Grouping multiple /32 Static Routes

Unanswered Question
Mar 12th, 2007

Hi,

I am in a typical situation, here is a sample of static routes from my 4506 switch.

ip route 10.1.20.216 255.255.255.255 10.4.8.250

ip route 10.1.20.236 255.255.255.255 10.4.8.250

ip route 10.1.20.250 255.255.255.255 10.4.8.250

ip route 10.1.20.252 255.255.255.255 10.4.8.250

ip route 10.2.0.101 255.255.255.255 10.4.8.250

ip route 10.2.1.43 255.255.255.255 10.4.8.250

ip route 10.2.1.44 255.255.255.255 10.4.8.250

ip route 10.2.1.55 255.255.255.255 10.4.8.250

ip route 10.2.1.56 255.255.255.248 10.4.8.250

ip route 10.2.1.65 255.255.255.255 10.4.8.250

ip route 10.2.1.66 255.255.255.255 10.4.8.250

ip route 10.2.2.55 255.255.255.255 10.4.8.250

ip route 10.2.2.56 255.255.255.248 10.4.8.250

My question is, do we have any feature (like object-grouping for ACLs) where in I can group all the multiple static routes on my switch into a group and add just one route with that group something similar to object grouping for ACL.

Thanks in advance.

Regards

Salim

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
sundar.palaniappan Mon, 03/12/2007 - 13:21

Salim,

I am not aware of any feature, like object-grouping for ACL, that would allow you to group some routes in the IOS.

If your goal is to shrink the routing table then you can summarize the routes with the most efficient mask possible. This is certainly possible in your case as the next hop for all those host routes is the same one. Moreover, this would require you to configure fewer routes and limit the amount of configuration required.

For example, the 13 host routes in your posting can be summarized to 5 as follows. Though, it does allow other some traffic to be forwarded to the next hop it would, at the least, shrink the the routing table to some extent to make it more easily readable.

ip route 10.1.20.192 255.255.255.192 10.4.8.250

ip route 10.2.0.101 255.255.255.255 10.4.8.250

ip route 10.2.1.0 255.255.255.192 10.4.8.250

ip route 10.2.1.64 255.255.255.252 10.4.8.250

ip route 10.2.2.48 255.255.255.248 10.4.8.250

HTH

Sundar

salimsurani Mon, 03/12/2007 - 13:32

Hi Sundar,

Thanks for the suggestion, my problem is we have multiple VPNs getting terminated on multiple firewalls, basically we have multiple clients and each client has got its own VPN. now the problem is there are few overlapping subnet if i do route summarization, that is the reason why we have multiple static routes.

put in other words, 10.1.20.216 is used on one VPN and 10.1.20.219 is used on other vpn which is not listed in the above sample, i have sorted out the sample to show all destinations going on one pix.

Will policy based routing help in this scenarios?

thanks again

Regards

Salim

sundar.palaniappan Mon, 03/12/2007 - 13:59

Salim,

Ahh I see. Yes, PBR should be suitable for your scenario. You can configure the route map something similar to this one;

route-map VPN permit 10

match address 100

set ip next-hop 10.4.8.250

route-map VPN permit 20

match ip address 101

set ip next-hop 10.4.9.250

access-list 100 permit ip any 10.1.20.216

access-list 101 permit ip any 10.1.20.219

HTH

Sundar

Actions

This Discussion