traffic of vlans to internet

Answered Question
Aug 3rd, 2009

Hi

i have 5 vlans configured and two links to internet (172.17.6.254 and 172.17.6.253) i need that vlan 2 and 3 go to internet through 172.17.6.254 and vlan 4 and 5 through 172.17.6.253 how can i do this?

I have this problem too.
0 votes
Correct Answer by Jon Marshall about 7 years 5 months ago

Eduardo

Policy Based Routing will do this.

vlan 2 = 192.168.5.0/24

vlan 3 = 192.168.6.0/24

vlan 4 = 192.168.7.0/24

vlan 5 = 192.168.8.0/24

access-list 101 deny ip 192.168.5.0 0.0.0.255 192.168.6.0 0.0.0.255

access-list 101 deny ip 192.168.5.0 0.0.0.255 192.168.7.0 0.0.0.255

access-list 101 deny ip 192.168.5.0 0.0.0.255 192.168.8.0 0.0.0.255

access-list 101 deny ip 192.168.6.0 0.0.0.255 192.168.5.0 0.0.0.255

access-list 101 deny ip 192.168.6.0 0.0.0.255 192.168.7.0 0.0.0.255

access-list 101 deny ip 192.168.6.0 0.0.0.255 192.168.8.0 0.0.0.255

access-list 101 permit ip 192.168.5.0 0.0.0.255 any

access-list 101 permit ip 192.168.6.0 0.0.0.255 any

access-list 102 deny ip 192.168.7.0 0.0.0.255 192.168.5.0 0.0.0.255

access-list 102 deny ip 192.168.7.0 0.0.0.255 192.168.6.0 0.0.0.255

access-list 102 deny ip 192.168.7.0 0.0.0.255 192.168.8.0 0.0.0.255

access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.5.0 0.0.0.255

access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.6.0 0.0.0.255

access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.7.0 0.0.0.255

access-list 102 permit ip 192.168.7.0 0.0.0.255 any

access-list 102 permit ip 192.168.8.0 0.0.0.255 any

route-map PBR permit 10

match ip address 101

set ip next-hop 172.17.6.254

route-map PBR permit 20

match ip address 102

set ip next-hop 172.17.6.253

int vlan 2

ip policy route-map PBR

int vlan 3

ip policy route-map PBR

int vlan 4

ip policy route-map PBR

int vlan 5

ip policy route-map PBR

Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Jon Marshall Mon, 08/03/2009 - 09:36

Eduardo

Policy Based Routing will do this.

vlan 2 = 192.168.5.0/24

vlan 3 = 192.168.6.0/24

vlan 4 = 192.168.7.0/24

vlan 5 = 192.168.8.0/24

access-list 101 deny ip 192.168.5.0 0.0.0.255 192.168.6.0 0.0.0.255

access-list 101 deny ip 192.168.5.0 0.0.0.255 192.168.7.0 0.0.0.255

access-list 101 deny ip 192.168.5.0 0.0.0.255 192.168.8.0 0.0.0.255

access-list 101 deny ip 192.168.6.0 0.0.0.255 192.168.5.0 0.0.0.255

access-list 101 deny ip 192.168.6.0 0.0.0.255 192.168.7.0 0.0.0.255

access-list 101 deny ip 192.168.6.0 0.0.0.255 192.168.8.0 0.0.0.255

access-list 101 permit ip 192.168.5.0 0.0.0.255 any

access-list 101 permit ip 192.168.6.0 0.0.0.255 any

access-list 102 deny ip 192.168.7.0 0.0.0.255 192.168.5.0 0.0.0.255

access-list 102 deny ip 192.168.7.0 0.0.0.255 192.168.6.0 0.0.0.255

access-list 102 deny ip 192.168.7.0 0.0.0.255 192.168.8.0 0.0.0.255

access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.5.0 0.0.0.255

access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.6.0 0.0.0.255

access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.7.0 0.0.0.255

access-list 102 permit ip 192.168.7.0 0.0.0.255 any

access-list 102 permit ip 192.168.8.0 0.0.0.255 any

route-map PBR permit 10

match ip address 101

set ip next-hop 172.17.6.254

route-map PBR permit 20

match ip address 102

set ip next-hop 172.17.6.253

int vlan 2

ip policy route-map PBR

int vlan 3

ip policy route-map PBR

int vlan 4

ip policy route-map PBR

int vlan 5

ip policy route-map PBR

Jon

Actions

This Discussion