Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
491
Views
0
Helpful
4
Replies

route-map on 3560g

cvf-reg2cis
Level 1
Level 1

‎09-06-2007 05:45 AM - edited ‎03-05-2019 06:18 PM

Hello,

I am trying to isolate a vlan interface in order to dedicate it for management.

I tried to isolate it (at layer 3) using route-map :

my admin net is 1.0.0.0/24 (int vlan 945)

my operation net is 2.0.0.0/24 (int vlan 8)

ip access-list standard allow_1_0_0_0

permit 1.0.0.0 0.0.0.255

deny any

exit

ip access-list standard allow_all

permit any

exit

route-map deny_routing_to_1_0_0_0 deny

match ip address allow_1_0_0_0

set interface Null 0

exit

route-map deny_routing_to_anywhere deny

match ip address allow_all

set interface Null 0

exit

int Vlan945

ip address 1.0.0.2 255.255.255.0

ip policy route-map deny_routing_to_anywhere

int Vlan8

ip address 2.0.0.2 255.255.255.0

ip policy route-map deny_routing_to_1_0_0_0

It seems pretty clean to me (cleaner than using ACLs ?), put the problem is that "set interface 0" is not supported on the 3560g.

I tried using a loopback with an ip in the range 127.0.0.0, and using set ip next-hop but that's not possible either.

Is it possible to do what I am tring to do without using ACLs directly in an vlan interface ?

Thanks

Best regards

Guillaume

Labels:
0 Helpful
4 Replies 4

mohammedmahmoud
Level 11
Level 11

‎09-06-2007 05:58 AM

Hi Guillaume,

Can you please configure "sdm prefer routing".

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat3560/12237se/scg/swsdm.htm

HTH,

Mohammed Mahmoud.

0 Helpful

cvf-reg2cis
Level 1
Level 1
In response to mohammedmahmoud

‎09-06-2007 06:03 AM

Thanks Mohammed.

Indeed, I did configure "sdm prefer routing".

But it did not solve my question.

Guillaume

0 Helpful

mohammedmahmoud
Level 11
Level 11
In response to cvf-reg2cis

‎09-06-2007 06:08 AM

hi Guillaume,

After configuring it, you need to reload the switch.

HTH,

Mohammed Mahmoud.

0 Helpful

cvf-reg2cis
Level 1
Level 1
In response to mohammedmahmoud

‎09-06-2007 06:32 AM

Thanks Mohammed, I already did reboot the switch after inputing the command.

#sh sdm prefer

The current template is "desktop routing" template.

The selected template optimizes the resources in

the switch to support this level of features for

8 routed interfaces and 1024 VLANs.

number of unicast mac addresses: 3K

number of IPv4 IGMP groups + multicast routes: 1K

number of IPv4 unicast routes: 11K

number of directly-connected IPv4 hosts: 3K

number of indirect IPv4 routes: 8K

number of IPv4 policy based routing aces: 512

number of IPv4/MAC qos aces: 512

number of IPv4/MAC security aces: 1K

Guillaume

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card