Configure Policy Based Redirect and IPSLA for Redundant ISP Links

Available Languages

Download Options

  • PDF     (4.1 MB)
    View with Adobe Reader on a variety of devices
  • ePub     (4.2 MB)
    View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
  • Mobi (Kindle)     (2.7 MB)
    View on Kindle device or Kindle app on multiple devices
Updated:September 19, 2024
Document ID:CX222456

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Contents

Introduction

This document describes how to configure a Policy-Based Redirect (PBR) service and IPSLA in the Nexus environment. 

Dual ISP on different switches use case:

Figure 1 shows the typical DC to DR multiple ISP link connecting to different core switches. 

Figure 1. DC-DR Network Topology

rgavandi_7-1726657355243

Design Highlights 

DC and DR locations have the Nexus 9K family switches as Core and Access switches. Core and Access switches are configured as double sided vPC. DC Core switches have the Gateway for VLAN10 with HSRP. DR Core Switches have the Gateways for VLAN20 with HSRP. vPC Peer-Gateway command is configured on DC and DR Core switches. There are two ISP links between DC and DR Core switches. DC Core-01 and DC Core-02 are configured with point-to-point ip addresses with VLAN50. DR Core-01 and DR Core-02 are configured with point-to-point ip addresses with VLAN50. ISP-A is connected between DC Core-01 and DR Core-01, ISP-B is connected between DC Core-02 and DR Core-02. Servers are connected to both Access Switches in DC/DR. Server Gateways for VLAN-10 and VLAN-20 are configured on DC Core Switches. Server Gateways for VLAN-30 and VLAN-40 are configured on DR Core Switches. 

Requirement

1. Communication between Host A and Host C must use ISP-A Link. In case of ISP-A Failure, traffic must switch to ISP B.

Figure 2. Host A to Host C traffic flow through ISP-A

rgavandi_5-1726657148769

Figure 3. Host A to Host C traffic flow through ISP-B, in case of ISP-A link failure

rgavandi_6-1726657236560

2. Communication between Host A and Host D must use ISP-B Link. In case of ISP-B Failure, traffic must switch to ISP-A.

Figure 4 . Host A to Host D traffic flow through ISP-B

rgavandi_8-1726657401604

Figure 5. Host A to Host D traffic flow through ISP-A, in case of ISP-B link failure

rgavandi_9-1726657477092

3. Communication between Host B and Host C must use ISP-B Link. In case of ISP-B Failure, traffic must switch to ISP-A.

Figure 6. Host B to Host C traffic flow through ISP-B

rgavandi_10-1726657516242

Figure 7. Host B to Host C traffic flow through through ISP-A, in case of ISP-B link failure

rgavandi_11-1726657700944

4. Communication between Host B and Host D must use ISP-A Link. In case of ISP-A Failure, traffic must switch to ISP-B.

Figure 8. Host B to Host D traffic flow through ISP-A

rgavandi_12-1726657866920

Figure 9. Host B to Host D traffic flow through ISP-B, in case of ISP-A link failure

rgavandi_13-1726657964242

5. In case of any link failure, link down notification has to be sent.

Challenges

  1. Dynamic and static routing protocol can not do source based routing.
  2. Hosts can land on any of the Core Switches, as there is HSRP and vPC Peer Gateway configured
  3. ISP links are not directly terminated on Core switches. If the link fails, notification is not sent as physical interface remains UP. 
  4. Links are terminated on two different Core switches.

Solution

  1. IP SLA track to be configured on DC and DR Core switches
  2. Static routes to be configured for the reachability of remote point-to-point IP addresses
  3. Policy Based Routing to be configured on DC and DR Core switches

Configuration

IPSLA Configuration

IPSLA configuration to track the both the WAN Links from Both Core Switches. 

Figure 10. ISP-A and ISP-B Link Tracking from DC-CORE-01

rgavandi_14-1726658355839

Table 1. IPSLA Configuration for ISP-A and ISP-B Link Tracking from DC-CORE-01

DC-CORE-01# show run track

track 1 ip sla 1 reachability

delay up 1 down 1

track 2 ip sla 2 reachability

delay up 1 down 1

DC-CORE-01# show run sla sender

feature sla sender

ip sla 1

  icmp-echo 192.168.100.2 source-ip 192.168.50.1

ip sla schedule 1 life forever start-time now

ip sla 2

  icmp-echo 192.168.200.2 source-ip 192.168.50.1

ip sla schedule 2 life forever start-time now

Figure 11. ISP-A and ISP-B Link Tracking from DC-CORE-02

rgavandi_1-1726658859692

Table 2. IPSLA Configuration for ISP-A and ISP-B Link Tracking from DC-CORE-02

DC-CORE-02# show run track

track 1 ip sla 1 reachability

delay up 1 down 1

track 2 ip sla 2 reachability

delay up 1 down 1

DC-CORE-02# show run sla sender

feature sla sender

ip sla 1

  icmp-echo 192.168.100.2 source-ip 192.168.50.2

ip sla schedule 1 life forever start-time now

ip sla 2

  icmp-echo 192.168.200.2 source-ip 192.168.50.2

ip sla schedule 2 life forever start-time now

Figure 12. ISP-A and ISP-B Link Tracking from DR-CORE-01

rgavandi_3-1726659116889

Table 3. IPSLA Configuration for ISP-A and ISP-B Link Tracking from DR-CORE-01

DR-CORE-01# show run track

track 1 ip sla 1 reachability

delay up 1 down 1

track 2 ip sla 2 reachability

delay up 1 down 1

DR-CORE-01# show run sla sender

feature sla sender

ip sla 1

  icmp-echo 192.168.100.2 source-ip 192.168.60.1

ip sla schedule 1 life forever start-time now

ip sla 2

  icmp-echo 192.168.200.2 source-ip 192.168.60.1

ip sla schedule 2 life forever start-time now

Figure 13. ISP-A and ISP-B Link Tracking from DR-CORE-02

rgavandi_5-1726659343812

Table 4. IPSLA Configuration for ISP-A and ISP-B Link Tracking from DR-CORE-02

DR-CORE-02# show run track

track 1 ip sla 1 reachability

delay up 1 down 1

track 2 ip sla 2 reachability

delay up 1 down 1

DR-CORE-02# show run sla sender

feature sla sender

ip sla 1

  icmp-echo 192.168.100.2 source-ip 192.168.60.2

ip sla schedule 1 life forever start-time now

ip sla 2

  icmp-echo 192.168.200.2 source-ip 192.168.60.2

ip sla schedule 2 life forever start-time now

Static Route Configuration

We must configure static routes in DC-CORE-01 towards DC-CORE-02 for the destination as ISP-B DR-CORE-02 IP address. We must configure two different routes to reach to DR Core Point-to-Point IP address VLAN60, one route to be added towards DR Core ISP-A with default administrative value and another route towards DC-CORE-02 with higher AD value. We must attach the IP SLA 1 to the route towards ISP-A. If the ISP-A link fails, routing table has to be updated with DR Core Point-to-Point subnet towards DC-CORE-02.

Figure 14. Reachability from DC-CORE-SW01 to ISP-B and DR Core Point-to-Point subnet

rgavandi_7-1726660147392

Table 5. Static routes configuration in DC-CORE-01

ip route 192.168.60.0/30 192.168.50.2 100

ip route 192.168.60.0/30 192.168.100.2 track 1

ip route 192.168.200.0/30 192.168.50.2

We must configure static routes in DC-CORE-02 towards DC-CORE-01 for the destination as ISP-A DR-CORE-01 IP address. We must configure two different routes to reach to DR Core Point-to-Point IP address VLAN60, one route to  be added towards DR Core ISP-B with default administrative value and another route towards DC-CORE-01 with higher AD value. We must attach the IP SLA 2 to the route towards ISP-B. If the ISP-B link fails, routing table has to be updated with DR Core Point-to-Point subnet towards DC-CORE-01.

Figure 15. Reachability from DC-CORE-02 to ISP-A and DR Core Point-to-Point subnet

rgavandi_9-1726660832628

Table 6. Static routes configuration in DC-CORE-02

ip route 192.168.60.0/30 192.168.50.1 100

ip route 192.168.60.0/30 192.168.200.2 track 1

ip route 192.168.200.0/30 192.168.50.1

We must configure static routes in DR-CORE-01 towards DR-CORE-02 for the destination as ISP-B DC-CORE-02 IP address. We must configure two different routes to reach to DC Core Point-to-Point IP address VLAN50, one route to be added towards DC Core ISP-A with default administrative value and another route towards DR-CORE-02 with higher AD value. We must attach the IP SLA 1 to the route towards ISP-A. If the ISP-A link fails,routing table has to be updated with DC Core Point-to-Point subnet towards DR-CORE-02.

Figure 16. Reachability from DR-CORE-01 to ISP-B and DC Core Point-to-Point subnet

rgavandi_13-1726661497393

Table 7. Static routes configuration in DR-CORE-01

ip route 192.168.60.0/30 192.168.60.2 100

ip route 192.168.60.0/30 192.168.100.1 track 1

ip route 192.168.200.0/30 192.168.60.2

We must configure static routes in DR-CORE-02 towards DR-CORE-01 for the destination as ISP-A DC-CORE-01 IP address. We must configure two different routes to reach to DC Core Point-to-Point IP address VLAN50, one route to be added towards DC Core ISP-B with default administrative value and another route towards DR-CORE-01 with higher AD value. We must attach the IP SLA 2 to the route towards ISP-B. If the ISP-B link fails,routing table has to be updated with DC Core Point-to-Point IP address towards DR-CORE-01.

Figure 17. Reachability from DR-CORE-02 to ISP-A and DC Core Point-to-Point subnet

rgavandi_15-1726661702776

Table 8. Static routes configuration in DR-CORE-02

ip route 192.168.60.0/30 192.168.60.1 100

ip route 192.168.60.0/30 192.168.200.1 track 1

ip route 192.168.200.0/30 192.168.60.1

Table 9. Verify the tracks on all Core Switches. It applies to all the Core Switches.

DC-CORE-01# show track

Track 1

  IP SLA 1 Reachability

  Reachability is UP

  14 changes, last change 21:38:57

  Latest operation return code: OK

  Latest RTT (millisecs): 2

  Tracked by:

    IPv4 Static Route 1

    Route Map Configuration

  Delay up 1 secs, down 1 secs

Track 2

  IP SLA 2 Reachability

  Reachability is UP

  12 changes, last change 07:08:56

  Latest operation return code: OK

  Latest RTT (millisecs): 1

  Tracked by:

    Route Map Configuration

  Delay up 1 secs, down 1 secs

Policy Based Routing Configuration

Traffic between Hosts have to be redirected to ISP-A and ISP-B based on Source-Destination IP Addresses. Multiple configurations to be done to achieve the Policy Based Redirect:

  1. Access-list to be configured with source and destination Host IP addresses
  2. Route-map configuration with next hop IP address
  3. Associate the route-map to the interface which is near to source

Access-list Configuration

We must configure access-lists on DC-CORE-01 for the communication between HostA/HostB and HostC/HostD

Table 10. Access-list configuration on DC-CORE-01

ip access-list EndpointA-to-EndpointC

  10 permit ip 192.168.10.10/32 192.168.30.10/32

ip access-list EndpointA-to-EndpointD

  10 permit ip 192.168.10.10/32 192.168.40.10/32

ip access-list EndpointB-to-EndpointC

  10 permit ip 192.168.20.10/32 192.168.30.10/32

ip access-list EndpointB-to-EndpointD

  10 permit ip 192.168.20.10/32 192.168.40.10/32

track 1 ip sla 1 reachability

We must configure access-lists on DC-CORE-02 for the communication between HostA/HostB and HostC/HostD

Table 11. Access-list configuration on DC-CORE-02

ip access-list EndpointA-to-EndpointC

  10 permit ip 192.168.10.10/32 192.168.30.10/32

ip access-list EndpointA-to-EndpointD

  10 permit ip 192.168.10.10/32 192.168.40.10/32

ip access-list EndpointB-to-EndpointC

  10 permit ip 192.168.20.10/32 192.168.30.10/32

ip access-list EndpointB-to-EndpointD

  10 permit ip 192.168.20.10/32 192.168.40.10/32

We must configure access-lists on DR-CORE-01 for the communication between HostC/HostD and HostA/HostA

Table 12. Access-list configuration on DR-CORE-01

ip access-list EndpointC-to-EndpointA

  10 permit ip 192.168.30.10/32 192.168.10.10/32

ip access-list EndpointC-to-EndpointB

  10 permit ip 192.168.30.10/32 192.168.20.10/32

ip access-list EndpointD-to-EndpointA

  10 permit ip 192.168.40.10/32 192.168.10.10/32

ip access-list EndpointD-to-EndpointB

  10 permit ip 192.168.40.10/32 192.168.20.10/32

We must configure access-lists on DR-CORE-02 for the communication between HostC/HostD and HostA/HostA.

Table 13. Access-list configuration on DR-CORE-02

ip access-list EndpointC-to-EndpointA

  10 permit ip 192.168.30.10/32 192.168.10.10/32

ip access-list EndpointC-to-EndpointB

  10 permit ip 192.168.30.10/32 192.168.20.10/32

ip access-list EndpointD-to-EndpointA

  10 permit ip 192.168.40.10/32 192.168.10.10/32

ip access-list EndpointD-to-EndpointB

  10 permit ip 192.168.40.10/32 192.168.20.10/32

Route-Map Configuration

We must configure Route-map, attach the Access-lists and set the next-hop along with track commands on DC-CORE-01. ISP-A and ISP-B both the next-hops must be part of Route-Map.

Table 14. Route-Map configuration on DC-CORE-01

route-map PBR permit 10

  match ip address EndpointA-to-EndpointC

  set ip next-hop verify-availability 192.168.100.2 track 1

  set ip next-hop verify-availability 192.168.200.2 track 2 force-order

route-map PBR permit 20

  match ip address EndpointA-to-EndpointD

  set ip next-hop verify-availability 192.168.200.2 track 2

  set ip next-hop verify-availability 192.168.100.2 track 1 force-order

route-map PBR permit 30

  match ip address EndpointB-to-EndpointC

  set ip next-hop verify-availability 192.168.200.2 track 2

  set ip next-hop verify-availability 192.168.100.2 track 1 force-order

route-map PBR permit 40

  match ip address EndpointB-to-EndpointD

  set ip next-hop verify-availability 192.168.100.2 track 1

  set ip next-hop verify-availability 192.168.200.2 track 2 force-order

We must configure Route-map, attach the Access-lists and set the next-hop along with track commands on DC-CORE-02.ISP-A and ISP-B both the next-hops must be part of Route-Map.

Table 15. Route-Map configuration on DC-CORE-02

route-map PBR permit 10

  match ip address EndpointA-to-EndpointC

  set ip next-hop verify-availability 192.168.100.2 track 1

  set ip next-hop verify-availability 192.168.200.2 track 2 force-order

route-map PBR permit 20

  match ip address EndpointA-to-EndpointD

  set ip next-hop verify-availability 192.168.200.2 track 2

  set ip next-hop verify-availability 192.168.100.2 track 1 force-order

route-map PBR permit 30

  match ip address EndpointB-to-EndpointC

  set ip next-hop verify-availability 192.168.200.2 track 2

  set ip next-hop verify-availability 192.168.100.2 track 1 force-order

route-map PBR permit 40

  match ip address EndpointB-to-EndpointD

  set ip next-hop verify-availability 192.168.100.2 track 1

  set ip next-hop verify-availability 192.168.200.2 track 2 force-order

We must configure Route-map, attach the Access-lists and set the next-hop along with track commands on DR-CORE-01.ISP-A and ISP-B both the next-hops must be part of Route-Map.

Table 16. Route-Map configuration on DR-CORE-01

route-map PBR permit 10

  match ip address EndpointC-to-EndpointA

  set ip next-hop verify-availability 192.168.100.1 track 1

  set ip next-hop verify-availability 192.168.200.1 track 2 force-order

route-map PBR permit 20

  match ip address EndpointD-to-EndpointA

  set ip next-hop verify-availability 192.168.200.1 track 2

  set ip next-hop verify-availability 192.168.100.1 track 1 force-order

route-map PBR permit 30

  match ip address EndpointC-to-EndpointB

  set ip next-hop verify-availability 192.168.200.1 track 2

  set ip next-hop verify-availability 192.168.100.1 track 1 force-order

route-map PBR permit 40

  match ip address EndpointD-to-EndpointB

  set ip next-hop verify-availability 192.168.100.1 track 1

  set ip next-hop verify-availability 192.168.200.1 track 2 force-order

We must configure Route-map, attach the Access-lists and set the next-hop along with track commands on DR-CORE-01.ISP-A and ISP-B both the next-hops must be part of Route-Map.

Table 17. Route-Map configuration on DR-CORE-02

route-map PBR permit 10

  match ip address EndpointC-to-EndpointA

  set ip next-hop verify-availability 192.168.100.1 track 1

  set ip next-hop verify-availability 192.168.200.1 track 2 force-order

route-map PBR permit 20

  match ip address EndpointD-to-EndpointA

  set ip next-hop verify-availability 192.168.200.1 track 2

  set ip next-hop verify-availability 192.168.100.1 track 1 force-order

route-map PBR permit 30

  match ip address EndpointC-to-EndpointB

  set ip next-hop verify-availability 192.168.200.1 track 2

  set ip next-hop verify-availability 192.168.100.1 track 1 force-order

route-map PBR permit 40

  match ip address EndpointD-to-EndpointB

  set ip next-hop verify-availability 192.168.100.1 track 1

  set ip next-hop verify-availability 192.168.200.1 track 2 force-order

Apply Route-Map on Interfaces

Route-map has to be applied to Switched Virtual Interfaces (Server GWs). We also need to apply the Route-map on Core Switches Point-to-Point Interfaces to redirect the traffic in case of ISP Link failure or if the packet arrives on vPC Peer Switches which does not have the necessary ISP link.

We must apply Route-map on Interface VLAN10, Interface VLAN20 and Interface VLAN50 in DC-CORE-01.

Table 18. Apply Route-map on DC-CORE-01

interface Vlan10

  no shutdown

  no ip redirects

  ip address 192.168.10.2/24

  no ipv6 redirects

  ip policy route-map PBR

  hsrp 10

    ip 192.168.10.1

interface Vlan20

  no shutdown

  no ip redirects

  ip address 192.168.20.2/24

  no ipv6 redirects

  ip policy route-map PBR

  hsrp 20

    ip 192.168.20.1

interface Vlan50

  no shutdown

  no ip redirects

  ip address 192.168.50.1/30

  no ipv6 redirects

  ip policy route-map PBR

We must apply Route-map on Interface VLAN10, Interface VLAN20 and Interface VLAN50 in DC-CORE-02.

Table 19. Apply Route-map on DC-CORE-02

interface Vlan10

  no shutdown

  no ip redirects

  ip address 192.168.10.3/24

  no ipv6 redirects

  ip policy route-map PBR

  hsrp 10

    ip 192.168.10.1

interface Vlan20

  no shutdown

  no ip redirects

  ip address 192.168.20.3/24

  no ipv6 redirects

  ip policy route-map PBR

  hsrp 20

    ip 192.168.20.1

interface Vlan50

  no shutdown

  no ip redirects

  ip address 192.168.50.2/30

  no ipv6 redirects

  ip policy route-map PBR

We must apply Route-map on Interface VLAN30, Interface VLAN40 and Interface VLAN60 in DR-CORE-01.

Table 20. Apply Route-map on DR-CORE-01

interface Vlan30

  no shutdown

  no ip redirects

  ip address 192.168.30.2/24

  no ipv6 redirects

  ip policy route-map PBR

  hsrp 30

    ip 192.168.30.1

interface Vlan40

  no shutdown

  no ip redirects

  ip address 192.168.40.2/24

  no ipv6 redirects

  ip policy route-map PBR

  hsrp 40

    ip 192.168.40.1

interface Vlan60

  no shutdown

  no ip redirects

  ip address 192.168.60.1/30

  no ipv6 redirects

  ip policy route-map PBR

We must apply Route-map on Interface VLAN30, Interface VLAN40 and Interface VLAN60 in DR-CORE-02.

Table 21. Apply Route-map on DR-CORE-02

interface Vlan30

  no shutdown

  no ip redirects

  ip address 192.168.30.3/24

  no ipv6 redirects

  ip policy route-map PBR

  hsrp 30

    ip 192.168.30.1

interface Vlan40

  no shutdown

  no ip redirects

  ip address 192.168.40.3/24

  no ipv6 redirects

  ip policy route-map PBR

  hsrp 40

    ip 192.168.40.1

interface Vlan60

  no shutdown

  no ip redirects

  ip address 192.168.60.2/30

  no ipv6 redirects

  ip policy route-map PBR

Route-Map Verification

Verify the Route-map on DC-CORE-01, configured Access-list and track status must be UP. 

Table 22. Verify Route-map on DC-CORE-01

DC-CORE-01# show route-map

route-map PBR, permit, sequence 10

  Match clauses:

    ip address (access-lists): EndpointA-to-EndpointC

  Set clauses:

    ip next-hop verify-availability 192.168.100.2 track 1 [ UP ]

    ip next-hop verify-availability 192.168.200.2 track 2 [ UP ]  force-order

route-map PBR, permit, sequence 20

  Match clauses:

    ip address (access-lists): EndpointA-to-EndpointD

  Set clauses:

    ip next-hop verify-availability 192.168.200.2 track 2 [ UP ]

    ip next-hop verify-availability 192.168.100.2 track 1 [ UP ]  force-order

route-map PBR, permit, sequence 30

  Match clauses:

    ip address (access-lists): EndpointB-to-EndpointC

  Set clauses:

    ip next-hop verify-availability 192.168.200.2 track 2 [ UP ]

    ip next-hop verify-availability 192.168.100.2 track 1 [ UP ]  force-order

route-map PBR, permit, sequence 40

  Match clauses:

    ip address (access-lists): EndpointB-to-EndpointD

  Set clauses:

    ip next-hop verify-availability 192.168.100.2 track 1 [ UP ]

    ip next-hop verify-availability 192.168.200.2 track 2 [ UP ]  force-order

Verify the Route-map on DC-CORE-02, configured Access-list and track status must be UP. 

Table 23. Verify Route-map on DC-CORE-02

DC-CORE-02# show route-map

route-map PBR, permit, sequence 10

  Match clauses:

    ip address (access-lists): EndpointA-to-EndpointC

  Set clauses:

    ip next-hop verify-availability 192.168.100.2 track 1 [ UP ]

    ip next-hop verify-availability 192.168.200.2 track 2 [ UP ]  force-order

route-map PBR, permit, sequence 20

  Match clauses:

    ip address (access-lists): EndpointA-to-EndpointD

  Set clauses:

    ip next-hop verify-availability 192.168.200.2 track 2 [ UP ]

    ip next-hop verify-availability 192.168.100.2 track 1 [ UP ]  force-order

route-map PBR, permit, sequence 30

  Match clauses:

    ip address (access-lists): EndpointB-to-EndpointC

  Set clauses:

    ip next-hop verify-availability 192.168.200.2 track 2 [ UP ]

    ip next-hop verify-availability 192.168.100.2 track 1 [ UP ]  force-order

route-map PBR, permit, sequence 40

  Match clauses:

    ip address (access-lists): EndpointB-to-EndpointD

  Set clauses:

    ip next-hop verify-availability 192.168.100.2 track 1 [ UP ]

    ip next-hop verify-availability 192.168.200.2 track 2 [ UP ]  force-order

Verify the Route-map on DR-CORE-01, configured Access-list and track status must be UP. 

Table 24. Verify Route-map on DR-CORE-01

DR-CORE-01# show route-map

route-map PBR, permit, sequence 10

  Match clauses:

    ip address (access-lists): EndpointC-to-EndpointA

  Set clauses:

    ip next-hop verify-availability 192.168.100.1 track 1 [ UP ]

    ip next-hop verify-availability 192.168.200.1 track 2 [ UP ]  force-order

route-map PBR, permit, sequence 20

  Match clauses:

    ip address (access-lists): EndpointD-to-EndpointA

  Set clauses:

    ip next-hop verify-availability 192.168.200.1 track 2 [ UP ]

    ip next-hop verify-availability 192.168.100.1 track 1 [ UP ]  force-order

route-map PBR, permit, sequence 30

  Match clauses:

    ip address (access-lists): EndpointC-to-EndpointB

  Set clauses:

    ip next-hop verify-availability 192.168.200.1 track 2 [ UP ]

    ip next-hop verify-availability 192.168.100.1 track 1 [ UP ]  force-order

route-map PBR, permit, sequence 40

  Match clauses:

    ip address (access-lists): EndpointD-to-EndpointB

  Set clauses:

    ip next-hop verify-availability 192.168.100.1 track 1 [ UP ]

    ip next-hop verify-availability 192.168.200.1 track 2 [ UP ]  force-order

Verify the Route-map on DR-CORE-02, configured Access-list and track status must be UP. 

Table 25. Verify Route-map on DR-CORE-02

DR-CORE-02# show route-map

route-map PBR, permit, sequence 10

  Match clauses:

    ip address (access-lists): EndpointC-to-EndpointA

  Set clauses:

    ip next-hop verify-availability 192.168.100.1 track 1 [ UP ]

    ip next-hop verify-availability 192.168.200.1 track 2 [ UP ]  force-order

route-map PBR, permit, sequence 20

  Match clauses:

    ip address (access-lists): EndpointD-to-EndpointA

  Set clauses:

    ip next-hop verify-availability 192.168.200.1 track 2 [ UP ]

    ip next-hop verify-availability 192.168.100.1 track 1 [ UP ]  force-order

route-map PBR, permit, sequence 30

  Match clauses:

    ip address (access-lists): EndpointC-to-EndpointB

  Set clauses:

    ip next-hop verify-availability 192.168.200.1 track 2 [ UP ]

    ip next-hop verify-availability 192.168.100.1 track 1 [ UP ]  force-order

route-map PBR, permit, sequence 40

  Match clauses:

    ip address (access-lists): EndpointD-to-EndpointB

  Set clauses:

    ip next-hop verify-availability 192.168.100.1 track 1 [ UP ]

    ip next-hop verify-availability 192.168.200.1 track 2 [ UP ]  force-order

Verification 

Ping from HostA to HostC

Table 26. Ping from HostA to HostC 

PING 192.168.30.10 (192.168.30.10) from 192.168.10.10: 56 data bytes

64 bytes from 192.168.30.10: icmp_seq=0 ttl=251 time=1.016 ms

64 bytes from 192.168.30.10: icmp_seq=1 ttl=251 time=0.502 ms

64 bytes from 192.168.30.10: icmp_seq=2 ttl=251 time=0.455 ms

64 bytes from 192.168.30.10: icmp_seq=3 ttl=251 time=0.424 ms

64 bytes from 192.168.30.10: icmp_seq=4 ttl=251 time=0.682 ms

Traceroute from HostA to HostC

Table 27. Traceroute output from HostA to HostC

traceroute to 192.168.30.10 (192.168.30.10) from 192.168.10.10 (192.168.10.10), 30 hops max, 48 byte packets

1  192.168.10.2 (192.168.10.2)  0.634 ms  0.59 ms  0.521 ms

2  * * *

3  192.168.30.10 (192.168.30.10)  0.856 ms  0.546 ms  0.475 ms

Traffic flow from HostA to HostC

Figure 18. Traffic flow from HostA to HostC

rgavandi_0-1726674232615

Ping from HostA to HostD

Table 28. Ping from HostA to HostD

PING 192.168.40.10 (192.168.40.10) from 192.168.10.10: 56 data bytes

64 bytes from 192.168.40.10: icmp_seq=0 ttl=252 time=0.902 ms

64 bytes from 192.168.40.10: icmp_seq=1 ttl=252 time=0.644 ms

64 bytes from 192.168.40.10: icmp_seq=2 ttl=252 time=0.423 ms

64 bytes from 192.168.40.10: icmp_seq=3 ttl=252 time=0.565 ms

64 bytes from 192.168.40.10: icmp_seq=4 ttl=252 time=0.548 ms

Traceroute from HostA to HostD

Table 29. Traceroute output from HostA to HostD

traceroute to 192.168.40.10 (192.168.40.10) from 192.168.10.10 (192.168.10.10), 30 hops max, 48 byte packets

1  192.168.50.2 (192.168.50.2)  0.963 ms  0.847 ms  0.518 ms

2  192.168.50.2 (192.168.50.2)  0.423 ms  0.383 ms  0.369 ms

3  * * *

4  192.168.40.10 (192.168.40.10)  1.094 ms  0.592 ms  0.761 ms

Traffic flow from HostA to HostD

Figure 19. Traffic flow from HostA to HostD

rgavandi_2-1726674587560

Ping from HostB to HostC

Table 30. Ping from HostB to HostC

PING 192.168.30.10 (192.168.30.10) from 192.168.20.10: 56 data bytes

64 bytes from 192.168.30.10: icmp_seq=0 ttl=252 time=0.773 ms

64 bytes from 192.168.30.10: icmp_seq=1 ttl=252 time=0.496 ms

64 bytes from 192.168.30.10: icmp_seq=2 ttl=252 time=0.635 ms

64 bytes from 192.168.30.10: icmp_seq=3 ttl=252 time=0.655 ms

64 bytes from 192.168.30.10: icmp_seq=4 ttl=252 time=0.629 ms

Traceroute from HostB to HostC

Table 31. Tracroute output from HostB to HostC

traceroute to 192.168.30.10 (192.168.30.10) from 192.168.20.10 (192.168.20.10), 30 hops max, 48 byte packets

1  192.168.50.2 (192.168.50.2)  1.272 ms  0.772 ms  0.779 ms

2  192.168.50.2 (192.168.50.2)  0.536 ms  0.49 ms  0.359 ms

3  * * *

4  192.168.30.10 (192.168.30.10)  0.937 ms  0.559 ms  0.446 ms

Traffic flow from HostB to HostC

Figure 20. Traffic flow from HostB to HostC

rgavandi_3-1726674681703

Ping from HostB to HostD

Table 32. Ping from HostB to HostD

PING 192.168.40.10 (192.168.40.10) from 192.168.20.10: 56 data bytes

64 bytes from 192.168.40.10: icmp_seq=0 ttl=251 time=1.052 ms

64 bytes from 192.168.40.10: icmp_seq=1 ttl=251 time=0.516 ms

64 bytes from 192.168.40.10: icmp_seq=2 ttl=251 time=0.611 ms

64 bytes from 192.168.40.10: icmp_seq=3 ttl=251 time=0.498 ms

64 bytes from 192.168.40.10: icmp_seq=4 ttl=251 time=0.487 ms

Traceroute from HostB to HostD

Table 33. Traceroute output from HostB to HostD

traceroute to 192.168.40.10 (192.168.40.10) from 192.168.20.10 (192.168.20.10), 30 hops max, 48 byte packets

1  192.168.20.2 (192.168.20.2)  0.804 ms  0.467 ms  0.44 ms

2  * * *

3  192.168.40.10 (192.168.40.10)  1.135 ms  0.617 ms  0.74 ms

Traffic flow from HostB to HostD

Figure 21. Traffic flow from HostB to HostD

rgavandi_4-1726674722199

Shutdown ISP-A Link

Table 34. Shutdown ISP-A Link

DC-CORE-01(config)# int e1/3

DC-CORE-01(config-if)# shut

DC-CORE-01# show int e1/3

Ethernet1/3 is down (Administratively down)

admin state is down, Dedicated Interface

  Hardware: 100/1000/10000/25000 Ethernet, address: c4b2.3942.2b67 (bia c4b2.3942.2b6a)

  Internet Address is 192.168.100.1/30

ISP-A Link Down

Figure 22. ISP-A Link down

rgavandi_5-1726674846618

Verify track on All the Core Switches after ISP-A Link Down

Table 35. Track output on all the Core Switches.

DC-CORE-01# show track

Track 1

  IP SLA 1 Reachability

  Reachability is DOWN

  15 changes, last change 00:00:08

  Latest operation return code: Timeout

  Tracked by:

    IPv4 Static Route 1

    Route Map Configuration

  Delay up 1 secs, down 1 secs

Track 2

  IP SLA 2 Reachability

  Reachability is UP

  12 changes, last change 07:48:12

  Latest operation return code: OK

  Latest RTT (millisecs): 2

  Tracked by:

    Route Map Configuration

  Delay up 1 secs, down 1 secs

Verify Route-map on DC-CORE-01

Table 36. Route-map verification on DC-CORE-01

DC-CORE-01# show route-map

route-map PBR, permit, sequence 10

  Match clauses:

    ip address (access-lists): EndpointA-to-EndpointC

  Set clauses:

    ip next-hop verify-availability 192.168.100.2 track 1 [ DOWN ]

    ip next-hop verify-availability 192.168.200.2 track 2 [ UP ]  force-order

route-map PBR, permit, sequence 20

  Match clauses:

    ip address (access-lists): EndpointA-to-EndpointD

  Set clauses:

    ip next-hop verify-availability 192.168.200.2 track 2 [ UP ]

    ip next-hop verify-availability 192.168.100.2 track 1 [ DOWN ]  force-order

route-map PBR, permit, sequence 30

  Match clauses:

    ip address (access-lists): EndpointB-to-EndpointC

  Set clauses:

    ip next-hop verify-availability 192.168.200.2 track 2 [ UP ]

    ip next-hop verify-availability 192.168.100.2 track 1 [ DOWN ]  force-order

route-map PBR, permit, sequence 40

  Match clauses:

    ip address (access-lists): EndpointB-to-EndpointD

  Set clauses:

    ip next-hop verify-availability 192.168.100.2 track 1 [ DOWN ]

    ip next-hop verify-availability 192.168.200.2 track 2 [ UP ]  force-order

Verify Route-map on DC-CORE-02

Table 37. Route-map verification on DC-CORE-02

DC-CORE-02# show route-map

route-map PBR, permit, sequence 10

  Match clauses:

    ip address (access-lists): EndpointA-to-EndpointC

  Set clauses:

    ip next-hop verify-availability 192.168.100.2 track 1 [ DOWN ]

    ip next-hop verify-availability 192.168.200.2 track 2 [ UP ]  force-order

route-map PBR, permit, sequence 20

  Match clauses:

    ip address (access-lists): EndpointA-to-EndpointD

  Set clauses:

    ip next-hop verify-availability 192.168.200.2 track 2 [ UP ]

    ip next-hop verify-availability 192.168.100.2 track 1 [ DOWN ]  force-order

route-map PBR, permit, sequence 30

  Match clauses:

    ip address (access-lists): EndpointB-to-EndpointC

  Set clauses:

    ip next-hop verify-availability 192.168.200.2 track 2 [ UP ]

    ip next-hop verify-availability 192.168.100.2 track 1 [ DOWN ]  force-order

route-map PBR, permit, sequence 40

  Match clauses:

    ip address (access-lists): EndpointB-to-EndpointD

  Set clauses:

    ip next-hop verify-availability 192.168.100.2 track 1 [ DOWN ]

    ip next-hop verify-availability 192.168.200.2 track 2 [ UP ]  force-order

Verify Route-map on DR-CORE-01

Table 38. Route-map verification on DR-CORE-01

DR-CORE-01# show route-map

route-map PBR, permit, sequence 10

  Match clauses:

    ip address (access-lists): EndpointC-to-EndpointA

  Set clauses:

    ip next-hop verify-availability 192.168.100.1 track 1 [ DOWN ]

    ip next-hop verify-availability 192.168.200.1 track 2 [ UP ]  force-order

route-map PBR, permit, sequence 20

  Match clauses:

    ip address (access-lists): EndpointD-to-EndpointA

  Set clauses:

    ip next-hop verify-availability 192.168.200.1 track 2 [ UP ]

    ip next-hop verify-availability 192.168.100.1 track 1 [ DOWN ]  force-order

route-map PBR, permit, sequence 30

  Match clauses:

    ip address (access-lists): EndpointC-to-EndpointB

  Set clauses:

    ip next-hop verify-availability 192.168.200.1 track 2 [ UP ]

    ip next-hop verify-availability 192.168.100.1 track 1 [ DOWN ]  force-order

route-map PBR, permit, sequence 40

  Match clauses:

    ip address (access-lists): EndpointD-to-EndpointB

  Set clauses:

    ip next-hop verify-availability 192.168.100.1 track 1 [ DOWN ]

    ip next-hop verify-availability 192.168.200.1 track 2 [ UP ]  force-order

Verify Route-map on DR-CORE-02

Table 39. Route-map verification on DC-CORE-02

DR-CORE-02# show route-map

route-map PBR, permit, sequence 10

  Match clauses:

    ip address (access-lists): EndpointC-to-EndpointA

  Set clauses:

    ip next-hop verify-availability 192.168.100.1 track 1 [ DOWN ]

    ip next-hop verify-availability 192.168.200.1 track 2 [ UP ]  force-order

route-map PBR, permit, sequence 20

  Match clauses:

    ip address (access-lists): EndpointD-to-EndpointA

  Set clauses:

    ip next-hop verify-availability 192.168.200.1 track 2 [ UP ]

    ip next-hop verify-availability 192.168.100.1 track 1 [ DOWN ]  force-order

route-map PBR, permit, sequence 30

  Match clauses:

    ip address (access-lists): EndpointC-to-EndpointB

  Set clauses:

    ip next-hop verify-availability 192.168.200.1 track 2 [ UP ]

    ip next-hop verify-availability 192.168.100.1 track 1 [ DOWN ]  force-order

route-map PBR, permit, sequence 40

  Match clauses:

    ip address (access-lists): EndpointD-to-EndpointB

  Set clauses:

    ip next-hop verify-availability 192.168.100.1 track 1 [ DOWN ]

    ip next-hop verify-availability 192.168.200.1 track 2 [ UP ]  force-order

Ping from HostA to HostC

Table 40. Ping from HostA to HostC

PING 192.168.30.10 (192.168.30.10) from 192.168.10.10: 56 data bytes

64 bytes from 192.168.30.10: icmp_seq=0 ttl=252 time=0.923 ms

64 bytes from 192.168.30.10: icmp_seq=1 ttl=252 time=0.563 ms

64 bytes from 192.168.30.10: icmp_seq=2 ttl=252 time=0.591 ms

64 bytes from 192.168.30.10: icmp_seq=3 ttl=252 time=0.585 ms

64 bytes from 192.168.30.10: icmp_seq=4 ttl=252 time=0.447 ms

Traceroute from HostA to HostC

Table 41. Traceroute output from HostA to HostC

traceroute to 192.168.30.10 (192.168.30.10) from 192.168.10.10 (192.168.10.10), 30 hops max, 48 byte packets

1  192.168.50.2 (192.168.50.2)  1.08 ms  0.603 ms  0.559 ms

2  192.168.50.2 (192.168.50.2)  0.385 ms  0.367 ms  0.363 ms

3  * * *

4  192.168.30.10 (192.168.30.10)  1.205 ms  0.597 ms  0.45 ms

Traffic flow from HostA to HostC

Figure 23. Traffic flow from HostA to HostC

rgavandi_7-1726674971143

Ping HostA to HostD

Table 42. Ping from HostA to HostD

PING 192.168.40.10 (192.168.40.10) from 192.168.10.10: 56 data bytes

64 bytes from 192.168.40.10: icmp_seq=0 ttl=252 time=0.893 ms

64 bytes from 192.168.40.10: icmp_seq=1 ttl=252 time=0.459 ms

64 bytes from 192.168.40.10: icmp_seq=2 ttl=252 time=0.421 ms

64 bytes from 192.168.40.10: icmp_seq=3 ttl=252 time=0.582 ms

64 bytes from 192.168.40.10: icmp_seq=4 ttl=252 time=0.588 ms

Traceroute HostA to HostD

Table 43. Traceroute output from HostA to HostD

traceroute to 192.168.40.10 (192.168.40.10) from 192.168.10.10 (192.168.10.10), 30 hops max, 48 byte packets

1  192.168.50.2 (192.168.50.2)  1.012 ms  0.724 ms  0.801 ms

2  192.168.50.2 (192.168.50.2)  0.567 ms  0.4 ms  0.381 ms

3  * * *

4  192.168.40.10 (192.168.40.10)  0.929 ms  0.6 ms  0.466 ms

Traffic flow from HostA to HostD

Figure 24. Traffic flow from HostA to HostD

rgavandi_8-1726675067221

Ping from HostB to HostC

Table 44. Ping from HostB to HostC

PING 192.168.30.10 (192.168.30.10) from 192.168.20.10: 56 data bytes

64 bytes from 192.168.30.10: icmp_seq=0 ttl=252 time=0.899 ms

64 bytes from 192.168.30.10: icmp_seq=1 ttl=252 time=0.496 ms

64 bytes from 192.168.30.10: icmp_seq=2 ttl=252 time=0.511 ms

64 bytes from 192.168.30.10: icmp_seq=3 ttl=252 time=0.447 ms

64 bytes from 192.168.30.10: icmp_seq=4 ttl=252 time=0.58 ms

Traceroute from HostB to HostC

Table 45. Traceroute output from HostB to HostC

traceroute to 192.168.30.10 (192.168.30.10) from 192.168.20.10 (192.168.20.10), 30 hops max, 48 byte packets

1  192.168.50.2 (192.168.50.2)  1.147 ms  0.699 ms  0.525 ms

2  192.168.50.2 (192.168.50.2)  0.443 ms  0.415 ms  0.386 ms

3  * * *

4  192.168.30.10 (192.168.30.10)  0.731 ms  0.506 ms  0.465 ms

Traffic flow from HostB to HostC

Figure 25. Traffic flow from HostB to HostC

rgavandi_9-1726675187047

Ping from HostB to HostD

Table 46. Ping from HostB to HostD

PING 192.168.40.10 (192.168.40.10) from 192.168.20.10: 56 data bytes

64 bytes from 192.168.40.10: icmp_seq=0 ttl=252 time=0.797 ms

64 bytes from 192.168.40.10: icmp_seq=1 ttl=252 time=0.479 ms

64 bytes from 192.168.40.10: icmp_seq=2 ttl=252 time=0.439 ms

64 bytes from 192.168.40.10: icmp_seq=3 ttl=252 time=0.416 ms

64 bytes from 192.168.40.10: icmp_seq=4 ttl=252 time=0.411 ms

Traceroute from HostB to HostD

Table 47. Traceroute output from HostB to HostD

traceroute to 192.168.40.10 (192.168.40.10) from 192.168.20.10 (192.168.20.10), 30 hops max, 48 byte packets

1  192.168.50.2 (192.168.50.2)  1.092 ms  0.706 ms  0.627 ms

2  192.168.50.2 (192.168.50.2)  0.537 ms  0.389 ms  0.378 ms

3  * * *

4  192.168.40.10 (192.168.40.10)  0.939 ms  0.52 ms  0.459 ms

Traffic flow from HostB to HostD

Figure 26. Traffic flow from HostB to HostD

rgavandi_10-1726675246407

No shut ISP-A Link

Table 48. No shut ISP-A Link

DC-CORE-01(config)# int e1/3

DC-CORE-01(config-if)# no shut

DC-CORE-01(config-if)# exit

DC-CORE-01(config)# show int e1/3

Ethernet1/3 is up

admin state is up, Dedicated Interface

  Hardware: 100/1000/10000/25000 Ethernet, address: c4b2.3942.2b67 (bia c4b2.3942.2b6a)

  Internet Address is 192.168.100.1/30

ISP-A Link UP

Figure 27. ISP-A Link UP

rgavandi_11-1726675326624

Shutdown ISP-B Link

Table 49. Shutdown ISP-B Link

DC-CORE-02(config)# int e1/5

DC-CORE-02(config-if)# shut

DC-CORE-02(config-if)# show interface e1/5

Ethernet1/5 is down (Administratively down)

admin state is down, Dedicated Interface

  Hardware: 100/1000/10000/25000 Ethernet, address: 4ce1.7517.03c7 (bia 4ce1.7517.03cc)

  Internet Address is 192.168.200.1/30

ISP-B Link Down

Figure 28. ISP-B Link down

rgavandi_12-1726675414139

Verify track on All the Core Switches after ISP-B Link Down

Table 50. Track output on all the Core Switches. 

DC-CORE-01# show track

Track 1

  IP SLA 1 Reachability

  Reachability is UP

  16 changes, last change 00:02:16

  Latest operation return code: OK

  Latest RTT (millisecs): 1

  Tracked by:

    IPv4 Static Route 1

    Route Map Configuration

  Delay up 1 secs, down 1 secs

Track 2

  IP SLA 2 Reachability

  Reachability is DOWN

  13 changes, last change 00:00:10

  Latest operation return code: Timeout

  Tracked by:

    Route Map Configuration

  Delay up 1 secs, down 1 secs

Verify Route-map on DC-CORE-01

Table 51. Route-map verification on DC-CORE-01

DC-CORE-01# show route-map

route-map PBR, permit, sequence 10

  Match clauses:

    ip address (access-lists): EndpointA-to-EndpointC

  Set clauses:

    ip next-hop verify-availability 192.168.100.2 track 1 [ UP ]

    ip next-hop verify-availability 192.168.200.2 track 2 [ DOWN ]  force-order

route-map PBR, permit, sequence 20

  Match clauses:

    ip address (access-lists): EndpointA-to-EndpointD

  Set clauses:

    ip next-hop verify-availability 192.168.200.2 track 2 [ DOWN ]

    ip next-hop verify-availability 192.168.100.2 track 1 [ UP ]  force-order

route-map PBR, permit, sequence 30

  Match clauses:

    ip address (access-lists): EndpointB-to-EndpointC

  Set clauses:

    ip next-hop verify-availability 192.168.200.2 track 2 [ DOWN ]

    ip next-hop verify-availability 192.168.100.2 track 1 [ UP ]  force-order

route-map PBR, permit, sequence 40

  Match clauses:

    ip address (access-lists): EndpointB-to-EndpointD

  Set clauses:

    ip next-hop verify-availability 192.168.100.2 track 1 [ UP ]

    ip next-hop verify-availability 192.168.200.2 track 2 [ DOWN ]  force-order

Verify Route-map on DC-CORE-02

Table 52. Route-map verification on DC-CORE-02

DC-CORE-02# show route-map

route-map PBR, permit, sequence 10

  Match clauses:

    ip address (access-lists): EndpointA-to-EndpointC

  Set clauses:

    ip next-hop verify-availability 192.168.100.2 track 1 [ UP ]

    ip next-hop verify-availability 192.168.200.2 track 2 [ DOWN ]  force-order

route-map PBR, permit, sequence 20

  Match clauses:

    ip address (access-lists): EndpointA-to-EndpointD

  Set clauses:

    ip next-hop verify-availability 192.168.200.2 track 2 [ DOWN ]

    ip next-hop verify-availability 192.168.100.2 track 1 [ UP ]  force-order

route-map PBR, permit, sequence 30

  Match clauses:

    ip address (access-lists): EndpointB-to-EndpointC

  Set clauses:

    ip next-hop verify-availability 192.168.200.2 track 2 [ DOWN ]

    ip next-hop verify-availability 192.168.100.2 track 1 [ UP ]  force-order

route-map PBR, permit, sequence 40

  Match clauses:

    ip address (access-lists): EndpointB-to-EndpointD

  Set clauses:

    ip next-hop verify-availability 192.168.100.2 track 1 [ UP ]

    ip next-hop verify-availability 192.168.200.2 track 2 [ DOWN ]  force-order

Verify Route-map on DR-CORE-01

Table 53. Route-map verification on DR-CORE-01

DR-CORE-01# show route-map

route-map PBR, permit, sequence 10

  Match clauses:

    ip address (access-lists): EndpointC-to-EndpointA

  Set clauses:

    ip next-hop verify-availability 192.168.100.1 track 1 [ UP ]

    ip next-hop verify-availability 192.168.200.1 track 2 [ DOWN ]  force-order

route-map PBR, permit, sequence 20

  Match clauses:

    ip address (access-lists): EndpointD-to-EndpointA

  Set clauses:

    ip next-hop verify-availability 192.168.200.1 track 2 [ DOWN ]

    ip next-hop verify-availability 192.168.100.1 track 1 [ UP ]  force-order

route-map PBR, permit, sequence 30

  Match clauses:

    ip address (access-lists): EndpointC-to-EndpointB

  Set clauses:

    ip next-hop verify-availability 192.168.200.1 track 2 [ DOWN ]

    ip next-hop verify-availability 192.168.100.1 track 1 [ UP ]  force-order

route-map PBR, permit, sequence 40

  Match clauses:

    ip address (access-lists): EndpointD-to-EndpointB

  Set clauses:

    ip next-hop verify-availability 192.168.100.1 track 1 [ UP ]

    ip next-hop verify-availability 192.168.200.1 track 2 [ DOWN ]  force-order

Verify Route-map on DR-CORE-02

Table 54. Route-map verification on DR-CORE-02

DR-CORE-02# show route-map

route-map PBR, permit, sequence 10

  Match clauses:

    ip address (access-lists): EndpointC-to-EndpointA

  Set clauses:

    ip next-hop verify-availability 192.168.100.1 track 1 [ UP ]

    ip next-hop verify-availability 192.168.200.1 track 2 [ DOWN ]  force-order

route-map PBR, permit, sequence 20

  Match clauses:

    ip address (access-lists): EndpointD-to-EndpointA

  Set clauses:

    ip next-hop verify-availability 192.168.200.1 track 2 [ DOWN ]

    ip next-hop verify-availability 192.168.100.1 track 1 [ UP ]  force-order

route-map PBR, permit, sequence 30

  Match clauses:

    ip address (access-lists): EndpointC-to-EndpointB

  Set clauses:

    ip next-hop verify-availability 192.168.200.1 track 2 [ DOWN ]

    ip next-hop verify-availability 192.168.100.1 track 1 [ UP ]  force-order

route-map PBR, permit, sequence 40

  Match clauses:

    ip address (access-lists): EndpointD-to-EndpointB

  Set clauses:

    ip next-hop verify-availability 192.168.100.1 track 1 [ UP ]

    ip next-hop verify-availability 192.168.200.1 track 2 [ DOWN ]  force-order

Ping from HostA to HostC

Table 55. Ping from HostA to HostC

PING 192.168.30.10 (192.168.30.10) from 192.168.10.10: 56 data bytes

64 bytes from 192.168.30.10: icmp_seq=0 ttl=251 time=1.011 ms

64 bytes from 192.168.30.10: icmp_seq=1 ttl=251 time=0.555 ms

64 bytes from 192.168.30.10: icmp_seq=2 ttl=251 time=0.754 ms

64 bytes from 192.168.30.10: icmp_seq=3 ttl=251 time=0.495 ms

64 bytes from 192.168.30.10: icmp_seq=4 ttl=251 time=0.484 ms

Traceroute from HostA to HostC

Table 56. Tracerout output from HostA to HostC

DR-CORE-01# traceroute 192.168.30.10 source 192.168.10.10 vrf DC-EPA

traceroute to 192.168.30.10 (192.168.30.10) from 192.168.10.10 (192.168.10.10), 30 hops max, 48 byte packets

1  192.168.10.2 (192.168.10.2)  0.684 ms  0.393 ms  0.38 ms

2  * * *

3  192.168.30.10 (192.168.30.10)  1.119 ms  0.547 ms  0.496 ms

Traffic flow from HostA to HostC

Figure 29. Traffic flow from HostA to HostC

rgavandi_0-1726675912799

Ping from HostA to HostD

Table 57. Ping from HostA to HostD

PING 192.168.40.10 (192.168.40.10) from 192.168.10.10: 56 data bytes

64 bytes from 192.168.40.10: icmp_seq=0 ttl=251 time=0.785 ms

64 bytes from 192.168.40.10: icmp_seq=1 ttl=251 time=0.606 ms

64 bytes from 192.168.40.10: icmp_seq=2 ttl=251 time=0.43 ms

64 bytes from 192.168.40.10: icmp_seq=3 ttl=251 time=0.549 ms

64 bytes from 192.168.40.10: icmp_seq=4 ttl=251 time=0.538 ms

Traceroute from HostA to HostD

Table 58. Tracerout output from HostA to HostD

traceroute to 192.168.40.10 (192.168.40.10) from 192.168.10.10 (192.168.10.10), 30 hops max, 48 byte packets

1  192.168.10.2 (192.168.10.2)  0.746 ms  0.486 ms  0.395 ms

2  * * *

3  192.168.40.10 (192.168.40.10)  0.994 ms  0.537 ms  0.569 ms

Traffic flow from HostA to HostD

Figure 30. Traffic flow from HostA to HostD

rgavandi_1-1726675934377

Ping from HostB to HostC

Table 59. Ping from HostA to HostD

PING 192.168.30.10 (192.168.30.10) from 192.168.20.10: 56 data bytes

64 bytes from 192.168.30.10: icmp_seq=0 ttl=251 time=0.928 ms

64 bytes from 192.168.30.10: icmp_seq=1 ttl=251 time=0.539 ms

64 bytes from 192.168.30.10: icmp_seq=2 ttl=251 time=0.456 ms

64 bytes from 192.168.30.10: icmp_seq=3 ttl=251 time=0.441 ms

64 bytes from 192.168.30.10: icmp_seq=4 ttl=251 time=0.548 ms

Traceroute from HostB to HostC

Table 60. Tracerout output from HostB to HostC

traceroute to 192.168.30.10 (192.168.30.10) from 192.168.20.10 (192.168.20.10), 30 hops max, 48 byte packets

1  192.168.20.2 (192.168.20.2)  0.764 ms  0.463 ms  0.482 ms

2  * * *

3  192.168.30.10 (192.168.30.10)  0.979 ms  0.697 ms  0.578 ms

Traffic flow from HostB to HostC

Figure 31. Traffic flow from HostB to HostC

rgavandi_2-1726675962184

Ping from HostB to HostD

Table 61. Ping from HostA to HostD

PING 192.168.40.10 (192.168.40.10) from 192.168.20.10: 56 data bytes

64 bytes from 192.168.40.10: icmp_seq=0 ttl=251 time=0.859 ms

64 bytes from 192.168.40.10: icmp_seq=1 ttl=251 time=0.623 ms

64 bytes from 192.168.40.10: icmp_seq=2 ttl=251 time=0.637 ms

64 bytes from 192.168.40.10: icmp_seq=3 ttl=251 time=0.449 ms

64 bytes from 192.168.40.10: icmp_seq=4 ttl=251 time=0.446 ms

Traceroute from HostB to HostD

Table 62. Tracerout output from HostB to HostC

traceroute to 192.168.40.10 (192.168.40.10) from 192.168.20.10 (192.168.20.10), 30 hops max, 48 byte packets

1  192.168.20.2 (192.168.20.2)  0.783 ms  0.446 ms  0.4 ms

2  * * *

3  192.168.40.10 (192.168.40.10)  1.216 ms  0.559 ms  0.504 ms

Traffic flow from HostB to HostD

Figure 32. Traffic flow from HostB to HostD

rgavandi_3-1726675985722

Revision History

Revision Publish Date Comments
1.0
07-Oct-2024
Initial Release

Contributed by

  • Rajkumar Gavandi

Was this Document Helpful?

FeedbackFeedback

Contact Cisco

This Document Applies to These Products