Policy routing

Hank Nussbacher hank at att.net.il
Sun Aug 26 11:40:06 UTC 2001



>The only feasible solution that I've been able to come
>up with is to stick customer X directly on the router
>that peers with NSP-A and employ the use of policy
>routing, which would enable me to set the next hop for
>company X's traffic to the peering address on NSP-A.
>
>Our NSP-A peering router is a Cisco 12016, running IOS
>12.0(16)S2 and it has 256MB of DRAM.
>
>Additionally, it is configured with NetFlow and dCEF
>switching.
>
>I've never employed policy routing in this type of
>environment and I am concerned about the overhead that
>it might place on the router or on the traffic
>traversing the interface.


We have found that at least one version of IOS (12.0(18)S) will policy 
route more than you expect.  When running tests in our QA lab we found that 
this version with policy routing and dCEF would redirect packets NOT 
permitted in the acl.  I suggest you check your netflow records to make 
sure that policy routing works correctly on your version.

-Hank Nussbacher
Consultant
Wanwall Ltd.



>Jeff
>
>catesjl9394 at yahoo.com




More information about the NANOG mailing list