From: shiran guez (shiranp3@gmail.com)
Date: Thu Dec 18 2008 - 05:06:27 ARST
Guys, (and kids)
PBR is basically sophisticated static route as on static route you can set a
next hop only based on destination on PBR you can decide based on many
options and variables (source, source+destination, TOS, tags, metric.....)
what will be the next-hop ( and also here you can set many other options but
currently I am talking on *next-hop only*).
STATIC IP ROUTE if you will try to set ip route on the hsrp active router
with next set to the hsrp vip you will get the follwoing * (%Invalid next
hop address (Its this router)(* , if you will put the same ip route pointing
to the VIP while the router is in standby you will be able to but when the
router will be in active again what ever was going to through the router to
this destination will be blackhole4d
So now is your own ip a valid next hop?!!!
On Thu, Dec 18, 2008 at 3:58 AM, CCIE Gmail <majonestx@gmail.com> wrote:
> Dude you're going to jail.
>
> - michael
>
> Cry in the lab, laugh in the Data center.
>
> Sent from my IPhone.
>
>
> On Dec 17, 2008, at 2:39 PM, Hobbs <deadheadblues@gmail.com> wrote:
>
> It's against the law
>>
>> On Wed, Dec 17, 2008 at 12:47 PM, shiran guez <shiranp3@gmail.com> wrote:
>>
>> guys come on this is not the question if I can configure or if it is
>>> working
>>> partialy or not.
>>>
>>> The question is routing wise next hop my self is a valid next hop?! (no
>>> router tricks)
>>>
>>>
>>>
>>>
>>> On Wed, Dec 17, 2008 at 8:10 PM, Luan Nguyen <luan@netcraftsmen.net>
>>> wrote:
>>>
>>> The command got accepted...with a warning...if your cisco router is the
>>>> standby, then the VIP is not local, no complain there. And it works
>>>> fine
>>>> with debug ip policy.
>>>>
>>>> Luan Nguyen
>>>> Chesapeake NetCraftsmen, LLC.
>>>> www.NetCraftsmen.net <http://www.netcraftsmen.net/>
>>>>
>>>>
>>>>
>>>> -----Original Message-----
>>>> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
>>>> shiran guez
>>>> Sent: Wednesday, December 17, 2008 12:57 PM
>>>> To: Joseph Brunner
>>>> Cc: Cisco certification
>>>> Subject: Re: Need your Advice guys
>>>>
>>>> This is not the question, it is not my design or implementation or
>>>> solution,
>>>> the question is if it is a legal routing action or not and if it is a
>>>>
>>> legal
>>>
>>>> action (I think not, unless there is one of the other cases I have
>>>> mentioned)!
>>>>
>>>>
>>>>
>>>>
>>>> On Wed, Dec 17, 2008 at 7:42 PM, Joseph Brunner
>>>> <joe@affirmedsystems.com>wrote:
>>>>
>>>> I think it's a bad design all together and should be migrated away from
>>>>>
>>>>> -----Original Message-----
>>>>> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
>>>>>
>>>> Of
>>>
>>>> shiran guez
>>>>> Sent: Wednesday, December 17, 2008 12:28 PM
>>>>> To: Cisco certification
>>>>> Subject: Need your Advice guys
>>>>>
>>>>> Hi
>>>>>
>>>>> I am loosing my mind here with a scenario I have here:
>>>>>
>>>>>
>>>>> CAT3750 have 3 vlans interfaces
>>>>>
>>>>> for example sake:
>>>>>
>>>>> # Incoming traffic from LAN
>>>>> vlan 10
>>>>> # Incoming traffic from WAN
>>>>> vlan 20
>>>>> # HSRP VLAN WITH Second Network Appliance
>>>>> vlan 30
>>>>>
>>>>> on vlan 10 and 20 there is a PBR set based on match from source x to
>>>>>
>>>> route
>>>>
>>>>> next hop HSRP virtual IP
>>>>>
>>>>> v10 v20
>>>>> --------> CAT3750 <---------
>>>>> ^
>>>>> | v30
>>>>> |
>>>>> NETWORK Appliance
>>>>> Now my argument is that as long as hsrp active status is the Network
>>>>> Appliance there is no problem but when the Cat3750 will become active
>>>>>
>>>> then
>>>>
>>>>> that mean that next hop is his own connected Interface and that is not
>>>>>
>>>> a
>>>
>>>> legal routing action.
>>>>>
>>>>>
>>>>> But why am I sending this out to the group?! well I got some SE's in my
>>>>> company that are saying hey this is the way we work for several years
>>>>>
>>>> now
>>>
>>>> and we have an official document that was issued to us ( by a former
>>>>> employee in my company, note also a CCIE) that this should work.
>>>>>
>>>>> Well as long as I can remember this is not a legal routing action
>>>>>
>>>> unless
>>>
>>>> it
>>>>
>>>>> is pointing to a loopback interface where then I would use a PBR under
>>>>>
>>>> the
>>>>
>>>>> global config to intercept local generated traffic and may be do a NAT
>>>>>
>>>> or
>>>
>>>> some other stupid router tricks.
>>>>>
>>>>> Please correct me if I am loosing my mind here as sometime when several
>>>>> people tell you something you start to loose your own confidence in
>>>>>
>>>> your
>>>
>>>> knowledge.
>>>>>
>>>>>
>>>>> Thank you all in advanced
>>>>>
>>>>> --
>>>>> Shiran Guez
>>>>> MCSE CCNP NCE1 JNCIA-ER CCIE #20572
>>>>> http://cciep3.blogspot.com
>>>>> http://www.linkedin.com/in/cciep3
>>>>>
>>>>>
>>>>> Blogs and organic groups at http://www.ccie.net
>>>>>
>>>>> _______________________________________________________________________
>>>>>
>>>>
>
> Subscription information may be found at:
>>>>> http://www.groupstudy.com/list/CCIELab.html
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>
>>>> --
>>>> Shiran Guez
>>>> MCSE CCNP NCE1 JNCIA-ER CCIE #20572
>>>> http://cciep3.blogspot.com
>>>> http://www.linkedin.com/in/cciep3
>>>>
>>>>
>>>> Blogs and organic groups at http://www.ccie.net
>>>>
>>>> _______________________________________________________________________
>>>>
>>>
>
> Subscription information may be found at:
>>>> http://www.groupstudy.com/list/CCIELab.html
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>> --
>>> Shiran Guez
>>> MCSE CCNP NCE1 JNCIA-ER CCIE #20572
>>> http://cciep3.blogspot.com
>>> http://www.linkedin.com/in/cciep3
>>>
>>>
>>> Blogs and organic groups at http://www.ccie.net
>>>
>>> _______________________________________________________________________
>>>
>>
>
> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>>>
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>>
>
>
> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>>
>>
>>
>>
>>
>>
-- Shiran Guez MCSE CCNP NCE1 JNCIA-ER CCIE #20572 http://cciep3.blogspot.com http://www.linkedin.com/in/cciep3Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Thu Jan 01 2009 - 12:53:09 ARST