[40939] in North American Network Operators' Group
Re: Policy routing
daemon@ATHENA.MIT.EDU (Hank Nussbacher)
Sun Aug 26 06:41:51 2001
Message-Id: <4.3.2.7.2.20010826133741.00af9c90@max.att.net.il>
Date: Sun, 26 Aug 2001 13:40:06 +0200
To: nanog@merit.edu
From: Hank Nussbacher <hank@att.net.il>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Errors-To: owner-nanog-outgoing@merit.edu
>The only feasible solution that I've been able to come
>up with is to stick customer X directly on the router
>that peers with NSP-A and employ the use of policy
>routing, which would enable me to set the next hop for
>company X's traffic to the peering address on NSP-A.
>
>Our NSP-A peering router is a Cisco 12016, running IOS
>12.0(16)S2 and it has 256MB of DRAM.
>
>Additionally, it is configured with NetFlow and dCEF
>switching.
>
>I've never employed policy routing in this type of
>environment and I am concerned about the overhead that
>it might place on the router or on the traffic
>traversing the interface.
We have found that at least one version of IOS (12.0(18)S) will policy
route more than you expect. When running tests in our QA lab we found that
this version with policy routing and dCEF would redirect packets NOT
permitted in the acl. I suggest you check your netflow records to make
sure that policy routing works correctly on your version.
-Hank Nussbacher
Consultant
Wanwall Ltd.
>Jeff
>
>catesjl9394@yahoo.com
