Dual T-1 Different ISP's

Discussion in 'Cisco' started by Quanzo, Oct 19, 2003.

  1. Quanzo

    Quanzo Guest

    Help again,
    I have a 1720 router with 2 T1dsu/csu wic cards in W1 and W0
    Both are working both are up. But I can not get the routing to work.
    as you can see from the config file below, I am trying to use two sets
    of Public IP address internally and route them thru the router to
    thier respective serial interfaces. the ones associated with s0 work
    the ones for s1 do not. I can ping the public side of both serial
    interfaces, and internal addresses of s0 but cn not get to internal
    for s1. Its going to be simple but I can not see the solution.

    TIA

    Patrick



    here is my config file.

    version 12.1
    no service single-slot-reload-enable
    service timestamps debug uptime
    service timestamps log uptime
    service password-encryption
    !
    hostname Router
    !
    enable secret 5 ******************
    enable password 7 ******************
    !
    !
    memory-size iomem 25
    ip subnet-zero
    no ip domain-lookup
    !
    interface Serial0
    ip address 64.205.130.22 255.255.255.0
    ip access-group 115 in
    ip access-group 115 out
    no ip redirects
    no ip unreachables
    ip nat outside
    encapsulation frame-relay IETF
    service-module t1 timeslots 1-6
    frame-relay map ip 64.205.130.254 16 broadcast IETF
    frame-relay map ip 64.205.130.22 16 IETF
    frame-relay interface-dlci 16
    frame-relay lmi-type ansi
    !
    interface Serial1
    ip address 69.38.25.210 255.255.255.252
    ip access-group 115 in
    ip access-group 115 out
    no ip redirects
    no ip unreachables
    ip nat outside
    encapsulation frame-relay IETF
    service-module t1 timeslots 7-24
    frame-relay interface-dlci 491
    frame-relay lmi-type ansi
    !
    interface FastEthernet0
    ip address 192.168.1.1 255.255.255.128
    ip nat inside
    speed auto
    !
    interface FastEthernet0.1
    ip address 192.168.1.193 255.255.255.192
    ip nat inside
    !
    router rip
    version 2
    network 64.0.0.0
    network 69.0.0.0
    network 205.179.46.0
    no auto-summary
    !
    ip nat inside source static 192.168.1.200 69.38.27.200
    ip nat inside source static 192.168.1.199 69.38.27.199
    ip nat inside source static 192.168.1.198 69.38.27.198
    ip nat inside source static 192.168.1.197 69.38.27.197
    ip nat inside source static 192.168.1.196 69.38.27.196
    ip nat inside source static 192.168.1.195 69.38.27.195
    ip nat inside source static 192.168.1.194 69.38.27.194
    ip nat inside source static 192.168.1.193 69.38.27.193
    ip nat inside source static 192.168.1.125 205.179.46.125
    ip nat inside source static 192.168.1.124 205.179.46.124
    ip nat inside source static 192.168.1.123 205.179.46.123
    ip nat inside source static 192.168.1.122 205.179.46.122
    ip nat inside source static 192.168.1.121 205.179.46.121
    ip nat inside source static 192.168.1.120 205.179.46.120
    ip nat inside source static 192.168.1.119 205.179.46.119
    ip nat inside source static 192.168.1.118 205.179.46.118
    ip nat inside source static 192.168.1.117 205.179.46.117
    ip nat inside source static 192.168.1.116 205.179.46.116
    ip nat inside source static 192.168.1.115 205.179.46.115
    ip nat inside source static 192.168.1.29 205.179.46.29
    ip nat inside source static 192.168.1.28 205.179.46.28
    ip nat inside source static 192.168.1.27 205.179.46.27
    ip nat inside source static 192.168.1.26 205.179.46.26
    ip nat inside source static 192.168.1.25 205.179.46.25
    ip nat inside source static 192.168.1.24 205.179.46.24
    ip nat inside source static 192.168.1.23 205.179.46.23
    ip nat inside source static 192.168.1.22 205.179.46.22
    ip nat inside source static 192.168.1.21 205.179.46.21
    ip nat inside source static 192.168.1.20 205.179.46.20
    ip nat inside source static 192.168.1.19 205.179.46.19
    ip nat inside source static 192.168.1.18 205.179.46.18
    ip nat inside source static 192.168.1.17 205.179.46.17
    ip nat inside source static 192.168.1.16 205.179.46.16
    ip nat inside source static 192.168.1.15 205.179.46.15
    ip nat inside source static 192.168.1.14 205.179.46.14
    ip nat inside source static 192.168.1.13 205.179.46.13
    ip nat inside source static 192.168.1.12 205.179.46.12
    ip nat inside source static 192.168.1.11 205.179.46.11
    ip nat inside source static 192.168.1.10 205.179.46.10
    ip nat inside source static 192.168.1.9 205.179.46.9
    ip nat inside source static 192.168.1.8 205.179.46.8
    ip nat inside source static 192.168.1.7 205.179.46.7
    ip nat inside source static 192.168.1.6 205.179.46.6
    ip nat inside source static 192.168.1.5 205.179.46.5
    ip nat inside source static 192.168.1.4 205.179.46.4
    ip nat inside source static 192.168.1.3 205.179.46.3
    ip nat inside source static 192.168.1.2 205.179.46.2
    ip nat inside source static 192.168.1.1 205.179.46.1
    ip classless
    ip route 0.0.0.0 0.0.0.0 69.38.25.209
    ip route 0.0.0.0 0.0.0.0 64.205.130.254
    ip route 69.38.27.192 255.255.255.192 69.38.25.209
    ip route 192.168.1.0 255.255.255.128 64.205.130.254
    ip route 192.168.1.192 255.255.255.192 69.38.25.209
    ip route 205.179.46.0 255.255.255.128 64.205.130.254
    no ip http server
    !
    access-list 115 deny tcp any any eq 135
    access-list 115 deny udp any any eq 135
    access-list 115 deny udp any any eq tftp
    access-list 115 deny udp any any eq netbios-ns
    access-list 115 deny udp any any eq netbios-dgm
    access-list 115 deny tcp any any eq 139
    access-list 115 deny udp any any eq netbios-ss
    access-list 115 deny tcp any any eq 445
    access-list 115 deny tcp any any eq 593
    access-list 115 permit ip any any
    snmp-server engineID local 0000000902000004C17DD42C
    snmp-server community ****************** RW
    !
    line con 0
    exec-timeout 0 0
    password 7 ******************
    line aux 0
    line vty 0 4
    password 7 ******************
    login
    !
    end
    Quanzo, Oct 19, 2003
    #1
    1. Advertising

  2. Quanzo

    ZeroKool Guest

    Hint: Route-map .

    --
    Majid.

    "Quanzo" <> wrote in message
    news:...
    > Help again,
    > I have a 1720 router with 2 T1dsu/csu wic cards in W1 and W0
    > Both are working both are up. But I can not get the routing to work.
    > as you can see from the config file below, I am trying to use two sets
    > of Public IP address internally and route them thru the router to
    > thier respective serial interfaces. the ones associated with s0 work
    > the ones for s1 do not. I can ping the public side of both serial
    > interfaces, and internal addresses of s0 but cn not get to internal
    > for s1. Its going to be simple but I can not see the solution.
    >
    > TIA
    >
    > Patrick
    >
    >
    >
    > here is my config file.
    >
    > version 12.1
    > no service single-slot-reload-enable
    > service timestamps debug uptime
    > service timestamps log uptime
    > service password-encryption
    > !
    > hostname Router
    > !
    > enable secret 5 ******************
    > enable password 7 ******************
    > !
    > !
    > memory-size iomem 25
    > ip subnet-zero
    > no ip domain-lookup
    > !
    > interface Serial0
    > ip address 64.205.130.22 255.255.255.0
    > ip access-group 115 in
    > ip access-group 115 out
    > no ip redirects
    > no ip unreachables
    > ip nat outside
    > encapsulation frame-relay IETF
    > service-module t1 timeslots 1-6
    > frame-relay map ip 64.205.130.254 16 broadcast IETF
    > frame-relay map ip 64.205.130.22 16 IETF
    > frame-relay interface-dlci 16
    > frame-relay lmi-type ansi
    > !
    > interface Serial1
    > ip address 69.38.25.210 255.255.255.252
    > ip access-group 115 in
    > ip access-group 115 out
    > no ip redirects
    > no ip unreachables
    > ip nat outside
    > encapsulation frame-relay IETF
    > service-module t1 timeslots 7-24
    > frame-relay interface-dlci 491
    > frame-relay lmi-type ansi
    > !
    > interface FastEthernet0
    > ip address 192.168.1.1 255.255.255.128
    > ip nat inside
    > speed auto
    > !
    > interface FastEthernet0.1
    > ip address 192.168.1.193 255.255.255.192
    > ip nat inside
    > !
    > router rip
    > version 2
    > network 64.0.0.0
    > network 69.0.0.0
    > network 205.179.46.0
    > no auto-summary
    > !
    > ip nat inside source static 192.168.1.200 69.38.27.200
    > ip nat inside source static 192.168.1.199 69.38.27.199
    > ip nat inside source static 192.168.1.198 69.38.27.198
    > ip nat inside source static 192.168.1.197 69.38.27.197
    > ip nat inside source static 192.168.1.196 69.38.27.196
    > ip nat inside source static 192.168.1.195 69.38.27.195
    > ip nat inside source static 192.168.1.194 69.38.27.194
    > ip nat inside source static 192.168.1.193 69.38.27.193
    > ip nat inside source static 192.168.1.125 205.179.46.125
    > ip nat inside source static 192.168.1.124 205.179.46.124
    > ip nat inside source static 192.168.1.123 205.179.46.123
    > ip nat inside source static 192.168.1.122 205.179.46.122
    > ip nat inside source static 192.168.1.121 205.179.46.121
    > ip nat inside source static 192.168.1.120 205.179.46.120
    > ip nat inside source static 192.168.1.119 205.179.46.119
    > ip nat inside source static 192.168.1.118 205.179.46.118
    > ip nat inside source static 192.168.1.117 205.179.46.117
    > ip nat inside source static 192.168.1.116 205.179.46.116
    > ip nat inside source static 192.168.1.115 205.179.46.115
    > ip nat inside source static 192.168.1.29 205.179.46.29
    > ip nat inside source static 192.168.1.28 205.179.46.28
    > ip nat inside source static 192.168.1.27 205.179.46.27
    > ip nat inside source static 192.168.1.26 205.179.46.26
    > ip nat inside source static 192.168.1.25 205.179.46.25
    > ip nat inside source static 192.168.1.24 205.179.46.24
    > ip nat inside source static 192.168.1.23 205.179.46.23
    > ip nat inside source static 192.168.1.22 205.179.46.22
    > ip nat inside source static 192.168.1.21 205.179.46.21
    > ip nat inside source static 192.168.1.20 205.179.46.20
    > ip nat inside source static 192.168.1.19 205.179.46.19
    > ip nat inside source static 192.168.1.18 205.179.46.18
    > ip nat inside source static 192.168.1.17 205.179.46.17
    > ip nat inside source static 192.168.1.16 205.179.46.16
    > ip nat inside source static 192.168.1.15 205.179.46.15
    > ip nat inside source static 192.168.1.14 205.179.46.14
    > ip nat inside source static 192.168.1.13 205.179.46.13
    > ip nat inside source static 192.168.1.12 205.179.46.12
    > ip nat inside source static 192.168.1.11 205.179.46.11
    > ip nat inside source static 192.168.1.10 205.179.46.10
    > ip nat inside source static 192.168.1.9 205.179.46.9
    > ip nat inside source static 192.168.1.8 205.179.46.8
    > ip nat inside source static 192.168.1.7 205.179.46.7
    > ip nat inside source static 192.168.1.6 205.179.46.6
    > ip nat inside source static 192.168.1.5 205.179.46.5
    > ip nat inside source static 192.168.1.4 205.179.46.4
    > ip nat inside source static 192.168.1.3 205.179.46.3
    > ip nat inside source static 192.168.1.2 205.179.46.2
    > ip nat inside source static 192.168.1.1 205.179.46.1
    > ip classless
    > ip route 0.0.0.0 0.0.0.0 69.38.25.209
    > ip route 0.0.0.0 0.0.0.0 64.205.130.254
    > ip route 69.38.27.192 255.255.255.192 69.38.25.209
    > ip route 192.168.1.0 255.255.255.128 64.205.130.254
    > ip route 192.168.1.192 255.255.255.192 69.38.25.209
    > ip route 205.179.46.0 255.255.255.128 64.205.130.254
    > no ip http server
    > !
    > access-list 115 deny tcp any any eq 135
    > access-list 115 deny udp any any eq 135
    > access-list 115 deny udp any any eq tftp
    > access-list 115 deny udp any any eq netbios-ns
    > access-list 115 deny udp any any eq netbios-dgm
    > access-list 115 deny tcp any any eq 139
    > access-list 115 deny udp any any eq netbios-ss
    > access-list 115 deny tcp any any eq 445
    > access-list 115 deny tcp any any eq 593
    > access-list 115 permit ip any any
    > snmp-server engineID local 0000000902000004C17DD42C
    > snmp-server community ****************** RW
    > !
    > line con 0
    > exec-timeout 0 0
    > password 7 ******************
    > line aux 0
    > line vty 0 4
    > password 7 ******************
    > login
    > !
    > end
    ZeroKool, Oct 19, 2003
    #2
    1. Advertising

  3. Quanzo

    KHANS Guest

    Are you sure on the serial1 the subnet mask is /30? if it is how you will
    route the same ip 69.38.x.x traffic to the other subnet? where are other
    subnet defined

    "ZeroKool" <> wrote in message
    news:Djokb.13399$...
    > Hint: Route-map .
    >
    > --
    > Majid.
    >
    > "Quanzo" <> wrote in message
    > news:...
    > > Help again,
    > > I have a 1720 router with 2 T1dsu/csu wic cards in W1 and W0
    > > Both are working both are up. But I can not get the routing to work.
    > > as you can see from the config file below, I am trying to use two sets
    > > of Public IP address internally and route them thru the router to
    > > thier respective serial interfaces. the ones associated with s0 work
    > > the ones for s1 do not. I can ping the public side of both serial
    > > interfaces, and internal addresses of s0 but cn not get to internal
    > > for s1. Its going to be simple but I can not see the solution.
    > >
    > > TIA
    > >
    > > Patrick
    > >
    > >
    > >
    > > here is my config file.
    > >
    > > version 12.1
    > > no service single-slot-reload-enable
    > > service timestamps debug uptime
    > > service timestamps log uptime
    > > service password-encryption
    > > !
    > > hostname Router
    > > !
    > > enable secret 5 ******************
    > > enable password 7 ******************
    > > !
    > > !
    > > memory-size iomem 25
    > > ip subnet-zero
    > > no ip domain-lookup
    > > !
    > > interface Serial0
    > > ip address 64.205.130.22 255.255.255.0
    > > ip access-group 115 in
    > > ip access-group 115 out
    > > no ip redirects
    > > no ip unreachables
    > > ip nat outside
    > > encapsulation frame-relay IETF
    > > service-module t1 timeslots 1-6
    > > frame-relay map ip 64.205.130.254 16 broadcast IETF
    > > frame-relay map ip 64.205.130.22 16 IETF
    > > frame-relay interface-dlci 16
    > > frame-relay lmi-type ansi
    > > !
    > > interface Serial1
    > > ip address 69.38.25.210 255.255.255.252
    > > ip access-group 115 in
    > > ip access-group 115 out
    > > no ip redirects
    > > no ip unreachables
    > > ip nat outside
    > > encapsulation frame-relay IETF
    > > service-module t1 timeslots 7-24
    > > frame-relay interface-dlci 491
    > > frame-relay lmi-type ansi
    > > !
    > > interface FastEthernet0
    > > ip address 192.168.1.1 255.255.255.128
    > > ip nat inside
    > > speed auto
    > > !
    > > interface FastEthernet0.1
    > > ip address 192.168.1.193 255.255.255.192
    > > ip nat inside
    > > !
    > > router rip
    > > version 2
    > > network 64.0.0.0
    > > network 69.0.0.0
    > > network 205.179.46.0
    > > no auto-summary
    > > !
    > > ip nat inside source static 192.168.1.200 69.38.27.200
    > > ip nat inside source static 192.168.1.199 69.38.27.199
    > > ip nat inside source static 192.168.1.198 69.38.27.198
    > > ip nat inside source static 192.168.1.197 69.38.27.197
    > > ip nat inside source static 192.168.1.196 69.38.27.196
    > > ip nat inside source static 192.168.1.195 69.38.27.195
    > > ip nat inside source static 192.168.1.194 69.38.27.194
    > > ip nat inside source static 192.168.1.193 69.38.27.193
    > > ip nat inside source static 192.168.1.125 205.179.46.125
    > > ip nat inside source static 192.168.1.124 205.179.46.124
    > > ip nat inside source static 192.168.1.123 205.179.46.123
    > > ip nat inside source static 192.168.1.122 205.179.46.122
    > > ip nat inside source static 192.168.1.121 205.179.46.121
    > > ip nat inside source static 192.168.1.120 205.179.46.120
    > > ip nat inside source static 192.168.1.119 205.179.46.119
    > > ip nat inside source static 192.168.1.118 205.179.46.118
    > > ip nat inside source static 192.168.1.117 205.179.46.117
    > > ip nat inside source static 192.168.1.116 205.179.46.116
    > > ip nat inside source static 192.168.1.115 205.179.46.115
    > > ip nat inside source static 192.168.1.29 205.179.46.29
    > > ip nat inside source static 192.168.1.28 205.179.46.28
    > > ip nat inside source static 192.168.1.27 205.179.46.27
    > > ip nat inside source static 192.168.1.26 205.179.46.26
    > > ip nat inside source static 192.168.1.25 205.179.46.25
    > > ip nat inside source static 192.168.1.24 205.179.46.24
    > > ip nat inside source static 192.168.1.23 205.179.46.23
    > > ip nat inside source static 192.168.1.22 205.179.46.22
    > > ip nat inside source static 192.168.1.21 205.179.46.21
    > > ip nat inside source static 192.168.1.20 205.179.46.20
    > > ip nat inside source static 192.168.1.19 205.179.46.19
    > > ip nat inside source static 192.168.1.18 205.179.46.18
    > > ip nat inside source static 192.168.1.17 205.179.46.17
    > > ip nat inside source static 192.168.1.16 205.179.46.16
    > > ip nat inside source static 192.168.1.15 205.179.46.15
    > > ip nat inside source static 192.168.1.14 205.179.46.14
    > > ip nat inside source static 192.168.1.13 205.179.46.13
    > > ip nat inside source static 192.168.1.12 205.179.46.12
    > > ip nat inside source static 192.168.1.11 205.179.46.11
    > > ip nat inside source static 192.168.1.10 205.179.46.10
    > > ip nat inside source static 192.168.1.9 205.179.46.9
    > > ip nat inside source static 192.168.1.8 205.179.46.8
    > > ip nat inside source static 192.168.1.7 205.179.46.7
    > > ip nat inside source static 192.168.1.6 205.179.46.6
    > > ip nat inside source static 192.168.1.5 205.179.46.5
    > > ip nat inside source static 192.168.1.4 205.179.46.4
    > > ip nat inside source static 192.168.1.3 205.179.46.3
    > > ip nat inside source static 192.168.1.2 205.179.46.2
    > > ip nat inside source static 192.168.1.1 205.179.46.1
    > > ip classless
    > > ip route 0.0.0.0 0.0.0.0 69.38.25.209
    > > ip route 0.0.0.0 0.0.0.0 64.205.130.254
    > > ip route 69.38.27.192 255.255.255.192 69.38.25.209
    > > ip route 192.168.1.0 255.255.255.128 64.205.130.254
    > > ip route 192.168.1.192 255.255.255.192 69.38.25.209
    > > ip route 205.179.46.0 255.255.255.128 64.205.130.254
    > > no ip http server
    > > !
    > > access-list 115 deny tcp any any eq 135
    > > access-list 115 deny udp any any eq 135
    > > access-list 115 deny udp any any eq tftp
    > > access-list 115 deny udp any any eq netbios-ns
    > > access-list 115 deny udp any any eq netbios-dgm
    > > access-list 115 deny tcp any any eq 139
    > > access-list 115 deny udp any any eq netbios-ss
    > > access-list 115 deny tcp any any eq 445
    > > access-list 115 deny tcp any any eq 593
    > > access-list 115 permit ip any any
    > > snmp-server engineID local 0000000902000004C17DD42C
    > > snmp-server community ****************** RW
    > > !
    > > line con 0
    > > exec-timeout 0 0
    > > password 7 ******************
    > > line aux 0
    > > line vty 0 4
    > > password 7 ******************
    > > login
    > > !
    > > end

    >
    >
    KHANS, Oct 19, 2003
    #3
  4. Quanzo

    Quanzo Guest

    Yes I am sure double checked the info from ISP.

    The WAN default route is 69.38.25.209
    The WAN IP address is 69.38.25.210
    WAN network CIDR 69.38.25.208/30

    Also am trying the route-map config, but am getting very confused here
    on what I need to do. All the docs I can find are for BGP and I do not
    want to do that. I simply wish to have 2 T-1 to 2 different ISP's and
    be able to route thier respective LAN address to the right serial
    interface via 1 Fast Ethernet interface. :) I also am doing static
    NAT to a private network on each LAN subnet.

    TIA
    PAtrick


    On Sun, 19 Oct 2003 15:59:25 +0300, "KHANS" <>
    wrote:

    >
    >Are you sure on the serial1 the subnet mask is /30? if it is how you will
    >route the same ip 69.38.x.x traffic to the other subnet? where are other
    >subnet defined
    >
    >"ZeroKool" <> wrote in message
    >news:Djokb.13399$...
    >> Hint: Route-map .
    >>
    >> --
    >> Majid.
    >>
    >> "Quanzo" <> wrote in message
    >> news:...
    >> > Help again,
    >> > I have a 1720 router with 2 T1dsu/csu wic cards in W1 and W0
    >> > Both are working both are up. But I can not get the routing to work.
    >> > as you can see from the config file below, I am trying to use two sets
    >> > of Public IP address internally and route them thru the router to
    >> > thier respective serial interfaces. the ones associated with s0 work
    >> > the ones for s1 do not. I can ping the public side of both serial
    >> > interfaces, and internal addresses of s0 but cn not get to internal
    >> > for s1. Its going to be simple but I can not see the solution.
    >> >
    >> > TIA
    >> >
    >> > Patrick
    >> >
    >> >
    >> >
    >> > here is my config file.
    >> >
    >> > version 12.1
    >> > no service single-slot-reload-enable
    >> > service timestamps debug uptime
    >> > service timestamps log uptime
    >> > service password-encryption
    >> > !
    >> > hostname Router
    >> > !
    >> > enable secret 5 ******************
    >> > enable password 7 ******************
    >> > !
    >> > !
    >> > memory-size iomem 25
    >> > ip subnet-zero
    >> > no ip domain-lookup
    >> > !
    >> > interface Serial0
    >> > ip address 64.205.130.22 255.255.255.0
    >> > ip access-group 115 in
    >> > ip access-group 115 out
    >> > no ip redirects
    >> > no ip unreachables
    >> > ip nat outside
    >> > encapsulation frame-relay IETF
    >> > service-module t1 timeslots 1-6
    >> > frame-relay map ip 64.205.130.254 16 broadcast IETF
    >> > frame-relay map ip 64.205.130.22 16 IETF
    >> > frame-relay interface-dlci 16
    >> > frame-relay lmi-type ansi
    >> > !
    >> > interface Serial1
    >> > ip address 69.38.25.210 255.255.255.252
    >> > ip access-group 115 in
    >> > ip access-group 115 out
    >> > no ip redirects
    >> > no ip unreachables
    >> > ip nat outside
    >> > encapsulation frame-relay IETF
    >> > service-module t1 timeslots 7-24
    >> > frame-relay interface-dlci 491
    >> > frame-relay lmi-type ansi
    >> > !
    >> > interface FastEthernet0
    >> > ip address 192.168.1.1 255.255.255.128
    >> > ip nat inside
    >> > speed auto
    >> > !
    >> > interface FastEthernet0.1
    >> > ip address 192.168.1.193 255.255.255.192
    >> > ip nat inside
    >> > !
    >> > router rip
    >> > version 2
    >> > network 64.0.0.0
    >> > network 69.0.0.0
    >> > network 205.179.46.0
    >> > no auto-summary
    >> > !
    >> > ip nat inside source static 192.168.1.200 69.38.27.200
    >> > ip nat inside source static 192.168.1.199 69.38.27.199
    >> > ip nat inside source static 192.168.1.198 69.38.27.198
    >> > ip nat inside source static 192.168.1.197 69.38.27.197
    >> > ip nat inside source static 192.168.1.196 69.38.27.196
    >> > ip nat inside source static 192.168.1.195 69.38.27.195
    >> > ip nat inside source static 192.168.1.194 69.38.27.194
    >> > ip nat inside source static 192.168.1.193 69.38.27.193
    >> > ip nat inside source static 192.168.1.125 205.179.46.125
    >> > ip nat inside source static 192.168.1.124 205.179.46.124
    >> > ip nat inside source static 192.168.1.123 205.179.46.123
    >> > ip nat inside source static 192.168.1.122 205.179.46.122
    >> > ip nat inside source static 192.168.1.121 205.179.46.121
    >> > ip nat inside source static 192.168.1.120 205.179.46.120
    >> > ip nat inside source static 192.168.1.119 205.179.46.119
    >> > ip nat inside source static 192.168.1.118 205.179.46.118
    >> > ip nat inside source static 192.168.1.117 205.179.46.117
    >> > ip nat inside source static 192.168.1.116 205.179.46.116
    >> > ip nat inside source static 192.168.1.115 205.179.46.115
    >> > ip nat inside source static 192.168.1.29 205.179.46.29
    >> > ip nat inside source static 192.168.1.28 205.179.46.28
    >> > ip nat inside source static 192.168.1.27 205.179.46.27
    >> > ip nat inside source static 192.168.1.26 205.179.46.26
    >> > ip nat inside source static 192.168.1.25 205.179.46.25
    >> > ip nat inside source static 192.168.1.24 205.179.46.24
    >> > ip nat inside source static 192.168.1.23 205.179.46.23
    >> > ip nat inside source static 192.168.1.22 205.179.46.22
    >> > ip nat inside source static 192.168.1.21 205.179.46.21
    >> > ip nat inside source static 192.168.1.20 205.179.46.20
    >> > ip nat inside source static 192.168.1.19 205.179.46.19
    >> > ip nat inside source static 192.168.1.18 205.179.46.18
    >> > ip nat inside source static 192.168.1.17 205.179.46.17
    >> > ip nat inside source static 192.168.1.16 205.179.46.16
    >> > ip nat inside source static 192.168.1.15 205.179.46.15
    >> > ip nat inside source static 192.168.1.14 205.179.46.14
    >> > ip nat inside source static 192.168.1.13 205.179.46.13
    >> > ip nat inside source static 192.168.1.12 205.179.46.12
    >> > ip nat inside source static 192.168.1.11 205.179.46.11
    >> > ip nat inside source static 192.168.1.10 205.179.46.10
    >> > ip nat inside source static 192.168.1.9 205.179.46.9
    >> > ip nat inside source static 192.168.1.8 205.179.46.8
    >> > ip nat inside source static 192.168.1.7 205.179.46.7
    >> > ip nat inside source static 192.168.1.6 205.179.46.6
    >> > ip nat inside source static 192.168.1.5 205.179.46.5
    >> > ip nat inside source static 192.168.1.4 205.179.46.4
    >> > ip nat inside source static 192.168.1.3 205.179.46.3
    >> > ip nat inside source static 192.168.1.2 205.179.46.2
    >> > ip nat inside source static 192.168.1.1 205.179.46.1
    >> > ip classless
    >> > ip route 0.0.0.0 0.0.0.0 69.38.25.209
    >> > ip route 0.0.0.0 0.0.0.0 64.205.130.254
    >> > ip route 69.38.27.192 255.255.255.192 69.38.25.209
    >> > ip route 192.168.1.0 255.255.255.128 64.205.130.254
    >> > ip route 192.168.1.192 255.255.255.192 69.38.25.209
    >> > ip route 205.179.46.0 255.255.255.128 64.205.130.254
    >> > no ip http server
    >> > !
    >> > access-list 115 deny tcp any any eq 135
    >> > access-list 115 deny udp any any eq 135
    >> > access-list 115 deny udp any any eq tftp
    >> > access-list 115 deny udp any any eq netbios-ns
    >> > access-list 115 deny udp any any eq netbios-dgm
    >> > access-list 115 deny tcp any any eq 139
    >> > access-list 115 deny udp any any eq netbios-ss
    >> > access-list 115 deny tcp any any eq 445
    >> > access-list 115 deny tcp any any eq 593
    >> > access-list 115 permit ip any any
    >> > snmp-server engineID local 0000000902000004C17DD42C
    >> > snmp-server community ****************** RW
    >> > !
    >> > line con 0
    >> > exec-timeout 0 0
    >> > password 7 ******************
    >> > line aux 0
    >> > line vty 0 4
    >> > password 7 ******************
    >> > login
    >> > !
    >> > end

    >>
    >>

    >
    Quanzo, Oct 19, 2003
    #4
  5. Quanzo

    ZeroKool Guest

    Hint2: Apply route-map to Lan Interface. Set Next Hop of IP's to respective
    Serial interfaces. You don't have to use BGP. :)

    --
    Majid


    "Quanzo" <> wrote in message
    news:...
    > Yes I am sure double checked the info from ISP.
    >
    > The WAN default route is 69.38.25.209
    > The WAN IP address is 69.38.25.210
    > WAN network CIDR 69.38.25.208/30
    >
    > Also am trying the route-map config, but am getting very confused here
    > on what I need to do. All the docs I can find are for BGP and I do not
    > want to do that. I simply wish to have 2 T-1 to 2 different ISP's and
    > be able to route thier respective LAN address to the right serial
    > interface via 1 Fast Ethernet interface. :) I also am doing static
    > NAT to a private network on each LAN subnet.
    >
    > TIA
    > PAtrick
    >
    >
    > On Sun, 19 Oct 2003 15:59:25 +0300, "KHANS" <>
    > wrote:
    >
    > >
    > >Are you sure on the serial1 the subnet mask is /30? if it is how you will
    > >route the same ip 69.38.x.x traffic to the other subnet? where are other
    > >subnet defined
    > >
    > >"ZeroKool" <> wrote in message
    > >news:Djokb.13399$...
    > >> Hint: Route-map .
    > >>
    > >> --
    > >> Majid.
    > >>
    > >> "Quanzo" <> wrote in message
    > >> news:...
    > >> > Help again,
    > >> > I have a 1720 router with 2 T1dsu/csu wic cards in W1 and W0
    > >> > Both are working both are up. But I can not get the routing to work.
    > >> > as you can see from the config file below, I am trying to use two

    sets
    > >> > of Public IP address internally and route them thru the router to
    > >> > thier respective serial interfaces. the ones associated with s0

    work
    > >> > the ones for s1 do not. I can ping the public side of both serial
    > >> > interfaces, and internal addresses of s0 but cn not get to internal
    > >> > for s1. Its going to be simple but I can not see the solution.
    > >> >
    > >> > TIA
    > >> >
    > >> > Patrick
    > >> >
    > >> >
    > >> >
    > >> > here is my config file.
    > >> >
    > >> > version 12.1
    > >> > no service single-slot-reload-enable
    > >> > service timestamps debug uptime
    > >> > service timestamps log uptime
    > >> > service password-encryption
    > >> > !
    > >> > hostname Router
    > >> > !
    > >> > enable secret 5 ******************
    > >> > enable password 7 ******************
    > >> > !
    > >> > !
    > >> > memory-size iomem 25
    > >> > ip subnet-zero
    > >> > no ip domain-lookup
    > >> > !
    > >> > interface Serial0
    > >> > ip address 64.205.130.22 255.255.255.0
    > >> > ip access-group 115 in
    > >> > ip access-group 115 out
    > >> > no ip redirects
    > >> > no ip unreachables
    > >> > ip nat outside
    > >> > encapsulation frame-relay IETF
    > >> > service-module t1 timeslots 1-6
    > >> > frame-relay map ip 64.205.130.254 16 broadcast IETF
    > >> > frame-relay map ip 64.205.130.22 16 IETF
    > >> > frame-relay interface-dlci 16
    > >> > frame-relay lmi-type ansi
    > >> > !
    > >> > interface Serial1
    > >> > ip address 69.38.25.210 255.255.255.252
    > >> > ip access-group 115 in
    > >> > ip access-group 115 out
    > >> > no ip redirects
    > >> > no ip unreachables
    > >> > ip nat outside
    > >> > encapsulation frame-relay IETF
    > >> > service-module t1 timeslots 7-24
    > >> > frame-relay interface-dlci 491
    > >> > frame-relay lmi-type ansi
    > >> > !
    > >> > interface FastEthernet0
    > >> > ip address 192.168.1.1 255.255.255.128
    > >> > ip nat inside
    > >> > speed auto
    > >> > !
    > >> > interface FastEthernet0.1
    > >> > ip address 192.168.1.193 255.255.255.192
    > >> > ip nat inside
    > >> > !
    > >> > router rip
    > >> > version 2
    > >> > network 64.0.0.0
    > >> > network 69.0.0.0
    > >> > network 205.179.46.0
    > >> > no auto-summary
    > >> > !
    > >> > ip nat inside source static 192.168.1.200 69.38.27.200
    > >> > ip nat inside source static 192.168.1.199 69.38.27.199
    > >> > ip nat inside source static 192.168.1.198 69.38.27.198
    > >> > ip nat inside source static 192.168.1.197 69.38.27.197
    > >> > ip nat inside source static 192.168.1.196 69.38.27.196
    > >> > ip nat inside source static 192.168.1.195 69.38.27.195
    > >> > ip nat inside source static 192.168.1.194 69.38.27.194
    > >> > ip nat inside source static 192.168.1.193 69.38.27.193
    > >> > ip nat inside source static 192.168.1.125 205.179.46.125
    > >> > ip nat inside source static 192.168.1.124 205.179.46.124
    > >> > ip nat inside source static 192.168.1.123 205.179.46.123
    > >> > ip nat inside source static 192.168.1.122 205.179.46.122
    > >> > ip nat inside source static 192.168.1.121 205.179.46.121
    > >> > ip nat inside source static 192.168.1.120 205.179.46.120
    > >> > ip nat inside source static 192.168.1.119 205.179.46.119
    > >> > ip nat inside source static 192.168.1.118 205.179.46.118
    > >> > ip nat inside source static 192.168.1.117 205.179.46.117
    > >> > ip nat inside source static 192.168.1.116 205.179.46.116
    > >> > ip nat inside source static 192.168.1.115 205.179.46.115
    > >> > ip nat inside source static 192.168.1.29 205.179.46.29
    > >> > ip nat inside source static 192.168.1.28 205.179.46.28
    > >> > ip nat inside source static 192.168.1.27 205.179.46.27
    > >> > ip nat inside source static 192.168.1.26 205.179.46.26
    > >> > ip nat inside source static 192.168.1.25 205.179.46.25
    > >> > ip nat inside source static 192.168.1.24 205.179.46.24
    > >> > ip nat inside source static 192.168.1.23 205.179.46.23
    > >> > ip nat inside source static 192.168.1.22 205.179.46.22
    > >> > ip nat inside source static 192.168.1.21 205.179.46.21
    > >> > ip nat inside source static 192.168.1.20 205.179.46.20
    > >> > ip nat inside source static 192.168.1.19 205.179.46.19
    > >> > ip nat inside source static 192.168.1.18 205.179.46.18
    > >> > ip nat inside source static 192.168.1.17 205.179.46.17
    > >> > ip nat inside source static 192.168.1.16 205.179.46.16
    > >> > ip nat inside source static 192.168.1.15 205.179.46.15
    > >> > ip nat inside source static 192.168.1.14 205.179.46.14
    > >> > ip nat inside source static 192.168.1.13 205.179.46.13
    > >> > ip nat inside source static 192.168.1.12 205.179.46.12
    > >> > ip nat inside source static 192.168.1.11 205.179.46.11
    > >> > ip nat inside source static 192.168.1.10 205.179.46.10
    > >> > ip nat inside source static 192.168.1.9 205.179.46.9
    > >> > ip nat inside source static 192.168.1.8 205.179.46.8
    > >> > ip nat inside source static 192.168.1.7 205.179.46.7
    > >> > ip nat inside source static 192.168.1.6 205.179.46.6
    > >> > ip nat inside source static 192.168.1.5 205.179.46.5
    > >> > ip nat inside source static 192.168.1.4 205.179.46.4
    > >> > ip nat inside source static 192.168.1.3 205.179.46.3
    > >> > ip nat inside source static 192.168.1.2 205.179.46.2
    > >> > ip nat inside source static 192.168.1.1 205.179.46.1
    > >> > ip classless
    > >> > ip route 0.0.0.0 0.0.0.0 69.38.25.209
    > >> > ip route 0.0.0.0 0.0.0.0 64.205.130.254
    > >> > ip route 69.38.27.192 255.255.255.192 69.38.25.209
    > >> > ip route 192.168.1.0 255.255.255.128 64.205.130.254
    > >> > ip route 192.168.1.192 255.255.255.192 69.38.25.209
    > >> > ip route 205.179.46.0 255.255.255.128 64.205.130.254
    > >> > no ip http server
    > >> > !
    > >> > access-list 115 deny tcp any any eq 135
    > >> > access-list 115 deny udp any any eq 135
    > >> > access-list 115 deny udp any any eq tftp
    > >> > access-list 115 deny udp any any eq netbios-ns
    > >> > access-list 115 deny udp any any eq netbios-dgm
    > >> > access-list 115 deny tcp any any eq 139
    > >> > access-list 115 deny udp any any eq netbios-ss
    > >> > access-list 115 deny tcp any any eq 445
    > >> > access-list 115 deny tcp any any eq 593
    > >> > access-list 115 permit ip any any
    > >> > snmp-server engineID local 0000000902000004C17DD42C
    > >> > snmp-server community ****************** RW
    > >> > !
    > >> > line con 0
    > >> > exec-timeout 0 0
    > >> > password 7 ******************
    > >> > line aux 0
    > >> > line vty 0 4
    > >> > password 7 ******************
    > >> > login
    > >> > !
    > >> > end
    > >>
    > >>

    > >

    >
    ZeroKool, Oct 19, 2003
    #5
  6. Quanzo

    Dave Phelps Guest

    In article <>, says...
    > Help again,
    > I have a 1720 router with 2 T1dsu/csu wic cards in W1 and W0
    > Both are working both are up. But I can not get the routing to work.
    > as you can see from the config file below, I am trying to use two sets
    > of Public IP address internally and route them thru the router to
    > thier respective serial interfaces. the ones associated with s0 work
    > the ones for s1 do not. I can ping the public side of both serial
    > interfaces, and internal addresses of s0 but cn not get to internal
    > for s1. Its going to be simple but I can not see the solution.


    Why are you using NAT at all? You don't have a NAT pool, and have statically mapped your
    private IPs to public IPs. Additionally, you aren't blocking unsolicited incoming
    traffic. IOW, you have absolutely no security at all, other than simply blocking NetBIOS.

    To assist with your original question, f0.1 is a subinterface for a VLAN. Are you using
    VLANs? It doesn't appear so since you are using f0 without a VLAN, nor do you have any
    other VLAN info in the config. I suspect you want a secondary IP on f0, rather than a
    subinterface. Go to interface configuration for int f0, and type ip address 192.168.1.193
    255.255.255.192 secondary. You'll have to remove f0.1 first. Then your hosts from .194 to
    ..222 should be able to transit the router.

    As the other poster mentioned, route map with the set next hop command should take care
    of your routing question.

    --
    Dave Phelps
    DD Networks
    www.ddnets.com
    deadspam=tippenring
    Dave Phelps, Oct 20, 2003
    #6
  7. Quanzo

    Quanzo Guest

    Thanks for that info. :) Greatly appreciated and will try it. As to
    the security, its rudimentary till I can get tboth of the serial and
    subnets working together. In other words I am keeping it simple for me
    till I get the mess straightened out <LOL> less clutter to sort thru
    and less things for me to screw up :) I have a pretty good acl
    designed and will post it after I get the two serials working in
    harmony :) Then all you nice Guru's can tear that up and help me fix
    it :) As you can most likely tell I am doing this on my own and as a
    learning experience as I can not afford a Cisco Network Engineer costs
    right now <LOL> Poor start up single man operation right now. And
    very very very much in all of yoiur debt. :)

    Patrick
    On Sun, 19 Oct 2003 20:37:42 -0500, Dave Phelps
    <> wrote:

    >In article <>, says...
    >> Help again,
    >> I have a 1720 router with 2 T1dsu/csu wic cards in W1 and W0
    >> Both are working both are up. But I can not get the routing to work.
    >> as you can see from the config file below, I am trying to use two sets
    >> of Public IP address internally and route them thru the router to
    >> thier respective serial interfaces. the ones associated with s0 work
    >> the ones for s1 do not. I can ping the public side of both serial
    >> interfaces, and internal addresses of s0 but cn not get to internal
    >> for s1. Its going to be simple but I can not see the solution.

    >
    >Why are you using NAT at all? You don't have a NAT pool, and have statically mapped your
    >private IPs to public IPs. Additionally, you aren't blocking unsolicited incoming
    >traffic. IOW, you have absolutely no security at all, other than simply blocking NetBIOS.
    >
    >To assist with your original question, f0.1 is a subinterface for a VLAN. Are you using
    >VLANs? It doesn't appear so since you are using f0 without a VLAN, nor do you have any
    >other VLAN info in the config. I suspect you want a secondary IP on f0, rather than a
    >subinterface. Go to interface configuration for int f0, and type ip address 192.168.1.193
    >255.255.255.192 secondary. You'll have to remove f0.1 first. Then your hosts from .194 to
    >.222 should be able to transit the router.
    >
    >As the other poster mentioned, route map with the set next hop command should take care
    >of your routing question.
    Quanzo, Oct 20, 2003
    #7
  8. Quanzo

    Rob Guest

    Post your config here. Some of us do this as consultants for a
    living, and thus charge money. Others do it for fun for free. :)

    -Bob


    On Sun, 19 Oct 2003 23:27:50 -0400, Quanzo <> wrote:

    >Thanks for that info. :) Greatly appreciated and will try it. As to
    >the security, its rudimentary till I can get tboth of the serial and
    >subnets working together. In other words I am keeping it simple for me
    >till I get the mess straightened out <LOL> less clutter to sort thru
    >and less things for me to screw up :) I have a pretty good acl
    >designed and will post it after I get the two serials working in
    >harmony :) Then all you nice Guru's can tear that up and help me fix
    >it :) As you can most likely tell I am doing this on my own and as a
    >learning experience as I can not afford a Cisco Network Engineer costs
    >right now <LOL> Poor start up single man operation right now. And
    >very very very much in all of yoiur debt. :)
    >
    Rob, Oct 20, 2003
    #8
  9. Quanzo

    Quanzo Guest

    On Mon, 20 Oct 2003 09:00:34 -0400, Rob <> wrote:

    >Post your config here. Some of us do this as consultants for a
    >living, and thus charge money. Others do it for fun for free. :)
    >
    >-Bob
    >



    Well new update....

    IT WORKS <LOL>

    route-map once I figured it out was the answer. :)

    Now a very dumb question... Can one use 2 default routes in the
    route-map instead of outside?
    ie, if the server is hooked up in the 192.168.1.193 subnet I want
    ip route 0.0.0.0 0.0.0.0 69.38.xxx.xxx
    and if it is in the 192.168.1.1 subnet I want
    ip route 0.0.0.0 0.0.0.0 64.205.xxx.xxx

    That will allow me to specify complete control over outgoing routes
    for certain servers. One T is is 12 channels the other a full blown T.
    Hence will keep busier servers on the Full T as they also are more
    important for faster data transfers :)


    TIA

    Patrick
    Quanzo, Oct 21, 2003
    #9
  10. In article <>,
    Quanzo <> wrote:
    >Well new update....
    >
    > IT WORKS <LOL>
    >
    >route-map once I figured it out was the answer. :)
    >
    >Now a very dumb question... Can one use 2 default routes in the
    >route-map instead of outside?
    >ie, if the server is hooked up in the 192.168.1.193 subnet I want
    >ip route 0.0.0.0 0.0.0.0 69.38.xxx.xxx
    >and if it is in the 192.168.1.1 subnet I want
    >ip route 0.0.0.0 0.0.0.0 64.205.xxx.xxx
    >
    >That will allow me to specify complete control over outgoing routes
    >for certain servers. One T is is 12 channels the other a full blown T.
    >Hence will keep busier servers on the Full T as they also are more
    >important for faster data transfers :)


    Each clause of the route map can have different match clauses and
    corresponding set clauses.

    route-map policy-routing permit 10
    match ip address 1
    set ip default next-hop x.x.x.x
    route-map policy-routing permit 20
    match ip address 2
    set ip default next-hop y.y.y.y

    --
    Barry Margolin,
    Level(3), Woburn, MA
    *** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
    Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.
    Barry Margolin, Oct 21, 2003
    #10
  11. Quanzo

    Quanzo Guest

    tOK here is where I am confused then. How is it that outgoing traffic
    to unknown addresses are routed? Its by the IP ROUTE 0.0.0.0 0.0.0.0
    xxx.xxx.xxx.xxx . which is not inside a route-map area. SO what I
    want to do is, look at the LAN address originating the request and
    route it out the respective next hop. Not look at destination by
    originiated out bound packet. Make sense??

    Patrick


    >Each clause of the route map can have different match clauses and
    >corresponding set clauses.
    >
    >route-map policy-routing permit 10
    > match ip address 1
    > set ip default next-hop x.x.x.x
    >route-map policy-routing permit 20
    > match ip address 2
    > set ip default next-hop y.y.y.y
    Quanzo, Oct 21, 2003
    #11
  12. In article <>,
    Quanzo <> wrote:
    >tOK here is where I am confused then. How is it that outgoing traffic
    >to unknown addresses are routed? Its by the IP ROUTE 0.0.0.0 0.0.0.0
    >xxx.xxx.xxx.xxx . which is not inside a route-map area. SO what I
    >want to do is, look at the LAN address originating the request and
    >route it out the respective next hop. Not look at destination by
    >originiated out bound packet. Make sense??


    When you enable policy routing on the LAN interface, the route-map is first
    consulted, and the "match ip address" clauses match against the source
    address. The "set default next-hop" commands override the default route
    established by the "ip route 0.0.0.0 0.0.0.0" command.

    >
    >Patrick
    >
    >
    >>Each clause of the route map can have different match clauses and
    >>corresponding set clauses.
    >>
    >>route-map policy-routing permit 10
    >> match ip address 1
    >> set ip default next-hop x.x.x.x
    >>route-map policy-routing permit 20
    >> match ip address 2
    >> set ip default next-hop y.y.y.y

    >



    --
    Barry Margolin,
    Level(3), Woburn, MA
    *** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
    Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.
    Barry Margolin, Oct 21, 2003
    #12
  13. On Tue, 21 Oct 2003 17:11:32 GMT, Barry Margolin
    <> wrote:

    >In article <>,
    >Quanzo <> wrote:
    >>tOK here is where I am confused then. How is it that outgoing traffic
    >>to unknown addresses are routed? Its by the IP ROUTE 0.0.0.0 0.0.0.0
    >>xxx.xxx.xxx.xxx . which is not inside a route-map area. SO what I
    >>want to do is, look at the LAN address originating the request and
    >>route it out the respective next hop. Not look at destination by
    >>originiated out bound packet. Make sense??

    >
    >When you enable policy routing on the LAN interface, the route-map is first
    >consulted, and the "match ip address" clauses match against the source
    >address. The "set default next-hop" commands override the default route
    >established by the "ip route 0.0.0.0 0.0.0.0" command.


    Isn't it "set ip next-hop" that has precedence over the routing table,
    with "set ip default next-hop" coming into effect only if there isn't
    a route in the routing table for the destination?

    -Terry

    >>
    >>Patrick
    >>
    >>
    >>>Each clause of the route map can have different match clauses and
    >>>corresponding set clauses.
    >>>
    >>>route-map policy-routing permit 10
    >>> match ip address 1
    >>> set ip default next-hop x.x.x.x
    >>>route-map policy-routing permit 20
    >>> match ip address 2
    >>> set ip default next-hop y.y.y.y

    >>
    Terry Baranski, Oct 21, 2003
    #13
  14. In article <>,
    Terry Baranski <0VE> wrote:
    >On Tue, 21 Oct 2003 17:11:32 GMT, Barry Margolin
    ><> wrote:
    >
    >>In article <>,
    >>Quanzo <> wrote:
    >>>tOK here is where I am confused then. How is it that outgoing traffic
    >>>to unknown addresses are routed? Its by the IP ROUTE 0.0.0.0 0.0.0.0
    >>>xxx.xxx.xxx.xxx . which is not inside a route-map area. SO what I
    >>>want to do is, look at the LAN address originating the request and
    >>>route it out the respective next hop. Not look at destination by
    >>>originiated out bound packet. Make sense??

    >>
    >>When you enable policy routing on the LAN interface, the route-map is first
    >>consulted, and the "match ip address" clauses match against the source
    >>address. The "set default next-hop" commands override the default route
    >>established by the "ip route 0.0.0.0 0.0.0.0" command.

    >
    >Isn't it "set ip next-hop" that has precedence over the routing table,
    >with "set ip default next-hop" coming into effect only if there isn't
    >a route in the routing table for the destination?


    "set ip next-hop" completely overrides the routing table. "set ip default
    next-hop" overrides the default route in the normal routing table, but not
    a more specific route.

    In most cases, the latter is what is wanted. If the router also connects
    to other internal networks, you usually don't want the traffic going out to
    the ISP to get to these networks.

    --
    Barry Margolin,
    Level(3), Woburn, MA
    *** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
    Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.
    Barry Margolin, Oct 22, 2003
    #14
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Benny Su
    Replies:
    0
    Views:
    435
    Benny Su
    Mar 5, 2004
  2. henry

    HSRP over two different ISP

    henry, Apr 27, 2004, in forum: Cisco
    Replies:
    1
    Views:
    602
    Barry Margolin
    Apr 27, 2004
  3. Skybuck Flying
    Replies:
    0
    Views:
    4,834
    Skybuck Flying
    Jan 19, 2006
  4. Marskarthik
    Replies:
    1
    Views:
    2,161
    Charlie Root
    Mar 3, 2006
  5. Paul
    Replies:
    0
    Views:
    689
Loading...

Share This Page