R6) and the packet will go back to R6,
> now
> > because the policy is configured on R6, R6 will return back the traffic
> > toward R2.
> >
> > A loop will occur!
> >
> > I will be happy if some one can tell me the right method to achieve my
> > goal.
> >
> > Here is my configuration for R2, R5 and R6
> >
> > R6
> >
> >
> >
> >
> > ip access-list extended ORACLE_TRAFFIC
> > permit ip host 172.16.7.180 172.16.20.0 0.0.3.255
> >
> >
> > ip access-list extended TRAFFIC-TOWARD-R5
> > remark OTHER RAFFIC DESTINED TOWARD R5
> > permit ip any 172.16.20.0 0.0.3.255
> >
> >
> > route-map POLICY_ROUTE permit 10
> > match ip address ORACLE_TRAFFIC
> >
> > route-map POLICY_ROUTE permit 30
> > match ip address TRAFFIC-TOWARD-R5
> > set ip next-hop 172.16.7.253
> >
> >
> >
> >
> > interface ethernet 0/0
> > ip address 172.16.7.200 255.255.252.0
> > ip policy route-map POLICY_ROUTE
> >
> > interface serial 0
> > ip address 150.1.1.6 255.255.255.0
> >
> > router bgp
> > no synchronization
> > neighbor 150.1.1.5 remote-as 500
> > no auto-summary
> >
> >
> >
> >
> > router ospf 1
> > router-id 10.10.10.6
> > log-adjacency-changes
> > redistribute bgp 64567 metric-type 1 subnets
> > network 10.10.10.6 0.0.0.0 area 0
> > network 172.16.7.200 0.0.0.0 area 0
> >
> >
> > R2
> >
> >
> >
> > router ospf 1
> > router-id 10.10.10.6
> > log-adjacency-changes
> > redistribute bgp 64567 metric-type 1 subnets
> > network 10.10.10.6 0.0.0.0 area 0
> > network 172.16.7.200 0.0.0.0 area 0
> >
> > interface serial 0
> > ip address 130.1.90.1 255.255.255.252
> >
> >
> > interface FastEthernet0/0
> > ip address 172.16.7.253 255.255.252.0
> >
> > router ospf 1
> > router-id 10.10.10.2
> > network 10.10.10.2 0.0.0.0 area 0
> > network 172.16.7.253
> >
> > router bgp
> > no synchronization
> > neighbor 150.1.1.6 remote-as 500
> > no auto-summary
> >
> >
> > R5
> >
> > interface Ethernet0/0
> > ip policy route-map POLICY_ROUTE
> >
> > interface serial 0
> > ip address 150.1.1.5 255.255.255.0
> >
> > interface serial 1
> > ip address 130.1.90.2 255.255.255.252
> > 0
> >
> >
> > ip access-list extended ORACLE_TRAFFIC
> > permit ip any host 172.16.7.180
> > ip access-list extended OTHER_TRAFFIC
> > permit ip any
> >
> >
> > route-map POLICY_ROUTE permit 10
> > match ip address ORACLE_TRAFFIC
> > set ip next-hop 150.1.1.6
> > !
> > route-map POLICY_ROUTE permit 20
> > match ip address OTHER_TRAFFIC
> > set ip next-hop 130.1.90.1
> >
> > router bgp 500
> > bgp log-neighbor-changes
> > redistribute connected metric 1
> > neighbor 150.1.1.6 remote-as 65000
> > no auto-summary
> >
> > router ospf 1
> > router-id 10.10.10.13
> > network 10.10.10.13 0.0.0.0 area 2
> > network 130.1.90.2 0.0.0.0 area 2
> > network 172.16.23.254 0.0.0.0 area 2
> >
> >
> > Thanks in advance :)
> > Ismail
> >
> >
> > ---------------------------------
> > Check out the all-new Yahoo! Mail beta - Fire up a more powerful email
> and
> > get things done faster.
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>

-- 
Narbik Kocharians
CCIE# 12410 (R&S, SP, Security)
CCSI# 30832
Network Learning, Inc. (CCIE class Instructor)
www.ccbootcamp.com (CCIE Training)

• Next message: Muhammad Saleem: "Re: ned help CCIE Lab, upgrade 2500 IOS"
• Previous message: Tony Schaffran: "RE: ned help CCIE Lab, upgrade 2500 IOS"
• Maybe in reply to: ismail el-shalh: "Policy Routing and re-routing Scenario"
• Next in thread: ismail el-shalh: "Re: Policy Routing and re-routing Scenario"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Feb 08 2007 - 23:46:56 ART