Policy Routing w/ Tracking objects

Reliable Policy Routing

R5 has two loopbacks, 5.5.5.5/32 and 55.55.55.55/32

Configure policy routing on r2 so that:

 - to reach 5.5.5.5/32 packets from r1 must go to r3.

 - to reach 55.55.55.55/32 packets from r1 must go to r4.

 - do not use static routing on r2 (excepted to reach r1).

Use reliable routing to do this:

 - if r3 is not reachable, packets to 5.5.5.5/32 must go through r4.

 - if r4 is not reachable, packets to 55.55.55.55/32 must go through r3.

Verify using traceroute.

r1 configuration:

!

hostname r1

!

interface Loopback0

 ip address 1.1.1.1 255.255.255.255

!

interface Serial1/0

 ip address 192.168.12.1 255.255.255.0

!

ip route 0.0.0.0 0.0.0.0 192.168.12.2

!

r2 configuration:

!

hostname r2

!

track 5 ip sla 10

!

track 55 ip sla 15

!

interface Serial1/0

 ip address 192.168.12.2 255.255.255.0

 ip policy route-map PBR

!

interface Serial1/1

 ip address 192.168.23.2 255.255.255.0

 serial restart-delay 0

!

interface Serial1/2

 ip address 192.168.24.2 255.255.255.0

!

ip route 1.1.1.1 255.255.255.255 192.168.12.1

!

ip sla 10

 icmp-echo 192.168.23.3 source-interface Serial1/1

 timeout 1000

 threshold 1000

 frequency 2

ip sla schedule 10 life forever start-time now

ip sla 15

 icmp-echo 192.168.24.4 source-interface Serial1/2

 timeout 1000

 threshold 1000

 frequency 2

ip sla schedule 15 life forever start-time now

access-list 105 permit ip any host 5.5.5.5

access-list 155 permit ip any host 55.55.55.55

!

route-map PBR permit 10

 match ip address 105

 set ip next-hop verify-availability 192.168.23.3 1 track 5

 set ip default next-hop 192.168.24.4

!

route-map PBR permit 20

 match ip address 155

 set ip next-hop verify-availability 192.168.24.4 1 track 55

 set ip default next-hop 192.168.23.3

!

r3 configuration:

!

hostname r3

!

interface Serial1/0

 ip address 192.168.23.3 255.255.255.0

!

interface Serial1/1

 ip address 192.168.35.3 255.255.255.0

!

ip route 1.1.1.1 255.255.255.255 192.168.23.2

ip route 5.5.5.5 255.255.255.255 192.168.35.5

ip route 55.55.55.55 255.255.255.255 192.168.35.5

!

r4 configration:

!

hostname r4

!

interface Serial1/0

 ip address 192.168.24.4 255.255.255.0

!

interface Serial1/1

 ip address 192.168.45.4 255.255.255.0

!

ip route 1.1.1.1 255.255.255.255 192.168.24.2

ip route 5.5.5.5 255.255.255.255 192.168.45.5

ip route 55.55.55.55 255.255.255.255 192.168.45.5

!

r5 configuration:

!

hostname r5

!

interface Loopback0

 ip address 5.5.5.5 255.255.255.255

!

interface Loopback1

 ip address 55.55.55.55 255.255.255.255

!

interface Serial1/0

 ip address 192.168.35.5 255.255.255.0

!

interface Serial1/1

 ip address 192.168.45.5 255.255.255.0

!

ip route 0.0.0.0 0.0.0.0 192.168.45.4

!

Verifications:

r1#traceroute 5.5.5.5 source 1.1.1.1    

Type escape sequence to abort.

Tracing the route to 5.5.5.5

  1 192.168.12.2 8 msec 24 msec 20 msec

  2 192.168.23.3 20 msec 44 msec 44 msec

  3 192.168.35.5 76 msec *  64 msec

r1#traceroute 55.55.55.55 source 1.1.1.1

Type escape sequence to abort.

Tracing the route to 55.55.55.55

  1 192.168.12.2 24 msec 20 msec 20 msec

  2 192.168.24.4 20 msec 44 msec 40 msec

  3 192.168.45.5 80 msec *  76 msec

Now, on r3, remove IP address 192.168.23.3:

On r2, you see :

Feb 23 01:06:28.127: %TRACKING-5-STATE: 5 ip sla 10 state Up->Down

r1#traceroute 5.5.5.5 source 1.1.1.1

Type escape sequence to abort.

Tracing the route to 5.5.5.5

  1 192.168.12.2 16 msec 24 msec 20 msec

  2 192.168.24.4 24 msec 36 msec 44 msec

  3 192.168.45.5 76 msec *  72 msec

r1#traceroute 55.55.55.55 source 1.1.1.1

Type escape sequence to abort.

Tracing the route to 55.55.55.55

  1 192.168.12.2 24 msec 20 msec 24 msec

  2 192.168.24.4 36 msec 24 msec 44 msec

  3 192.168.45.5 76 msec *  76 msec

Note:

If you remove IP 192.168.24.4 on r4, configure the default route in r5 via r3...

On r3, add IP address 192.168.23.3:

On r2, you see:

Feb 23 01:10:18.127: %TRACKING-5-STATE: 5 ip sla 10 state Down->Up

r1#traceroute 5.5.5.5 source 1.1.1.1    

Type escape sequence to abort.

Tracing the route to 5.5.5.5

  1 192.168.12.2 28 msec 16 msec 24 msec

  2 192.168.23.3 24 msec 40 msec 40 msec

  3 192.168.35.5 80 msec *  64 msec

r1#traceroute 55.55.55.55 source 1.1.1.1

Type escape sequence to abort.

Tracing the route to 55.55.55.55

  1 192.168.12.2 20 msec 20 msec 24 msec

  2 192.168.24.4 16 msec 44 msec 44 msec

  3 192.168.45.5 56 msec *  40 msec

Backup using Backup Interfaces

R1 is connected to R2 via 2 links, one of the two links will be active if the first on goes down:



!
hostname r1
!
interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet1/0
 ip address 192.168.12.1 255.255.255.0
!

interface FastEthernet2/0

 backup delay 3 60

 backup interface FastEthernet1/0

 ip address 192.168.112.1 255.255.255.0

!

ip route 2.2.2.2 255.255.255.255 192.168.12.2

ip route 2.2.2.2 255.255.255.255 192.168.112.2

!

!

hostname r2

!

interface Loopback0

 ip address 2.2.2.2 255.255.255.255

!

interface FastEthernet1/0

 ip address 192.168.12.2 255.255.255.0

!

interface FastEthernet2/0

 ip address 192.168.112.2 255.255.255.0

!

ip route 1.1.1.1 255.255.255.255 192.168.12.1

ip route 1.1.1.1 255.255.255.255 192.168.112.1

!

FastEthernet2/0: 

Backup interface FastEthernet1/0, failure delay 3 sec, secondary disable delay 60 sec,

r1(config-if)#backup ?      

  active     Configure an interface as an active backup

  delay      Delays before backup line up or down transitions

  interface  Configure an interface as a backup

  load       Load thresholds for line up or down transitions