policy based routing problem

Discussion in 'Cisco' started by Ivana, Mar 22, 2005.

  1. Ivana

    Ivana Guest

    Hello all,

    I would appreciate if anyone can help me on this.. I have a 2811 with two
    connections to Internet, Frame Relay and ADSL. One part of LAN IP adresses
    will go via Frame Relay and other via ADSL to Internet. For this, I will use
    policy-based routing feature. But, the problem is when Frame Relay fails I
    want that all users go via ADSL to Internet.
    Can I do it using two same route-map with different sequence, like the
    example below:

    access-list 3 permit 192.168.0.10
    route-map ivana permit 10
    match ip address 3
    set interface Serial0/3/0
    !
    route-map ivana permit 20
    match ip address 3
    set interface FastEthernet0/1


    So, initially LAN ip address 192.168.0.10 will go via serial interface, and
    when it fails, it will go via ethernet (ADSL)....
    If it is not working on that way, please suggest me how to make it work.

    Thanks,
    Ivana
    Ivana, Mar 22, 2005
    #1
    1. Advertising

  2. Ivana

    Ivan Ostreš Guest

    In article <d1oq42$f41$>,
    says...
    > access-list 3 permit 192.168.0.10
    > route-map ivana permit 10
    > match ip address 3
    > set interface Serial0/3/0
    > !
    > route-map ivana permit 20
    > match ip address 3
    > set interface FastEthernet0/1
    >
    >
    > So, initially LAN ip address 192.168.0.10 will go via serial interface, and
    > when it fails, it will go via ethernet (ADSL)....
    > If it is not working on that way, please suggest me how to make it work.
    >
    >
    >


    No, you can't do it that way. Search for SAA (ping) based routing on
    CCO.


    --
    -Ivan.

    *** Use Rot13 to see my eMail address ***
    Ivan Ostreš, Mar 22, 2005
    #2
    1. Advertising

  3. "Ivan Ostre " <> wrote in message
    news:...
    > In article <d1oq42$f41$>,
    > says...
    > > access-list 3 permit 192.168.0.10
    > > route-map ivana permit 10
    > > match ip address 3
    > > set interface Serial0/3/0
    > > !
    > > route-map ivana permit 20
    > > match ip address 3
    > > set interface FastEthernet0/1
    > >
    > >
    > > So, initially LAN ip address 192.168.0.10 will go via serial interface,

    and
    > > when it fails, it will go via ethernet (ADSL)....
    > > If it is not working on that way, please suggest me how to make it work.
    > >
    > >
    > >

    >
    > No, you can't do it that way. Search for SAA (ping) based routing on
    > CCO.




    Why not? That's possible to do with NAT & mentioned route-maps

    --
    Aleksandr Kuzminsky
    Aleksandr Kuzminsky1882256634, Mar 22, 2005
    #3
  4. Ivana

    Ivan Ostreš Guest

    In article <d1p9ro$ao3$>, says...
    > Why not? That's possible to do with NAT & mentioned route-maps
    >


    Yes, but how will router know when DSL link is down since it won't put
    down your ethernet interface?

    --
    -Ivan.

    *** Use Rot13 to see my eMail address ***
    Ivan Ostreš, Mar 22, 2005
    #4
  5. >
    > Yes, but how will router know when DSL link is down since it won't put
    > down your ethernet interface?
    >


    Hm.. I suppose, Ivana has ADSL module in 2800.
    If not - SAA or BGP are acceptable solutions.

    --
    Aleksandr Kuzminsky
    Aleksandr Kuzminsky1882256634, Mar 22, 2005
    #5
  6. Ivana

    Ivan Ostreš Guest

    In article <d1pbed$iit$>, says...
    > Hm.. I suppose, Ivana has ADSL module in 2800.
    > If not - SAA or BGP are acceptable solutions.
    >


    I don't suppose she has ADSL module in router, since she is in Croatia
    (me too) so it is not possible to have such combination due to our
    telecom ;-).


    --
    -Ivan.

    *** Use Rot13 to see my eMail address ***
    Ivan Ostreš, Mar 22, 2005
    #6
  7. > I don't suppose she has ADSL module in router, since she is in Croatia
    > (me too) so it is not possible to have such combination due to our
    > telecom ;-).
    >



    Just interesting, what's wrong with your telecom? :)

    --
    Aleksandr Kuzminsky
    Aleksandr Kuzminsky1882256634, Mar 22, 2005
    #7
  8. Ivana

    Ivan Ostreš Guest

    In article <d1pbos$k0b$>, says...
    > > I don't suppose she has ADSL module in router, since she is in Croatia
    > > (me too) so it is not possible to have such combination due to our
    > > telecom ;-).
    > >

    >
    >
    > Just interesting, what's wrong with your telecom? :)
    >


    Well, they want to made you rent their CPE (mostly Siemens ADSL modems),
    and they can do it since they have monopol on all "wires".


    --
    -Ivan.

    *** Use Rot13 to see my eMail address ***
    Ivan Ostreš, Mar 22, 2005
    #8
  9. Ivana

    Ivana Guest

    Thanks for suggestion. Now I am having a problem with command syntax. First
    thing I tried:

    1.) I want to track the state of line protocol on ethernet interface with
    command:
    track 1 interface FastEthernet0/1 line-protocol
    and then I have to include this state in route-map
    route-map ivana permit 10
    set ip next-hop verify-availability ? 10 track 1
    This is a problem, because I don't have the ip address of next-hop (fixed
    and I cannot set just the name of outgoing interface

    2.)Second way:

    track 124 rtr 2 reachability

    rtr 2
    type echo protocol ipIcmpEcho 216.239.59.104
    rtr schedule 2 life forever start-time now

    and route-map
    set ip next-hop verify-availability ? 10 track 124

    Same problem appears again...

    Am I missing something, or there is no possibility to backup adsl users?

    Thanks,
    Ivana






    "Ivan Ostres" <> wrote in message
    news:...
    > In article <d1pbos$k0b$>, says...
    > > > I don't suppose she has ADSL module in router, since she is in Croatia
    > > > (me too) so it is not possible to have such combination due to our
    > > > telecom ;-).
    > > >

    > >
    > >
    > > Just interesting, what's wrong with your telecom? :)
    > >

    >
    > Well, they want to made you rent their CPE (mostly Siemens ADSL modems),
    > and they can do it since they have monopol on all "wires".
    >
    >
    > --
    > -Ivan.
    >
    > *** Use Rot13 to see my eMail address ***
    Ivana, Mar 23, 2005
    #9
  10. Ivana

    Ivan Ostreš Guest

    In article <d1rlb6$q47$>,
    says...
    > Thanks for suggestion. Now I am having a problem with command syntax. First
    > thing I tried:
    >
    > 1.) I want to track the state of line protocol on ethernet interface with
    > command:
    > track 1 interface FastEthernet0/1 line-protocol
    > and then I have to include this state in route-map
    > route-map ivana permit 10
    > set ip next-hop verify-availability ? 10 track 1
    > This is a problem, because I don't have the ip address of next-hop (fixed
    > and I cannot set just the name of outgoing interface
    >
    > 2.)Second way:
    >
    > track 124 rtr 2 reachability
    >
    > rtr 2
    > type echo protocol ipIcmpEcho 216.239.59.104
    > rtr schedule 2 life forever start-time now
    >
    > and route-map
    > set ip next-hop verify-availability ? 10 track 124
    >
    > Same problem appears again...
    >
    > Am I missing something, or there is no possibility to backup adsl users?
    >


    You're missing something since I've done that few months ago. You will
    have additional problem that NAT statements will stay in translation
    table after you reroute traffic and you'll need to flush them because
    users will not be able to connect using backup connectivity. It's
    actually a really complex issue to solve (I've used TCL in IOS and some
    other mechanisms).


    --
    -Ivan.

    *** Use Rot13 to see my eMail address ***
    Ivan Ostreš, Mar 23, 2005
    #10
  11. Ivana

    Ivana Guest

    I think I have solution, but unfortunately I don't have a chance to test FR
    also...so I don't know if it will work...especially because it is too
    simple:). If I configure route-map on the following way:

    route-map ivana permit 10
    match ip address 3
    set default interface Serial0/3/0 Dialer1

    With this command I can go to the internet over ADSL (tested), so I was
    thinking if FR was active, I would go via serial interface....am I right?

    Regarding NAT translations you mentioned, when users start a new session
    over backup link on the internet, problem would be solved?

    Thanks,
    Ivana





    "Ivan Ostres" <> wrote in message
    news:...
    > In article <d1rlb6$q47$>,
    > says...
    > > Thanks for suggestion. Now I am having a problem with command syntax.

    First
    > > thing I tried:
    > >
    > > 1.) I want to track the state of line protocol on ethernet interface

    with
    > > command:
    > > track 1 interface FastEthernet0/1 line-protocol
    > > and then I have to include this state in route-map
    > > route-map ivana permit 10
    > > set ip next-hop verify-availability ? 10 track 1
    > > This is a problem, because I don't have the ip address of next-hop

    (fixed
    > > and I cannot set just the name of outgoing interface
    > >
    > > 2.)Second way:
    > >
    > > track 124 rtr 2 reachability
    > >
    > > rtr 2
    > > type echo protocol ipIcmpEcho 216.239.59.104
    > > rtr schedule 2 life forever start-time now
    > >
    > > and route-map
    > > set ip next-hop verify-availability ? 10 track 124
    > >
    > > Same problem appears again...
    > >
    > > Am I missing something, or there is no possibility to backup adsl users?
    > >

    >
    > You're missing something since I've done that few months ago. You will
    > have additional problem that NAT statements will stay in translation
    > table after you reroute traffic and you'll need to flush them because
    > users will not be able to connect using backup connectivity. It's
    > actually a really complex issue to solve (I've used TCL in IOS and some
    > other mechanisms).
    >
    >
    > --
    > -Ivan.
    >
    > *** Use Rot13 to see my eMail address ***
    Ivana, Mar 24, 2005
    #11
  12. Ivana

    Ivan Ostreš Guest

    In article <d1u3bs$2eu$-com.hr>,
    says...
    > I think I have solution, but unfortunately I don't have a chance to test FR
    > also...so I don't know if it will work...especially because it is too
    > simple:). If I configure route-map on the following way:
    >
    > route-map ivana permit 10
    > match ip address 3
    > set default interface Serial0/3/0 Dialer1
    >
    > With this command I can go to the internet over ADSL (tested), so I was
    > thinking if FR was active, I would go via serial interface....am I right?
    >
    > Regarding NAT translations you mentioned, when users start a new session
    > over backup link on the internet, problem would be solved?
    >


    Yes, but "reload" in Internet Explorer will NOT start a new session and
    would use the existing NAT translations. That is the main problem.

    --
    -Ivan.

    *** Use Rot13 to see my eMail address ***
    Ivan Ostreš, Mar 24, 2005
    #12
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. CHANGE USERNAME TO westes
    Replies:
    6
    Views:
    1,078
    CHANGE USERNAME TO westes
    Dec 17, 2003
  2. prosthetic head
    Replies:
    3
    Views:
    3,556
    Hansang Bae
    Mar 5, 2004
  3. Scot

    Policy Based Routing

    Scot, Apr 6, 2005, in forum: Cisco
    Replies:
    6
    Views:
    2,706
  4. Cen
    Replies:
    1
    Views:
    2,233
    Christoph Gartmann
    Oct 24, 2005
  5. A-Network-Guy

    HSRP and Policy based Routing

    A-Network-Guy, Oct 27, 2005, in forum: Cisco
    Replies:
    3
    Views:
    3,003
    kelvincheung
    Jul 27, 2006
Loading...

Share This Page