Objective:
=========
1. All http traffic from R2 to R5 should go through R1
2. All telnet traffic from R2 to R5 should go through R3
3. Rest of the traffic should loadbalance between R1 and R3.
Config:
=====
On R2
R2#sh access-lists
Extended IP access list TELNET
10 permit 23 any 45.45.45.0 0.0.0.255
R2#sh route-map
route-map PBR, permit, sequence 10
Match clauses:
ip address (access-lists): TELNET
Set clauses:
ip next-hop 23.23.23.2
Policy routing matches: 0 packets, 0 bytes
!
interface Serial0/0
description R2 to R1
ip address 12.12.12.2 255.255.255.252
ip policy route-map PBR
clock rate 2000000
end
!
interface Serial0/1
description R2 to R3
ip address 23.23.23.1 255.255.255.252
ip policy route-map PBR
shutdown
clock rate 2000000
end
Problem:
======
When I telnet from R2 to R5 it connects. Then to test the route map I shut the se1/0 on R2 which goes to R3. So as per the policy the telnet should not work as the next hop is disabled but I am still able to telnet!! See output below:
R2(config)#do telnet 45.45.45.2
Trying 45.45.45.2 ... Open
User Access Verification
Password:
R5>exit
[Connection to 45.45.45.2 closed by foreign host]
R2(config)#int se1/0
R2(config-if)#shut ! I have shut the port!
R2(config-if)#do telnet 45.45.45.2
Trying 45.45.45.2 ... Open
User Access Verification
Password:
R5>exit ! It still connect!!!!
[Connection to 45.45.45.2 closed by foreign host]
No comments:
Post a Comment