GroupStudy.com GroupStudy.com - A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
Re: Policy Routing and re-routing Scenario posted 01/10/2007
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]


Ismail,

Try policy routing with object tracking. You might want R6 to track R5's
interface facing R2, and set next-hop appropriately

http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cg/hirp_c/ch20/h_pbrtrk.htm

Thanks
Josef

On 1/10/07, ismail el-shalh <ishelh_mdsa@xxxxxxxxx> wrote:
>
> Hi Folks, I hope you are doing fine
>
>
> I want to achieve policy routing and link re-routing at the same time ,
> here is my scenario :
>
> R5
> |     \
> |         \
> |            \
> R2 -------R6
>          |
>        PC
> 172.16.7.80
>
>
> The gateway should be R6 (172.16.7.200)
> If the traffic sourced from the PC (172.16.7.80), the traffic should pass
> via the link between R5 and R2
>
> If the link between R2 and R5 fails, the traffic which is sourced from the
> PC should pass via the link between R5 and R6.
>
> This policy will serve that if any servers on the LAN initiate traffic,
> they should be routed via the fast link which is between R6 and R5.
> But if any normal PC , then the traffic should pass between R5 and R2.
>
> I used policy routing for this to happen, OSPF is configured between R5
> and R2 and between R2 and R6. BGP is configured between R5 and R6.
>
>
> The problem is occurring when I am setting the next hop on R6 to be toward
> R2, now if the link between R2 and R5 is up, there will be no problem, but
> if the link fails between R2 and R5, the BGP route will appear on R2 (Since
> redistribution is configured on R6) and the packet will go back to R6, now
> because the policy is configured on R6, R6 will return back the traffic
> toward R2.
>
> A loop will occur!
>
> I will be happy if some one can tell me the right method to achieve my
> goal.
>
> Here is my configuration for R2, R5 and R6
>
> R6
>
>
>
>
> ip access-list extended ORACLE_TRAFFIC
>   permit ip host 172.16.7.180 172.16.20.0 0.0.3.255
>
>
> ip access-list extended TRAFFIC-TOWARD-R5
> remark OTHER RAFFIC DESTINED TOWARD R5
>   permit ip any 172.16.20.0 0.0.3.255
>
>
> route-map POLICY_ROUTE permit 10
> match ip address ORACLE_TRAFFIC
>
> route-map POLICY_ROUTE permit 30
>   match ip address  TRAFFIC-TOWARD-R5
>   set ip next-hop 172.16.7.253
>
>
>
>
> interface ethernet 0/0
> ip address 172.16.7.200 255.255.252.0
> ip policy route-map POLICY_ROUTE
>
> interface serial 0
> ip address 150.1.1.6 255.255.255.0
>
> router bgp
> no synchronization
> neighbor 150.1.1.5 remote-as 500
> no auto-summary
>
>
>
>
> router ospf 1
>   router-id 10.10.10.6
>   log-adjacency-changes
>   redistribute bgp 64567 metric-type 1 subnets
>   network 10.10.10.6 0.0.0.0 area 0
>   network 172.16.7.200 0.0.0.0 area 0
>
>
> R2
>
>
>
> router ospf 1
>   router-id 10.10.10.6
>   log-adjacency-changes
>   redistribute bgp 64567 metric-type 1 subnets
>   network 10.10.10.6 0.0.0.0 area 0
>   network 172.16.7.200 0.0.0.0 area 0
>
> interface serial 0
>   ip address 130.1.90.1 255.255.255.252
>
>
> interface FastEthernet0/0
>   ip address 172.16.7.253 255.255.252.0
>
> router ospf 1
> router-id 10.10.10.2
> network 10.10.10.2 0.0.0.0 area 0
> network 172.16.7.253
>
> router bgp
> no synchronization
> neighbor 150.1.1.6 remote-as 500
> no auto-summary
>
>
> R5
>
> interface Ethernet0/0
> ip policy route-map POLICY_ROUTE
>
> interface serial 0
> ip address 150.1.1.5 255.255.255.0
>
> interface serial 1
> ip address 130.1.90.2 255.255.255.252
> 0
>
>
> ip access-list extended ORACLE_TRAFFIC
>   permit ip any host 172.16.7.180
> ip access-list extended OTHER_TRAFFIC
>   permit ip any
>
>
> route-map POLICY_ROUTE permit 10
>   match ip address ORACLE_TRAFFIC
> set ip next-hop 150.1.1.6
> !
> route-map POLICY_ROUTE permit 20
>   match ip address OTHER_TRAFFIC
>   set ip next-hop 130.1.90.1
>
> router bgp 500
>   bgp log-neighbor-changes
>   redistribute connected metric 1
>   neighbor 150.1.1.6 remote-as 65000
>   no auto-summary
>
> router ospf 1
> router-id 10.10.10.13
> network 10.10.10.13 0.0.0.0 area 2
> network 130.1.90.2 0.0.0.0 area 2
> network 172.16.23.254 0.0.0.0 area 2
>
>
>   Thanks in advance :)
> Ismail
>
>
> ---------------------------------
> Check out the all-new Yahoo! Mail beta - Fire up a more powerful email and
> get things done faster.
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html