Re: Policy Routing and re-routing Scenario

From: ismail el-shalh (ishelh_mdsa@yahoo.com)
Date: Thu Jan 11 2007 - 19:36:31 ART

• Next message: Vincent Mashburn: "RE: Service-Policy Input Not Staying on FastEthernet Interface"
• Previous message: Yasmin Lara: "BGP DMZ-BW"
• Maybe in reply to: ismail el-shalh: "Policy Routing and re-routing Scenario"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Josef,
   
  Thanks allot, I tried it and it worked perfect :)
   
  

Josef A <josefnet@gmail.com> wrote:
  Ismail,

Try policy routing with object tracking. You might want R6 to track R5's
interface facing R2, and set next-hop appropriately

http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cg/hirp_c/ch20/h_pbrtrk.htm

Thanks
Josef

On 1/10/07, ismail el-shalh wrote:
>
> Hi Folks, I hope you are doing fine
>
>
> I want to achieve policy routing and link re-routing at the same time ,
> here is my scenario :
>
> R5
> | \
> | \
> | \
> R2 -------R6
> |
> PC
> 172.16.7.80
>
>
> The gateway should be R6 (172.16.7.200)
> If the traffic sourced from the PC (172.16.7.80), the traffic should pass
> via the link between R5 and R2
>
> If the link between R2 and R5 fails, the traffic which is sourced from the
> PC should pass via the link between R5 and R6.
>
> This policy will serve that if any servers on the LAN initiate traffic,
> they should be routed via the fast link which is between R6 and R5.
> But if any normal PC , then the traffic should pass between R5 and R2.
>
> I used policy routing for this to happen, OSPF is configured between R5
> and R2 and between R2 and R6. BGP is configured between R5 and R6.
>
>
> The problem is occurring when I am setting the next hop on R6 to be toward
> R2, now if the link between R2 and R5 is up, there will be no problem, but
> if the link fails between R2 and R5, the BGP route will appear on R2 (Since
> redistribution is configured on R6) and the packet will go back to R6, now
> because the policy is configured on R6, R6 will return back the traffic
> toward R2.
>
> A loop will occur!
>
> I will be happy if some one can tell me the right method to achieve my
> goal.
>
> Here is my configuration for R2, R5 and R6
>
> R6
>
>
>
>
> ip access-list extended ORACLE_TRAFFIC
> permit ip host 172.16.7.180 172.16.20.0 0.0.3.255
>
>
> ip access-list extended TRAFFIC-TOWARD-R5
> remark OTHER RAFFIC DESTINED TOWARD R5
> permit ip any 172.16.20.0 0.0.3.255
>
>
> route-map POLICY_ROUTE permit 10
> match ip address ORACLE_TRAFFIC
>
> route-map POLICY_ROUTE permit 30
> match ip address TRAFFIC-TOWARD-R5
> set ip next-hop 172.16.7.253
>
>
>
>
> interface ethernet 0/0
> ip address 172.16.7.200 255.255.252.0
> ip policy route-map POLICY_ROUTE
>
> interface serial 0
> ip address 150.1.1.6 255.255.255.0
>
> router bgp
> no synchronization
> neighbor 150.1.1.5 remote-as 500
> no auto-summary
>
>
>
>
> router ospf 1
> router-id 10.10.10.6
> log-adjacency-changes
> redistribute bgp 64567 metric-type 1 subnets
> network 10.10.10.6 0.0.0.0 area 0
> network 172.16.7.200 0.0.0.0 area 0
>
>
> R2
>
>
>
> router ospf 1
> router-id 10.10.10.6
> log-adjacency-changes
> redistribute bgp 64567 metric-type 1 subnets
> network 10.10.10.6 0.0.0.0 area 0
> network 172.16.7.200 0.0.0.0 area 0
>
> interface serial 0
> ip address 130.1.90.1 255.255.255.252
>
>
> interface FastEthernet0/0
> ip address 172.16.7.253 255.255.252.0
>
> router ospf 1
> router-id 10.10.10.2
> network 10.10.10.2 0.0.0.0 area 0
> network 172.16.7.253
>
> router bgp
> no synchronization
> neighbor 150.1.1.6 remote-as 500
> no auto-summary
>
>
> R5
>
> interface Ethernet0/0
> ip policy route-map POLICY_ROUTE
>
> interface serial 0
> ip address 150.1.1.5 255.255.255.0
>
> interface serial 1
> ip address 130.1.90.2 255.255.255.252
> 0
>
>
> ip access-list extended ORACLE_TRAFFIC
> permit ip any host 172.16.7.180
> ip access-list extended OTHER_TRAFFIC
> permit ip any
>
>
> route-map POLICY_ROUTE permit 10
> match ip address ORACLE_TRAFFIC
> set ip next-hop 150.1.1.6
> !
> route-map POLICY_ROUTE permit 20
> match ip address OTHER_TRAFFIC
> set ip next-hop 130.1.90.1
>
> router bgp 500
> bgp log-neighbor-changes
> redistribute connected metric 1
> neighbor 150.1.1.6 remote-as 65000
> no auto-summary
>
> router ospf 1
> router-id 10.10.10.13
> network 10.10.10.13 0.0.0.0 area 2
> network 130.1.90.2 0.0.0.0 area 2
> network 172.16.23.254 0.0.0.0 area 2
>
>
> Thanks in advance :)
> Ismail
>
>
> ---------------------------------
> Check out the all-new Yahoo! Mail beta - Fire up a more powerful email and
> get things done faster.
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Vincent Mashburn: "RE: Service-Policy Input Not Staying on FastEthernet Interface"
• Previous message: Yasmin Lara: "BGP DMZ-BW"
• Maybe in reply to: ismail el-shalh: "Policy Routing and re-routing Scenario"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Feb 08 2007 - 23:46:56 ART