1. Home
  2. Cisco Systems
  3. Policy Based Routing with 2 providers

Policy Based Routing with 2 providers

Hi

We have a IOS router with 2 service providers (DSL and T1).

We would like to send all outbound traffic from internal server 10.10.10.111 via DSL link. There is also static NAT to this server, therefore responses to inbound requests need to be sent via the DSL link too.

Do I need to use PBR? If so, here is what I am thinking....

------------------ ip nat inside source static 10.10.10.11 64.205.63.100 extendable

interface Vlan101 description to DSL modem ip address 64.205.63.99 255.255.255.248 ip policy route-map map_dsl1_out ip nat outside ip virtual-reassembly

ip access-list standard acl_dsl1_Out permit 10.10.10.11

route-map map_dsl1_out permit 10 match ip address acl_dsl1_Out set

--------------------------------------

What am I missing? Thanks.

AXJ

Reply to
AXJ
Loading thread data ...

Te "ip policy" statement has to be put on the LAN interface that connects to the server.

In the route-map, the command you're missing is "set next-hop

64.205.63.x", where 64.205.63.99 is the other end of the DSL connection.
Reply to
Barry Margolin

Thanks, Barry. According to your suggestion. Here is my changes. In this case, is the routing table (ip route command) ignored by the IOS? Thanks.

------------------------------------------------------------------------------- ip nat inside source static 10.10.10.11 64.205.63.100 extendable

ip access-list standard acl_dsl1_Out permit 10.10.10.11

route-map map_dsl1_out permit 10 match ip address acl_dsl1_Out set next-hop 64.205.63.98

interface Vlan101 description to DSL modem 64.205.63.98 ip address 64.205.63.99 255.255.255.248 ip nat outside

interface FastEthernet0/1 description Internal Corporate Net ip address 10.10.10.1 255.255.255.0 ip nat inside ip policy route-map map_dsl1_out

-----------------------------------------------------------------------------------------------

Reply to
FortuneCookie

-=AD--------------------

The PBR is considered first and then if that fails e.g. the output interface is down or the next hop is not available (perhaps ARP failure) the routing table is used. I seem to recall that you can tell PBR to drop the packet instead. There is a document on CCO but I can't find it right now. I should know since I recently did an implementation that depended on the default behaviour which I verified carefully:-)

Reply to
Bod43

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.