Help in implementing PBR/Route-maps default route to 2nd ISP remote site

Unanswered Question
May 2nd, 2007
User Badges:
  • Green, 3000 points or more


I am trying to create a route-map to have a specific VLAN in our 6509-Rter to default route and use

outbound internet through MCI ISP. Internal routing is OSPF, the 6509Rter gateway of last resort is

out through ISPQwest, we have a 100 MB wan link between the 6509-Rter, on the 6506Rter I made its default

route to go out the ISPMCI. On the PIX I have created the nessesary access-list and PAT for outbound connections.

The reason I would want to route the especific VLAN on the 6509Rter is because our T1 to the internet from the

Qwest side has been bursting so internet is very slow, on the MCI side we have unlimited internet bandwidth

and until we upgrade the internet T1 I need to accomodate critical outbound traffic for some systems retreaving

time sensitive market data information from the internet.

Could someone give me some examples .

This is the tolopogy :

Internal Routing is OSPF and default route is out through Qwest.

On the 6506Rter its default route is statically given to go out the MCI ISP





On the 6509Rter I have created the route map for a test subnet but it did not work, what did I missed?


interface vlan22

ip address

ip policy route-map cadlab-traffic

access-list 100 permit ip host

route-map cadlab-traffic permit 10

match ip address 1

set ip default next-hop



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
bjornarsb Wed, 05/02/2007 - 07:35
User Badges:
  • Bronze, 100 points or more


As far as I can see you should have :

match ip add 100, not 1 ?



JORGE RODRIGUEZ Thu, 05/03/2007 - 07:39
User Badges:
  • Green, 3000 points or more

Hey bjornarsb, thanks for your imput.. I did corrected your observations but still I was having issues yesterday not being able to re-route www traffic out to the other ISP, until this morning when I try adding a host on the the access list. I ended up creating a whole new script and it worked.

I have placed the basic topology diagram so that I can share with others the solution.

The new script I created was the following:

On the BOSTON Core-6509:

interface Vlan23

description TEST_Segment_10.169.100.0/2

ip address

no ip redirects

no ip proxy-arp

ip policy route-map cadlab-traffic

standby 23 ip

standby 23 priority 20

standby 23 preempt

standby 23 authentication msfc_v23

standby 23 name TEST_Segment

access-list 1 permit

access-list 1 permit

access-list 1 permit ( Added )

route-map cadlab-traffic permit 10

match ip address 1

set ip next-hop


So basically I added the PCs-IP in acl 1 and all wwww traffic redirected to COLO-site ISP-2



bjornarsb Thu, 05/03/2007 - 12:32
User Badges:
  • Bronze, 100 points or more

Hi again,

That was good news!

Please rate if the exa. I posted helped you

identifing you problem.




This Discussion