route-map on 3560g

Unanswered Question
Sep 6th, 2007
User Badges:


I am trying to isolate a vlan interface in order to dedicate it for management.

I tried to isolate it (at layer 3) using route-map :

my admin net is (int vlan 945)

my operation net is (int vlan 8)

ip access-list standard allow_1_0_0_0


deny any


ip access-list standard allow_all

permit any


route-map deny_routing_to_1_0_0_0 deny

match ip address allow_1_0_0_0

set interface Null 0


route-map deny_routing_to_anywhere deny

match ip address allow_all

set interface Null 0


int Vlan945

ip address

ip policy route-map deny_routing_to_anywhere

int Vlan8

ip address

ip policy route-map deny_routing_to_1_0_0_0

It seems pretty clean to me (cleaner than using ACLs ?), put the problem is that "set interface 0" is not supported on the 3560g.

I tried using a loopback with an ip in the range, and using set ip next-hop but that's not possible either.

Is it possible to do what I am tring to do without using ACLs directly in an vlan interface ?


Best regards


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
cvf-reg2cis Thu, 09/06/2007 - 06:03
User Badges:

Thanks Mohammed.

Indeed, I did configure "sdm prefer routing".

But it did not solve my question.


mohammedmahmoud Thu, 09/06/2007 - 06:08
User Badges:
  • Green, 3000 points or more

hi Guillaume,

After configuring it, you need to reload the switch.


Mohammed Mahmoud.

cvf-reg2cis Thu, 09/06/2007 - 06:32
User Badges:

Thanks Mohammed, I already did reboot the switch after inputing the command.

#sh sdm prefer

The current template is "desktop routing" template.

The selected template optimizes the resources in

the switch to support this level of features for

8 routed interfaces and 1024 VLANs.

number of unicast mac addresses: 3K

number of IPv4 IGMP groups + multicast routes: 1K

number of IPv4 unicast routes: 11K

number of directly-connected IPv4 hosts: 3K

number of indirect IPv4 routes: 8K

number of IPv4 policy based routing aces: 512

number of IPv4/MAC qos aces: 512

number of IPv4/MAC security aces: 1K



This Discussion