I'm just dipping my toes into PBR so bear with me here.
Essentially, I am tying to route traffic from one remote office, through a data center (via a dedicated DS3 link)and out to the internet from there. I'm hopeful that the configs below will work and I also have questions about if they are all needed or not.
-needs to use 255.255.1.18 for 184.108.40.206 /22 traffic
-needs to use 255.255.1.1 for remote office traffic
-needs to use 220.127.116.11 for all other traffic
traffic from 18.104.22.168 /22
-needs to get to 22.214.171.124 /22
-needs to use 255.255.1.1 for all other traffic
Create access-lits for route-map
access-list 120 remark [Office-LAN to ANY]
access-list 120 permit ip 126.96.36.199 255.255.252.0 any
access-list 121 remark [Office-LAN to Data Center-LAN]
access-list 121 permit ip 188.8.131.52 255.255.252.0 184.108.40.206 255.255.252.0
route-map DS3_MAP permit 10
description [DS3 - Office-LAN to Data Center-LAN]
match ip address 121
set ip next-hop 255.255.2.1
route-map DS3_MAP permit 20
description [DS3 - Office-LAN to ANY]
match ip address 120
set ip next-hop 255.255.1.1
Log into interface and add route-map
ip policy route-map DS3_MAP
My questions are:
1) Do I need a route map for the 220.127.116.11/22 to 18.104.22.168/22 traffic or will the switches routing table handle that?
2) Where is the best place to put the route-map, on the interface for the DS3 router or on the VLAN that the DS3 router sits in (there will never be anything else in this VLAN).
3) Should I also create a route-map for the 22.214.171.124 VLAN or can I allow the routing table on the switch to handle this (I was planning on creating a 0.0.0.0 route to 126.96.36.199 on the switch)
I've uploaded a pdf of my design to hopefully help explain things clearly.
I appreciate any thoughts/comments that you can provide, I'be been going back and forth on where I should place the route-map and if I actually need one for the 188.8.131.52/22 to 184.108.40.206/22 traffic.