[c-nsp] Where to apply Policy-Based Routing?

Mark Tohill Mark at u.tv
Wed May 23 03:57:58 EDT 2007


Hi,
 
We have a scenario where we have to divert www traffic from sessions
over L2TP VPDN tunnels terminating on several 7200's to a next-hop other
than the default route.
 
We were hoping to achieve this via Policy-Based Routing and RADIUS
attributes.
 
Can PBR only be applied inbound on interfaces. I know this makes sense,
since the routing descision has not been made yet :)
 
In our situation, our VPDN traffic and user traffic bound for the
internet all come in/out over the same gigabit interface. i.e we have
nowhere to apply the PBR policy.
 
Is there anyway around this?
 
Thanks,
Mark
 
config below:
 
 
!
vpdn-group 1
 description VPDN-GROUP-1
 accept-dialin
  protocol l2tp
  virtual-template 1
 terminate-from hostname <snipped>
 source-ip <snipped>
 lcp renegotiation on-mismatch
 l2tp tunnel password <snipped>
!
interface Virtual-Template1
 description Virtual Template
 mtu 1460
 ip unnumbered Loopback0
 ip tcp adjust-mss 1420
 no logging event link-status
 no snmp trap link-status
 peer default ip address pool default
 ppp mtu adaptive proxy
 ppp authentication chap
!
!
interface GigabitEthernet0/1
 description GigabitEthernet To Telco
 ip address <snipped> 255.255.255.248
 ip access-group EXT_INBOUND in
 duplex full
 speed 1000
 media-type gbic
 negotiation auto
 no cdp enable
!
!
interface Loopback0
 description Telco VPDN Tunnel Endpoint
 ip address <snipped> 255.255.255.255
!


 
Mark Tohill
UTV Internet
T:+44 (0)28 90 262196
M:+44 (0)7786 278716
E:mark at u.tv <blocked::mailto:mark at u.tv> 
 


More information about the cisco-nsp mailing list