Routing
Routing:
Source
physical port routing IP
source routing
TCP/UDP routing Reliable
Static Routing Backup
Dynamic
routing Multicast
routing
STOP SMOKING
or you will …
By source physical port |
interface Serial1 ip policy route-map test ! route-map test permit 10 match interface Serial0 set ip next-hop 172.16.87.254 ! |
IP source routing Note that in some layer3
switches we need to configure sdm templates
to make Policy routing working. So use sdm prefer routing and make reboot. |
interface Serial1 ip policy route-map test ! access-list 10 permit
193.1.1.0 0.0.0.255 route-map test permit 10 match ip address 10 set ip next-hop 172.16.87.254 |
TCP/UDP routing |
interface Serial1 ip policy route-map
routemail ! access-list 101 permit tcp
any any eq 25 (trafic smtp) ! route-map routemail permit
10 match ip address 101 set ip next-hop 172.16.2.2 ! route-map routemail permit
20 set ip next-hop 172.16.1.2
|
PBR & Multiple Tracking We have 2 WAN connections
to one remote site. Some users connect via connection 1, some others via
connection 2. But when one connection comes down all users connect via the
other connection automatically. |
! ip sla monitor 1 type echo protocol ipIcmpEcho
212.0.100.2 ip sla monitor schedule 1
life forever start-time now ip sla monitor 2 type echo protocol ipIcmpEcho
89.0.100.2 ip sla monitor schedule 2 life
forever start-time now ! track 123 rtr 1
reachability track 321 rtr 2
reachability ! interface FastEthernet0/0 ip address 192.168.1.1 255.255.255.0 ip policy route-map mymap1 ip nat inside ! interface serial0/1 description connection1 ip address 212.0.100.1 255.255.255.252 ip nat outside ! interface serial 0/2 description connection2 ip address 89.0.100.1 255.255.255.252 ip nat outside ! access-list 1 permit
192.168.2.0 0.0.0.255 access-list 2 permit
192.168.1.0 0.0.0.255 ! route-map mymap1 permit 10 match ip address 1 set ip next-hop verify-availability
212.0.100.2 10 track 123 set ip next-hop verify-availability
89.0.100.2 20 track 321 ! route-map mymap1 permit 20 match ip address 2 set ip next-hop verify-availability
89.0.100.2 10 track
321 set ip next-hop verify-availability
212.0.100.2 20 track 123 ! access-list 12 permit
192.168.2.0 0.0.0.255 access-list 12 permit
192.168.1.0 0.0.0.255 ! route-map ISP1 permit 10 match ip address 12 match interface serial0/1 ! route-map ISP2 permit 10 match ip address 12 match interface serial0/2 ! Ip nat inside source route-map ISP1 Interface serial0/1 overload ! Ip nat inside source
route-map ISP2 Interface serial0/2 overload |
Reliable
Static Routing Backup
Reliable Static Routing Backup example: we have 2 gateways
to internet (2 ISP): 10.1.1.242 (primary) and 10.2.2.125 (backup) We want to monitor an IP
address related with the first ISP (for example DNS, wan interface…) If we can't ping it
(172.16.23.7) then we will route internet traffic to the backup router. |
interface ethernet 0 description
primary-link ip address 10.1.1.1
255.0.0.0 ! interface ethernet 1 description
backup-link ip address 10.2.2.2
255.0.0.0 ! ip sla monitor 1 type echo protocol
ipIcmpEcho 172.16.23.7 timeout 1000 frequency 3 threshold 2 ! ip sla monitor schedule 1
life forever start-time now track 123 rtr 1
reachability ! access list 101 permit icmp
any host 172.16.23.7 echo route map MY-LOCAL-POLICY permit 10 match ip address 101 set ip next-hop
10.1.1.242 set interface null 0 ! ip local policy route-map MY-LOCAL-POLICY ip route 0.0.0.0 0.0.0.0
10.1.1.242 track 123 ip route 0.0.0.0 0.0.0.0
10.2.2.125 254 |