Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Dought in Configuring Route-map

Status
Not open for further replies.
netlife

netlife

ISP
Aug 28, 2002
46
SG
Hi,

I am having two ISPs and I want to divert http traffic to
to one perticular ISP.TO achive this I have designed a route-map which forwards the http traffic to a DNS server of the local ISP.Will this work?

The route-map configuration is as follows,

access-list 175 permit ip x.y.z.0 0.0.3.255 10.235.0.0 0.0.255.255
access-list 176 deny ip x.y.z.0 0.0.3.255 host 202.144.10.50 ---->DNS IP
access-list 176 deny ip x.y.z.0 0.0.3.255 host 202.144.115.4 ---->DNS IP
access-list 176 deny ip x.y.z.0 0.0.3.255 host 143.166.11.22
access-list 176 deny ip x.y.z.0 0.0.3.255 host 143.166.170.15
access-list 176 permit ip x.y.z.0 0.0.3.255 host 143.166.12.21
access-list 176 permit ip x.y.z.0 0.0.3.255 host 143.166.93.39
access-list 176 permit ip x.y.z.0 0.0.3.255 host 143.166.12.168
access-list 176 permit ip x.y.z.0 0.0.3.255 host 143.166.93.48
access-list 176 permit ip x.y.z.0 0.0.3.255 host 143.166.224.210
access-list 176 permit ip x.y.z.0 0.0.3.255 host 143.166.12.54



route-map TEST permit 10
match ip address 175
!
route-map TEST permit 20
match ip address 176
set ip next-hop 192.193.237.1
!

Idea here is,if the permit list 176 for DNS ip address wudnt match then it will be routed by OSPF process and will not be forwarded to other ISP which is accessable via next hop address 192.193.237.1
 
Sort by date Sort by votes
My take is this..

1. This statement: route-map TEST permit 10
match ip address 175

This isn't doing anything as there is no set statement to perform in the event of a match.

2. The deny statements in ACL 176 apply to all IP traffic not just HTTP. Is this your intention? However all those denies with source/destination pair defined will not get policy routed.

3. All the permit source/destination pairs in ACL 176 will get policy routed to 192.193.237.1. Again this applies to all IP traffic not just HTTP.

 
Upvote 0 Downvote
Hi KiscoKid,

In sequence 10 when there is not SET parameter the packets will be routed by the routing protocol which is running in the background.In this case OSPF.OSPF will then route packets destined for internet to the required ISP.

Also Packets can be routed to the required ISP by permiting in access-list 175 or denying in access-list 176.
My only concern is if I forward the http traffic to DNS server then can I access internet?

Thanks in advance.

 
Upvote 0 Downvote
jneiberger,

You are right...no need to send http traffic to DNS server.
Here I was just confused due to the fact that the DNS server is geogrophically somewhere else from where we want to access interenet.I had the dought that if I just could reach DNS server,I could access internet....just correct me if I am wrong.

Thanks in advance.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

jobsp90
  • Question
I have a issue in my office hospital network regarding using IPPBX software.
Replies
2
Views
232
DavetheChef
DavetheChef
PThomp3344
  • Locked
  • Question
Trying to connect to Cisco Unified Controller web interface: UC520W-16U-4FXO-K9
Replies
1
Views
472
nt8d09
nt8d09
stanlyn
  • Locked
  • Question
HowTo Install Multiple PAP2T ATA Devices on Same Lan
Replies
3
Views
479
iggsterman
iggsterman
Willi DB
  • Locked
  • Question
Polycom410 Forward an incoming call
Replies
0
Views
229
Willi DB
Willi DB
DrB0b
  • Locked
  • Question
Known issues or dangers in purchasing L3 switches that are used
Replies
3
Views
307
CASSBusinessSystems
CASSBusinessSystems

Part and Inventory Search

Sponsor

Back
Top