route-map / next-hop

Unanswered Question
Jul 12th, 2008
User Badges:

I have an example as shown in the attachment.

Host must route to RTR-1 as primary route and the rest of the traffic will be thru RTR-2. I made this possible already by putting the route-map/next-hop on RTR-1 which is okay.

But if you'll notice, the routes is awkward because host will route to RTR-2 ( first and back to

Is there any way that host will go directly to I am trying to put the PBR statement on the inside-sw1 but it still passing to RTR-2.

the traceroute to looks like this: (HSRP VIP)

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
dhananjoy chowdhury Sat, 07/12/2008 - 23:44
User Badges:
  • Silver, 250 points or more

You can try using a PBR at the interface with IP of the firewall (interface towards RTR-1) to route all traffic from to the ip. Similarly, for the reverse route, you may put routing information of the host only ip ( subnet mask) and then route the entire subnet separately

purohit_810 Sat, 07/12/2008 - 23:45
User Badges:
  • Silver, 250 points or more

What about if you put default route at as a

" Drawing doesn't shows, so i consider as a "


Dharmesh Purohit

a.alekseev Sun, 07/13/2008 - 09:29
User Badges:
  • Gold, 750 points or more

your traffic is going through firewall,

but you cannot do PBR on the firewall.

so RTR2 is the first hop, where you can do it.


Gerard Gacusan Sun, 07/13/2008 - 11:39
User Badges:

looks like PBR on the firewall is not an option and i tried that too.

bmcginn Sun, 07/13/2008 - 19:45
User Badges:
  • Bronze, 100 points or more

I don't think you can have traffic with source address go directly to (through unless you send all traffic to Firewalls don't support PBR (at least they don't that I know of) so you won't be able to route to from based on source address.

Have you thought about replacing the two layer 2 switches with layer 3 devices that can do PBR?

Gerard Gacusan Mon, 07/14/2008 - 06:10
User Badges:

Is that the outside L2 switches you're referring to? Yeah, that is what i'm thinking...


This Discussion