traffic of vlans to internet

Answered Question
Aug 3rd, 2009
User Badges:

Hi

i have 5 vlans configured and two links to internet (172.17.6.254 and 172.17.6.253) i need that vlan 2 and 3 go to internet through 172.17.6.254 and vlan 4 and 5 through 172.17.6.253 how can i do this?

Correct Answer by Jon Marshall about 7 years 9 months ago

Eduardo


Policy Based Routing will do this.


vlan 2 = 192.168.5.0/24

vlan 3 = 192.168.6.0/24


vlan 4 = 192.168.7.0/24

vlan 5 = 192.168.8.0/24


access-list 101 deny ip 192.168.5.0 0.0.0.255 192.168.6.0 0.0.0.255

access-list 101 deny ip 192.168.5.0 0.0.0.255 192.168.7.0 0.0.0.255

access-list 101 deny ip 192.168.5.0 0.0.0.255 192.168.8.0 0.0.0.255

access-list 101 deny ip 192.168.6.0 0.0.0.255 192.168.5.0 0.0.0.255

access-list 101 deny ip 192.168.6.0 0.0.0.255 192.168.7.0 0.0.0.255

access-list 101 deny ip 192.168.6.0 0.0.0.255 192.168.8.0 0.0.0.255

access-list 101 permit ip 192.168.5.0 0.0.0.255 any

access-list 101 permit ip 192.168.6.0 0.0.0.255 any


access-list 102 deny ip 192.168.7.0 0.0.0.255 192.168.5.0 0.0.0.255

access-list 102 deny ip 192.168.7.0 0.0.0.255 192.168.6.0 0.0.0.255

access-list 102 deny ip 192.168.7.0 0.0.0.255 192.168.8.0 0.0.0.255

access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.5.0 0.0.0.255

access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.6.0 0.0.0.255

access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.7.0 0.0.0.255

access-list 102 permit ip 192.168.7.0 0.0.0.255 any

access-list 102 permit ip 192.168.8.0 0.0.0.255 any


route-map PBR permit 10

match ip address 101

set ip next-hop 172.17.6.254


route-map PBR permit 20

match ip address 102

set ip next-hop 172.17.6.253


int vlan 2

ip policy route-map PBR


int vlan 3

ip policy route-map PBR


int vlan 4

ip policy route-map PBR


int vlan 5

ip policy route-map PBR



Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Jon Marshall Mon, 08/03/2009 - 09:36
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Eduardo


Policy Based Routing will do this.


vlan 2 = 192.168.5.0/24

vlan 3 = 192.168.6.0/24


vlan 4 = 192.168.7.0/24

vlan 5 = 192.168.8.0/24


access-list 101 deny ip 192.168.5.0 0.0.0.255 192.168.6.0 0.0.0.255

access-list 101 deny ip 192.168.5.0 0.0.0.255 192.168.7.0 0.0.0.255

access-list 101 deny ip 192.168.5.0 0.0.0.255 192.168.8.0 0.0.0.255

access-list 101 deny ip 192.168.6.0 0.0.0.255 192.168.5.0 0.0.0.255

access-list 101 deny ip 192.168.6.0 0.0.0.255 192.168.7.0 0.0.0.255

access-list 101 deny ip 192.168.6.0 0.0.0.255 192.168.8.0 0.0.0.255

access-list 101 permit ip 192.168.5.0 0.0.0.255 any

access-list 101 permit ip 192.168.6.0 0.0.0.255 any


access-list 102 deny ip 192.168.7.0 0.0.0.255 192.168.5.0 0.0.0.255

access-list 102 deny ip 192.168.7.0 0.0.0.255 192.168.6.0 0.0.0.255

access-list 102 deny ip 192.168.7.0 0.0.0.255 192.168.8.0 0.0.0.255

access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.5.0 0.0.0.255

access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.6.0 0.0.0.255

access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.7.0 0.0.0.255

access-list 102 permit ip 192.168.7.0 0.0.0.255 any

access-list 102 permit ip 192.168.8.0 0.0.0.255 any


route-map PBR permit 10

match ip address 101

set ip next-hop 172.17.6.254


route-map PBR permit 20

match ip address 102

set ip next-hop 172.17.6.253


int vlan 2

ip policy route-map PBR


int vlan 3

ip policy route-map PBR


int vlan 4

ip policy route-map PBR


int vlan 5

ip policy route-map PBR



Jon

Actions

This Discussion