I have a Cisco 2811 that has 2 Fast Ethernet interfaces. One interface I want to use to control "Routes" on my local private network (Basically just routing back throught same same interface).
The other Interface is the LAN side my T1 connection coming in on a WIC card (WAN).
My issue is that I can only specifly one default-gateway and one
0.0.0.0 0 0.0.0 route for the router.Ideally, I need to be able to route and specify gateway settings by interface.
Is this possible?
not if you want it to act as a single router.
0.0.0.0 is an entry "anything that doesnt match goes this way". Since you want the router to send between subnets, it uses a single routing table to control the box.so if you have 2, 10 or 50 routes on this router, each should be in the routing table. packets to a known destination follow the route specific to that destination subnet, not the default.
you can have multiple default routes, but 2nd etc are there as backups, or the set of routes load balance across 2 ways out of your network.
what usually happens inside a private network is that user devices such as PCs have a default route to find a router.
but each router has a map giving a route specific "model" of the network - or it cant choose where to next send a packet.
draw a diagram of the network and label the subnets
maybe - i think you need to explain what you are trying to do with more detail - eg for individual interfaces, where you want packets to go (and where not).
>This is currently how it looks:
interface Multilink1 ip address 67.xxx.xxx.126 255.255.255.252 ppp multilink ppp multilink fragment disable ppp multilink group 1 ! ! ! interface Serial0/0/0 description Quest Internet T1 no ip address encapsulation ppp no keepalive no fair-queue ppp multilink ppp multilink group 1 no shutdown ! interface Serial0/1/0 no ip address encapsulation ppp no keepalive no fair-queue ppp multilink ppp multilink group 1 no shutdown
interface FastEthernet0/0 ip address 69.xxx.xxx.65 255.255.255.224 speed auto full-duplex no shutdown speed auto
interface FastEthernet0/1 ip address 192.168.21.1 255.255.255.0 no shutdown duplex auto speed auto
For anything traveling though the FE0/1 interface, I want to use the below routes:
ip route 0.0.0.0 0.0.0.0 192.168.21.2 (Back to PIX, then gets filtered by Websense) ip route 172.16.0.0 255.252.0.0 192.168.21.4 ip route 172.20.0.0 255.252.0.0 192.168.21.4 ip route 192.168.33.0 255.255.255.0 192.168.21.4
For anything traveling though the FE0/0 interface, I want to use the below routes:
ip route 0.0.0.0 0.0.0.0 67.XXX.XXX.125 (WAN Gateway back to ISP)
I would like to segregate the two interfaces, as if they were different routers.
Is this possible?
stephen wrote:
You can do this with Policy Routing.
route-map policy_fe01 permit 10 match ip address 101 set ip next-hop 192.168.21.4 route-map policy_fe01 permit 20 set ip next-hop 192.168.21.2
route-map policy_fe00 permit 10 set ip next-hop 67.xxx.xxx.125
access-list 101 permit ip any 172.16.0.0 255.248.0.0 access-list 101 permit ip any 192.168.33.0 255.255.255.0
interface fa0/1 ip policy policy_fe01 interface fa0/0 ip policy policy_fe00
So you want the two serial interfaces, the multilink PPP interface into which they are bound and FastEthernet0/0 to be treated as if they were on one router.
And you want FastEthernet0/1 to be treated as if it were on a second router.
Barry suggested IP policy routing. That'll work but is not the approach that I would prefer. If your IOS version supports it, multi-vrf/vrf-lite is more secure and conceptually simpler.
! Global configuration -- create a separate routing table for your ! Internet interfaces.
ip vrf Internet description Interfaces on Internet side of this router rd 100:1 ! No significance to the "100:1". Just need to specify ! some eight-byte number to uniquely identify the table.
! Interface configuration -- put your Internet interfaces into ! the Internet routing table. Don't need to touch the two serial ! interfaces bound up as Multilink1 since they don't do IP routing ! directly.
Interface Multilink1 ip vrf forwarding Internet ip address 67.xxx.xxx.126 255.255.255.252 ! Note that when you turn on "ip vrf forwarding Internet" ! the pre-existing IP address on the interface will be removed ! and you'll need to re-create it in the new Internet vrf.
Interface FastEthernet0/0 ip vrf forwarding Internet ip address 69.xxx.xxx.65 255.255.255.224 ! Again, you'll need to re-apply the IP address on the interface ! after putting it into vrf Internet.
! Internet route ip route vrf Internet 0.0.0.0 0.0.0.0 67.XXX.XXX.125
! Intranet routes ip route 0.0.0.0 0.0.0.0 192.168.21.2 ip route 172.16.0.0 255.252.0.0 192.168.21.4 ip route 172.20.0.0 255.252.0.0 192.168.21.4 ip route 192.168.33.0 255.255.255.0 192.168.21.4
Traffic arriving on an interface in a particular vrf is forwarded using the routing table associated with that vrf.
*voila* Almost like having two routers in one chassis.You may end up using commands like these during troubleshooting...
Router# show ip route vrf Internet Router# ping vrf Internet Router# telnet host /vrf Internet
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.