Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > routing based on source ip, NOT dest ip....

Reply
Thread Tools

routing based on source ip, NOT dest ip....

 
 
Captain
Guest
Posts: n/a
 
      05-08-2004
I have 2 gateways onto the internet:
x.x.x.1 and y.y.y.1

I have 2 different class Cs coming
into a cisco3640 router:
192.168.1.0 and 192.168.2.0


I want to send all traffic from 192.168.1.0
out the x.x.x.1 router and all traffic from
192.168.2.0 out the y.y.y.1 router.

How can this be done?

FYI: The standard ip route command only
routes according to dest ip not source ip.
ie.: ip route 0.0.0.0 0.0.0.0 x.x.x.1

 
Reply With Quote
 
 
 
 
Walter Roberson
Guest
Posts: n/a
 
      05-08-2004
In article <(E-Mail Removed)>,
Captain <(E-Mail Removed)> wrote:
:I have 2 gateways onto the internet:
.x.x.1 and y.y.y.1

:I have 2 different class Cs coming
:into a cisco3640 router:

:I want to send all traffic from 192.168.1.0
ut the x.x.x.1 router and all traffic from
:192.168.2.0 out the y.y.y.1 router.

:How can this be done?

The technique is called "policy routing". You start by creating
an acl, then a route-map that references that acl, and then you
apply the route-map as part of routing policy.

I don't know if it is supported on the 3640 (probably) or what
release or feature set you would need. The Feature Navigator will
tell you.
--
Whose posting was this .signature Google'd from?
 
Reply With Quote
 
 
 
 
Captain
Guest
Posts: n/a
 
      05-09-2004
On 8 May 2004 22:25:57 GMT, http://www.velocityreviews.com/forums/(E-Mail Removed)-cnrc.gc.ca (Walter
Roberson) wrote:

>In article <(E-Mail Removed)>,
>Captain <(E-Mail Removed)> wrote:
>:I have 2 gateways onto the internet:
>.x.x.1 and y.y.y.1
>
>:I have 2 different class Cs coming
>:into a cisco3640 router:
>
>:I want to send all traffic from 192.168.1.0
>ut the x.x.x.1 router and all traffic from
>:192.168.2.0 out the y.y.y.1 router.
>
>:How can this be done?
>
>The technique is called "policy routing". You start by creating
>an acl, then a route-map that references that acl, and then you
>apply the route-map as part of routing policy.
>
>I don't know if it is supported on the 3640 (probably) or what
>release or feature set you would need. The Feature Navigator will
>tell you.

/////////////////////////////////////////////

Ok, I tried the following, but everything is still
going out the x.x.x.1 pipe?



!
ip route 0.0.0.0 0.0.0.0 x.x.x.1
!
access-list 15 permit 192.168.1.0 0.0.0.255
access-list 17 permit 192.168.2.0 0.0.0.255
route-map 1 permit 5
match ip address 17
set ip next-hop y.y.y.1
!
route-map 1 permit 10
match ip address 15
set ip next-hop x.x.x.1
!
!




 
Reply With Quote
 
Barry Margolin
Guest
Posts: n/a
 
      05-09-2004
In article <(E-Mail Removed)>,
Captain <(E-Mail Removed)> wrote:

> On 8 May 2004 22:25:57 GMT, (E-Mail Removed)-cnrc.gc.ca (Walter
> Roberson) wrote:
>
> >In article <(E-Mail Removed)>,
> >Captain <(E-Mail Removed)> wrote:
> >:I have 2 gateways onto the internet:
> >.x.x.1 and y.y.y.1
> >
> >:I have 2 different class Cs coming
> >:into a cisco3640 router:
> >
> >:I want to send all traffic from 192.168.1.0
> >ut the x.x.x.1 router and all traffic from
> >:192.168.2.0 out the y.y.y.1 router.
> >
> >:How can this be done?
> >
> >The technique is called "policy routing". You start by creating
> >an acl, then a route-map that references that acl, and then you
> >apply the route-map as part of routing policy.
> >
> >I don't know if it is supported on the 3640 (probably) or what
> >release or feature set you would need. The Feature Navigator will
> >tell you.

> /////////////////////////////////////////////
>
> Ok, I tried the following, but everything is still
> going out the x.x.x.1 pipe?


Did you apply the route-map to the LAN interfaces?

interface Ethernet0
ip policy route-map 1

BTW, route-maps are usually given mnemonic names, not meaningless
numbers.

>
>
>
> !
> ip route 0.0.0.0 0.0.0.0 x.x.x.1
> !
> access-list 15 permit 192.168.1.0 0.0.0.255
> access-list 17 permit 192.168.2.0 0.0.0.255
> route-map 1 permit 5
> match ip address 17
> set ip next-hop y.y.y.1
> !
> route-map 1 permit 10
> match ip address 15
> set ip next-hop x.x.x.1
> !
> !


--
Barry Margolin, http://www.velocityreviews.com/forums/(E-Mail Removed)
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
 
Reply With Quote
 
Captain
Guest
Posts: n/a
 
      05-09-2004
On Sat, 08 May 2004 22:49:14 -0400, Barry Margolin
<(E-Mail Removed)> wrote:

>In article <(E-Mail Removed)>,
> Captain <(E-Mail Removed)> wrote:
>
>> On 8 May 2004 22:25:57 GMT, (E-Mail Removed)-cnrc.gc.ca (Walter
>> Roberson) wrote:
>>
>> >In article <(E-Mail Removed)>,
>> >Captain <(E-Mail Removed)> wrote:
>> >:I have 2 gateways onto the internet:
>> >.x.x.1 and y.y.y.1
>> >
>> >:I have 2 different class Cs coming
>> >:into a cisco3640 router:
>> >
>> >:I want to send all traffic from 192.168.1.0
>> >ut the x.x.x.1 router and all traffic from
>> >:192.168.2.0 out the y.y.y.1 router.
>> >
>> >:How can this be done?
>> >
>> >The technique is called "policy routing". You start by creating
>> >an acl, then a route-map that references that acl, and then you
>> >apply the route-map as part of routing policy.
>> >
>> >I don't know if it is supported on the 3640 (probably) or what
>> >release or feature set you would need. The Feature Navigator will
>> >tell you.

>> /////////////////////////////////////////////
>>
>> Ok, I tried the following, but everything is still
>> going out the x.x.x.1 pipe?

>
>Did you apply the route-map to the LAN interfaces?
>




Yes I did, but its still not working right?!?!?!






>interface Ethernet0
> ip policy route-map 1
>
>BTW, route-maps are usually given mnemonic names, not meaningless
>numbers.
>
>>
>>
>>
>> !
>> ip route 0.0.0.0 0.0.0.0 x.x.x.1
>> !
>> access-list 15 permit 192.168.1.0 0.0.0.255
>> access-list 17 permit 192.168.2.0 0.0.0.255
>> route-map 1 permit 5
>> match ip address 17
>> set ip next-hop y.y.y.1
>> !
>> route-map 1 permit 10
>> match ip address 15
>> set ip next-hop x.x.x.1
>> !
>> !


 
Reply With Quote
 
Scott Enwright
Guest
Posts: n/a
 
      05-09-2004
Barry Margolin wrote:
> In article <(E-Mail Removed)>,
> Captain <(E-Mail Removed)> wrote:
>
>
>>On 8 May 2004 22:25:57 GMT, (E-Mail Removed)-cnrc.gc.ca (Walter
>>Roberson) wrote:
>>
>>
>>>In article <(E-Mail Removed)>,
>>>Captain <(E-Mail Removed)> wrote:
>>>:I have 2 gateways onto the internet:
>>>.x.x.1 and y.y.y.1
>>>
>>>:I have 2 different class Cs coming
>>>:into a cisco3640 router:
>>>
>>>:I want to send all traffic from 192.168.1.0
>>>ut the x.x.x.1 router and all traffic from
>>>:192.168.2.0 out the y.y.y.1 router.
>>>
>>>:How can this be done?
>>>
>>>The technique is called "policy routing". You start by creating
>>>an acl, then a route-map that references that acl, and then you
>>>apply the route-map as part of routing policy.
>>>
>>>I don't know if it is supported on the 3640 (probably) or what
>>>release or feature set you would need. The Feature Navigator will
>>>tell you.

>>
>>/////////////////////////////////////////////
>>
>>Ok, I tried the following, but everything is still
>>going out the x.x.x.1 pipe?

>
>
> Did you apply the route-map to the LAN interfaces?
>
> interface Ethernet0
> ip policy route-map 1
>
> BTW, route-maps are usually given mnemonic names, not meaningless
> numbers.
>
>
>>
>>
>>!
>>ip route 0.0.0.0 0.0.0.0 x.x.x.1
>>!
>>access-list 15 permit 192.168.1.0 0.0.0.255
>>access-list 17 permit 192.168.2.0 0.0.0.255
>>route-map 1 permit 5
>> match ip address 17
>> set ip next-hop y.y.y.1
>>!
>>route-map 1 permit 10
>> match ip address 15
>> set ip next-hop x.x.x.1
>>!
>>!

>
>


Configuration looks good - what happens if you debug ip packet do you
see the route-map being applied? Be carefull with this command as it
could bring the router to a halt and would be good to do it during
production hours.
 
Reply With Quote
 
Captain
Guest
Posts: n/a
 
      05-09-2004
On Sun, 09 May 2004 14:56:20 GMT, Scott Enwright <(E-Mail Removed)>
wrote:

>Barry Margolin wrote:
> > In article <(E-Mail Removed)>,
> > Captain <(E-Mail Removed)> wrote:
> >
> >
> >>On 8 May 2004 22:25:57 GMT, (E-Mail Removed)-cnrc.gc.ca (Walter
> >>Roberson) wrote:
> >>
> >>
> >>>In article <(E-Mail Removed)>,
> >>>Captain <(E-Mail Removed)> wrote:
> >>>:I have 2 gateways onto the internet:
> >>>.x.x.1 and y.y.y.1
> >>>
> >>>:I have 2 different class Cs coming
> >>>:into a cisco3640 router:
> >>>
> >>>:I want to send all traffic from 192.168.1.0
> >>>ut the x.x.x.1 router and all traffic from
> >>>:192.168.2.0 out the y.y.y.1 router.
> >>>
> >>>:How can this be done?
> >>>
> >>>The technique is called "policy routing". You start by creating
> >>>an acl, then a route-map that references that acl, and then you
> >>>apply the route-map as part of routing policy.
> >>>
> >>>I don't know if it is supported on the 3640 (probably) or what
> >>>release or feature set you would need. The Feature Navigator will
> >>>tell you.
> >>
> >>/////////////////////////////////////////////
> >>
> >>Ok, I tried the following, but everything is still
> >>going out the x.x.x.1 pipe?

> >
> >
> > Did you apply the route-map to the LAN interfaces?
> >
> > interface Ethernet0
> > ip policy route-map 1
> >
> > BTW, route-maps are usually given mnemonic names, not meaningless
> > numbers.
> >
> >
> >>
> >>
> >>!
> >>ip route 0.0.0.0 0.0.0.0 x.x.x.1
> >>!
> >>access-list 15 permit 192.168.1.0 0.0.0.255
> >>access-list 17 permit 192.168.2.0 0.0.0.255
> >>route-map 1 permit 5
> >> match ip address 17
> >> set ip next-hop y.y.y.1
> >>!
> >>route-map 1 permit 10
> >> match ip address 15
> >> set ip next-hop x.x.x.1
> >>!
> >>!

> >
> >

>
>Configuration looks good - what happens if you debug ip packet do you
>see the route-map being applied? Be carefull with this command as it
>could bring the router to a halt and would be good to do it during
>production hours.



It did bring the router to a halt!

I won't be using that command again!!!!


 
Reply With Quote
 
Kevin Widner
Guest
Posts: n/a
 
      05-10-2004
Try using an extended access-list where you are defining the source
and destination traffic. By not doing so, you are only telling the
router that you are interested in destination traffic.

ex:
access-list extended rmap1 permit ip 192.168.1.0 0.0.0.255 any

Kevin



Captain <(E-Mail Removed)> wrote in message news:<(E-Mail Removed)>. ..
> On Sun, 09 May 2004 14:56:20 GMT, Scott Enwright <(E-Mail Removed)>
> wrote:
>
> >Barry Margolin wrote:
> > > In article <(E-Mail Removed)>,
> > > Captain <(E-Mail Removed)> wrote:
> > >
> > >
> > >>On 8 May 2004 22:25:57 GMT, (E-Mail Removed)-cnrc.gc.ca (Walter
> > >>Roberson) wrote:
> > >>
> > >>
> > >>>In article <(E-Mail Removed)>,
> > >>>Captain <(E-Mail Removed)> wrote:
> > >>>:I have 2 gateways onto the internet:
> > >>>.x.x.1 and y.y.y.1

>
> > >>>:I have 2 different class Cs coming
> > >>>:into a cisco3640 router:

>
> > >>>:I want to send all traffic from 192.168.1.0
> > >>>ut the x.x.x.1 router and all traffic from
> > >>>:192.168.2.0 out the y.y.y.1 router.

>
> > >>>:How can this be done?
> > >>>
> > >>>The technique is called "policy routing". You start by creating
> > >>>an acl, then a route-map that references that acl, and then you
> > >>>apply the route-map as part of routing policy.
> > >>>
> > >>>I don't know if it is supported on the 3640 (probably) or what
> > >>>release or feature set you would need. The Feature Navigator will
> > >>>tell you.
> > >>
> > >>/////////////////////////////////////////////
> > >>
> > >>Ok, I tried the following, but everything is still
> > >>going out the x.x.x.1 pipe?
> > >
> > >
> > > Did you apply the route-map to the LAN interfaces?
> > >
> > > interface Ethernet0
> > > ip policy route-map 1
> > >
> > > BTW, route-maps are usually given mnemonic names, not meaningless
> > > numbers.
> > >
> > >
> > >>
> > >>
> > >>!
> > >>ip route 0.0.0.0 0.0.0.0 x.x.x.1
> > >>!
> > >>access-list 15 permit 192.168.1.0 0.0.0.255
> > >>access-list 17 permit 192.168.2.0 0.0.0.255
> > >>route-map 1 permit 5
> > >> match ip address 17
> > >> set ip next-hop y.y.y.1
> > >>!
> > >>route-map 1 permit 10
> > >> match ip address 15
> > >> set ip next-hop x.x.x.1
> > >>!
> > >>!
> > >
> > >

> >
> >Configuration looks good - what happens if you debug ip packet do you
> >see the route-map being applied? Be carefull with this command as it
> >could bring the router to a halt and would be good to do it during
> >production hours.

>
>
> It did bring the router to a halt!
>
> I won't be using that command again!!!!

 
Reply With Quote
 
Eric Sorenson
Guest
Posts: n/a
 
      05-10-2004
Captain <(E-Mail Removed)> wrote:

> access-list 15 permit 192.168.1.0 0.0.0.255
> access-list 17 permit 192.168.2.0 0.0.0.255
> route-map 1 permit 5
> match ip address 17
> set ip next-hop y.y.y.1
> !
> route-map 1 permit 10
> match ip address 15
> set ip next-hop x.x.x.1


When I've done this in the past, I found I had to do
'set interface <output int>' as the action



--
Eric Sorenson - Systems / Network Administrator, MIS - Transmeta Corporation
 
Reply With Quote
 
Barry Margolin
Guest
Posts: n/a
 
      05-10-2004
In article <(E-Mail Removed)>,
Eric Sorenson <(E-Mail Removed)> wrote:

> Captain <(E-Mail Removed)> wrote:
>
> > access-list 15 permit 192.168.1.0 0.0.0.255
> > access-list 17 permit 192.168.2.0 0.0.0.255
> > route-map 1 permit 5
> > match ip address 17
> > set ip next-hop y.y.y.1
> > !
> > route-map 1 permit 10
> > match ip address 15
> > set ip next-hop x.x.x.1

>
> When I've done this in the past, I found I had to do
> 'set interface <output int>' as the action


That shouldn't be necessary if the router knows which interface to use
to get to y.y.y.1 and x.x.x.1.

--
Barry Margolin, (E-Mail Removed)
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Send Calls to A-Z, Billing 0/0/1, SIP/H323, 400 dest Paul Sergievski VOIP 0 07-07-2005 03:45 PM
Question about NAT [newbie] - changing dest. address only pawel Cisco 2 01-07-2005 09:47 PM
Cisco NAT/PAT - based on dest. IP - questions Sri Cisco 0 12-06-2004 03:28 PM
Cisco NAT/PAT - based on dest. IP - questions Sri Cisco 0 12-06-2004 03:27 PM
SNMP dest ip:port monitoring and alarm w/4000 router? joeblow Cisco 2 06-10-2004 02:37 PM



Advertisments