[c-nsp] Policy-routing for a protocol
Church, Charles
Charles.Church at harris.com
Mon Mar 8 16:54:56 EST 2010
Hey all,
Got kind of a design problem I'm working on, trying to see what my
options are. Gonna have a site with dual 7206, both with full tables, doing
iBGP between. Each 7206 will have (2) links going to upstream, all (4)
links in same remote AS. Both routers have a 50 meg circuit for general
use, and a 10 meg circuit we'd like to dedicate to VTC type traffic.
To handle the inbound traffic, I was going to announce the smaller
local address block dedicated to VTC gear only out the VTC-dedicated
circuits. Upstream provider should be able to deal with that easily.
Outbound seems a bit trickier. Seems like I need to policy route
the traffic, matching on the source address of the VTC gear. The next hop
is what I'm getting stuck on, since I could be black-holing VTC traffic if
that BGP peer was down, but the interface was up (it's metro ethernet, local
link doesn't guarantee BGP is up). There is a 'verify-availability' option,
but seems to be tied to CDP, and upstream uses Juniper.
Any new IOS feature out there that might help? Most likely gonna
run 12.4 mainline on them. I toyed with the idea of a separate VRF for VTC,
but the downstream firewall stuff is gonna rule that out. I don't think I
can leverage static object tracking in a route map, but maybe I overlooked
something. Any help would be appreciated.
Thanks,
Chuck Church
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6595 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20100308/305e2c70/attachment-0001.bin>
More information about the cisco-nsp
mailing list