Zeeshan,
I understand that you are overriding the dynamic routing with PBR on your
layer 3 switch so that you can make a source based routing decision only on
specific traffic. I have done something similar on a router with PBR
tracking an IP SLA. Not sure if you can accomplish this on the switch. IOS
requires the Advanced Security feature set to track the SLA in a route map.
In that case, I have an SLA configured that pings ISP B one hop past the
directly connected WAN network and set a static route for that IP out
through ISP B. I also prevent that IP address from responding to pings
through ISP A. In my case, I had a cable modem connection as ISP B, so no
BGP, but the intended result for outbound traffic is the same. Source from a
specific address space and the policy routes you out through ISP B. All
other traffic routes out through ISP A (dynamic route). If the SLA fails to
ping ISP B (circuit or routing issue), the SLA makes the route map entry
invalid and all traffic leaves through ISP A.
I know it doesn't address your dynamic issue, but it is a possible solution
to the problem.
Mark
#17755, Security
On Wed, Apr 1, 2009 at 4:01 AM, Nadeem Ansari <nadeem.ansari574_at_gmail.com>wrote:
> I think I got your problem can you see the routing table of Router
> connected
> to ISP B, I think it is not able to install default route pointing towards
> Router connected to ISP A pls check the ospf external LSA on Router
> connected to ISP B for further analysis.
>
> Regards
> Nadeem
>
> On Wed, Apr 1, 2009 at 1:23 PM, Zeeshan Sanaullah <
> zeeshan_dreamcatcher_at_hotmail.com> wrote:
>
> > hello !
> >
> > Im stuck in this BGP multihoming Issue , need your help
> >
> > I have attached the diagram ...
> >
> > The Organization has been alloted a pool lets say 192.168.128.0/22 from
> > the
> > RIR like APNIC
> > and also it has a public AS.
> >
> > It peers with two ISPs . ISP A and ISP B.
> >
> > The Traffic flow must be such as ... all incoming traffic must be
> preferred
> > through ISP A
> > except the two pools 192.168.130.0/24 and 192.168.131.0/24 which must be
> > preferred
> > through ISP B.
> >
> > For
> > this I have advertised 192.168.128.0 /22 to ISP A and the two /24 pools
> > to ISP B along with the /22 pool with AS Path Prepended to it.
> >
> > The Incoming Traffic flow is according to the requirements ..
> >
> > The problem is with the outgoing traffic.
> >
> > All outgoing traffic must exit through ISP A except the /24 pools which
> > must
> > use ISP B.
> > This prevents Asymmetric routing.
> >
> > Both providers send the default route. I have configured ospf between the
> > Routers and the
> > switch,
> > and used the default-information originate command on the routers.
> > Router connected to ISP A Advertises the default with metric 20 and
> > Router connected to ISP B
> > advertises the default with metric of 30 to the L3 Switch
> >
> > As
> > the traffic from / 24 pools must exit ISP B , i configured a Routing
> > policy on switch to send traffic sourcing from these pools to ISP B
> > which works ..
> >
> > But the Problem comes when BGP connection to ISP
> > B fails. The switch through policy routing sends traffic from /24 pools
> > to Router connected to ISP B which now doesnot have the BGP Default
> > Route but it has a default route from router connected to ISP A through
> > OSPF. The switch and routers are in the same broadcast network.
> >
> > What
> > I see is the problem is that the Router connected to ISP B is not
> > sending the same traffic back to same interface because the default
> > from OSPF is on the same interface where the traffic is coming from the
> > / 24 pools ... is it the right behaviour ?
> >
> > Do you have any solution to the outgoing traffic requirement using other
> > techniques ?
> >
> > Please Help
> >
> > Regards
> > Zeeshan
> >
> > _________________________________________________________________
> > Quick access to your favorite MSN content and Windows Live with Internet
> > Explorer 8.
> >
> >
> http://ie8.msn.com/microsoft/internet-explorer-8/en-us/ie8.aspx?ocid=B037MSN5
> > 5C0701A
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Wed Apr 01 2009 - 08:34:00 ART
This archive was generated by hypermail 2.2.0 : Mon May 04 2009 - 07:39:11 ART