What is "prefered source" equivalent on cisco?

mohsen1981 · October 21, 2010, 10:11am

In our network we use private IPs to route public IPs to our clients.

for example we set 172.16.16.1 on ISP router and 172.16.16.2 on clients router.
then we route 80.x.x.x/24 to 172.16.16.2 and on clients router set dafault route to 172.16.16.1 and prefered source to 80.x.x.1

this way everything works fine(on mikrotik).

But i cannot find “prefered source” on cisco. what if the client router is cisco?
the network behind cisco works. but the cisco itself cannot ping outside world cuz it uses default route ip (172.16.16.2) as source ip. how can i config cisco to use 80.x.x.1 as source ip to talk to the world?
any help?

fewi · October 21, 2010, 12:19pm

A) why do you need that? It doesn’t affect routing, only control plane traffic from the router. AFAIK you can’t set it globally.
B) use the source address parameter when pinging
C) that’s a Cisco question, not a Mikrotik question

mohsen1981 · December 1, 2010, 2:31pm

yes you can use source address for pinging…
but for example you cannot telnet to other devices from this router. in other words the router itself does not have internet access
any help…?

vik1988 · December 1, 2010, 2:43pm

Hi,

You can use routing policy/route MAP.

And if you only wants to telnet then you can also use the source with IP.

fewi · December 1, 2010, 2:50pm

Maybe try NAT - if I remember IOS NAT packet flow right then traffic that goes into an interface marked as NAT inside and leaves through an interface marked as NAT outside gets NAT’d, but all control plane traffic is eligible, too, without having to be sourced from a zone configured as inside. So you would label your privately addressed interface as “ip nat outside”, not configure an “ip nat inside” interface at all so as not to interfere with any traffic behind other interfaces, create an ACL that only matches the network between the two routers, and PAT to an IP address chosen for that purpose. You might even get away with overloading the interface that carries the public IP since at that point it’s acting much like a loopback interface for NAT purposes, but that may not work.

Again, though: that is a Cisco IOS question, and this is a RouterOS forum.

Edit: thinking about it you could also NAT the IOS router’s traffic on the Mikrotik router with a simple source NAT rule for all traffic sourced from the network that connects the two routers.

blake · December 1, 2010, 10:07pm

AFAIK there’s no equivalent to ‘preferred-source’, although you can ping from a different source address. The command syntax is different depending on the IOS version.

IOS 12.4

ping 192.0.2.1 source 80.x.x.1

IOS 12.1

switch1#ping
Protocol [ip]: 
Target IP address: 192.0.2.1
Repeat count [5]: 
Datagram size [100]: 
Timeout in seconds [2]: 
Extended commands [n]: y
Source address or interface: 8.x.x.1
Type of service [0]: 
Set DF bit in IP header? [no]: 
Validate reply data? [no]: 
Data pattern [0xABCD]: 
Loose, Strict, Record, Timestamp, Verbose[none]: 
Sweep range of sizes [n]: 
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.0.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/4 ms
switch1#