Skip navigation
Cisco Learning Home > CCIE Routing and Switching Study Group > Discussions
860 Views 2 Replies Latest reply: Sep 9, 2013 9:16 AM by Elvis Chong RSS

Currently Being Moderated

Return Route Manipulation

Mar 12, 2014 8:31 AM

Elvis Chong 39 posts since
Jan 5, 2010

Hey all Experts,

 

I need some guidance for below design and how to manipulate the return route.

 

Basically i running Hub and Spoke DMVPN design with more than 100 spoke routers. The hub is running dual router for redundancy purpose. Each spokes is having 2 tunnel to the dual hub routers (Tunnel 0 established to Hub 1 and Tunnel 1 is established to Hub 2). EIGRP Dynamic routing protocol is running between this Hub and Spoke design.

 

I got new requirement to setup an ADSL secondary link to all spokes router, the purpose is to segregate the non-critical traffic (e-mail) to flow via the new ADSL link, the 2nd purpose is to backup for Lease line failure scenario. For sure the Lease line also ready to serve the purpose to backup for ADSL link failure in other way round.

 

I would like to create another 2 new tunnel to peer with Hub 1 and Hub 2 via ADSL link and configure floating route based on server IP to the select path, sample as below.

 

172.31.100.0 255.255.255.0 tunnel 0   ----> Select tunnel 0 and tunnel 1 via lease line for Critical traffic (load sharing)

172.31.100.0 255.255.255.0 tunnel 1   ----> Select tunnel 0 and tunnel 1 via lease line for Critical traffic (load sharing)

172.31.100.0 255.255.255.0 tunnel 2  200   ----> floating route to tunnel 2 and tunnel 3 via ADSL in case lease line failure (load sharing)

172.31.100.0 255.255.255.0 tunnel 3  200   ----> floating route to tunnel 2 and tunnel 3 via ADSL in case lease line failure (load sharing)

 

172.25.100.0 255.255.255.0 tunnel 2   ----> Select tunnel 2 and tunnel 3 via ADSL for non-Critical traffic (load sharing)

172.25.100.0 255.255.255.0 tunnel 3   ----> Select tunnel 2 and tunnel 3 via ADSL for non-Critical traffic (load sharing)

172.25.100.0 255.255.255.0 tunnel 0   200   ----> floating route to tunnel 0 and tunnel 1 via Leaseline in case ADSL failure (load sharing)

172.25.100.0 255.255.255.0 tunnel 1   200  ----> floating route to tunnel 0 and tunnel 1 via Leaseline in case ADSL failure (load sharing)

 

My concern is, how could my Hub routers differentiate the critical/non-critical traffic when the return traffic back to the user source IP? The same source IP will be advertise to Hub routers with same metrics. In my Hub routers i will see the return route like below: It will load share the critical/non-critical traffic to both link from Hub routers.

 

How can i ensure the return route back to user from Hub router is select the correct tunnel to pass the traffic instead of load sharing? Because select asymmeteric return route could cause some application not working and accidently make used of Lease line for Non-critical traffic (E-mail synchronization) activity.

 

Hub1

==========

sh ip route 10.34.2.26

Routing entry for 10.34.2.0/25

  Known via "eigrp 10", distance 90, metric 12828160, type internal

  Redistributing via eigrp 10, ospf 100

  Advertised by ospf 100 subnets

  Last update from 10.18.33.2 on Tunnel0, 01:16:22 ago

  Routing Descriptor Blocks:

  * 10.18.33.2, from 10.18.33.2, 01:16:22 ago, via Tunnel0

      Route metric is 12828160, traffic share count is 1

      Total delay is 500100 microseconds, minimum bandwidth is 100000 Kbit

      Reliability 255/255, minimum MTU 1400 bytes

      Loading 31/255, Hops 1

    10.19.33.2, from 10.19.33.2, 01:16:22 ago, via Tunnel1

      Route metric is 12828160, traffic share count is 1

      Total delay is 500100 microseconds, minimum bandwidth is 100000 Kbit

      Reliability 255/255, minimum MTU 1400 bytes

      Loading 31/255, Hops 1

 

Need yours expert advice, thanks in advanced.

 

Best Regards

Elvis Chong Tzy Chun

  • aaceituno 242 posts since
    Feb 18, 2009
    Currently Being Moderated
    1. Mar 26, 2012 2:30 AM (in response to Elvis Chong)
    Re: Return Route Manipulation

       There is several ways you could influence the route metrics. Administrative distance, offset lists, bw and/or delay.

     

       First, you will have be able to identify your services based on its ip network address. Every service should be in a different network.

     

       EIGRP metrics are based on bandwidth and delay. You could manually adjust this parameters under interface configuration to modify routes metrics, this way the routes learned from some neighbor would become a backup route instead of a load sharing route. The feasible distance of the main path should be lower than the reported distance of the backup neighbor.

     

       Other way to get this are the offset lists. This way you could increase the composite metric of a specific route. This is a good way because you could select which routes to prefer over what path. This will modify the reported distance of routes. If you get a reported distance higher than the feasible distance over other path will become a backup path.

     

       AD is the worst method, as this can be applied only to neighbor address for internal eigrp routes. Or you could apply this for all external routes only, or all internal routes.

     

      Depending on you exact topology you have to choose the best method. I think in your case offset lists will be the best solution. This will modify the path from your clients to your servers.

     

     

      From your server to your clients, you cant do the same. If you want to guarantee a path from your servers to your clients, will have to apply Policy Based Routing. Classify and match traffic based on its source ip address, and set as next hop the right path over the primary, adsl or leased line path.

      You could use a interface next hop, or could use a ip next hop (better because you could dynamically learn this). This could be a loopack interface at your spoke router, at your hubs routers will have to apply offset lists, so will prefer one path to this loopback, and the others will be backup paths.

      The PBR will send traffic through the prefered path to this loop. Is this liks fail, the backup route will take over and PBR will be working normally, but through other path.

     

     

      Br

      Alex.

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)