[c-nsp] easy way to re-route sql traffic down alternate link? -
verify commands
Matt Bazan
Mbazan at onelegal.com
Wed Apr 13 12:20:59 EDT 2005
that did the trick. thanks.
> -----Original Message-----
> From: Rodney Dunn [mailto:rodunn at cisco.com]
> Sent: Wednesday, April 13, 2005 9:07 AM
> To: Matt Bazan
> Cc: Rodney Dunn; Bruce Pinsky; cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] easy way to re-route sql traffic down
> alternate link? - verify commands
>
>
> No..you have to reverse it for the return packet.
>
> access-list 110 permit tcp any eq 1433 any
>
> if it stays on the same port.
>
> Rodney
>
>
> On Wed, Apr 13, 2005 at 09:02:08AM -0700, Matt Bazan wrote:
> > I've set up the same on router A but I don't believe this
> is matching
> > the return traffic..
> >
> > Will the 'access-list 110 permit tcp any any eq 1433' match traffic
> > where either the source or destination port is 1433? Thanks.
> >
> > > -----Original Message-----
> > > From: Rodney Dunn [mailto:rodunn at cisco.com]
> > > Sent: Tuesday, April 12, 2005 12:45 PM
> > > To: Matt Bazan
> > > Cc: Rodney Dunn; Bruce Pinsky; cisco-nsp at puck.nether.net
> > > Subject: Re: [c-nsp] easy way to re-route sql traffic down
> > > alternate link? - verify commands
> > >
> > >
> > > On Tue, Apr 12, 2005 at 12:22:53PM -0700, Matt Bazan wrote:
> > > > Here's how I plan to set this up. Looks very
> straightforward. If
> > > > anyone would have a sec to point out problems I'd be very
> > > > appreciative:
> > > >
> > > > SanRafael#(config) access-list 110 permit tcp any any eq 1433
> > > > //ACL
> > > > for sql traffic
> > > > SanRafael#(config) route-map SQL-Traffic permit
> > > > SanRafael#(config-route-map) match ip address 110
> > > > SanRafael#(config-route-map) set ip next hop <address of
> > > 'C' router>
> > > > //should I use an interface instead of IP here
> to insure proper
> > > > route?
> > >
> > > No. I never recommend anyone use an interface as a next hop.
> > >
> > > > SanRafael#(config) int fa0/0
> > > > SanRafael#(config-if) ip policy route map SQL-Traffic
> > > > //if i understand correctly, policy map needs
> to be applied to
> > > > interface that policy traffic enters on.
> > >
> > > Correct.
> > >
> > > >
> > > > then setup reverse on the 'A' router. anything else? thanks
> > > > again.
> > >
> > > Correct.
> > >
> > > You haven't looked in to the SAA stuff. Search for PBR object
> > > tracking on CCO. If the link between A-C goes down PBR with
> > > your current setup will send the SQL to C and C would route
> > > it back through B to get to A. It will work but suboptimal.
> > >
> > > PBR is just like static routes. By themselves they don't
> > > adjust to changes in the network which usually makes them
> a bad idea.
> > >
> > > You can path that somewhat with variations of SAA to detect a
> > > failure in the path and change the forwarding behavior based
> > > on that change.
> > >
> > > Rodney
> > >
> > >
> > >
>
>
More information about the cisco-nsp
mailing list