cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
316
Views
0
Helpful
2
Replies

traffic of vlans to internet

erodrig
Level 1
Level 1

Hi

i have 5 vlans configured and two links to internet (172.17.6.254 and 172.17.6.253) i need that vlan 2 and 3 go to internet through 172.17.6.254 and vlan 4 and 5 through 172.17.6.253 how can i do this?

1 Accepted Solution

Accepted Solutions

Jon Marshall
Hall of Fame
Hall of Fame

Eduardo

Policy Based Routing will do this.

vlan 2 = 192.168.5.0/24

vlan 3 = 192.168.6.0/24

vlan 4 = 192.168.7.0/24

vlan 5 = 192.168.8.0/24

access-list 101 deny ip 192.168.5.0 0.0.0.255 192.168.6.0 0.0.0.255

access-list 101 deny ip 192.168.5.0 0.0.0.255 192.168.7.0 0.0.0.255

access-list 101 deny ip 192.168.5.0 0.0.0.255 192.168.8.0 0.0.0.255

access-list 101 deny ip 192.168.6.0 0.0.0.255 192.168.5.0 0.0.0.255

access-list 101 deny ip 192.168.6.0 0.0.0.255 192.168.7.0 0.0.0.255

access-list 101 deny ip 192.168.6.0 0.0.0.255 192.168.8.0 0.0.0.255

access-list 101 permit ip 192.168.5.0 0.0.0.255 any

access-list 101 permit ip 192.168.6.0 0.0.0.255 any

access-list 102 deny ip 192.168.7.0 0.0.0.255 192.168.5.0 0.0.0.255

access-list 102 deny ip 192.168.7.0 0.0.0.255 192.168.6.0 0.0.0.255

access-list 102 deny ip 192.168.7.0 0.0.0.255 192.168.8.0 0.0.0.255

access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.5.0 0.0.0.255

access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.6.0 0.0.0.255

access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.7.0 0.0.0.255

access-list 102 permit ip 192.168.7.0 0.0.0.255 any

access-list 102 permit ip 192.168.8.0 0.0.0.255 any

route-map PBR permit 10

match ip address 101

set ip next-hop 172.17.6.254

route-map PBR permit 20

match ip address 102

set ip next-hop 172.17.6.253

int vlan 2

ip policy route-map PBR

int vlan 3

ip policy route-map PBR

int vlan 4

ip policy route-map PBR

int vlan 5

ip policy route-map PBR

Jon

View solution in original post

2 Replies 2

Jon Marshall
Hall of Fame
Hall of Fame

Eduardo

Policy Based Routing will do this.

vlan 2 = 192.168.5.0/24

vlan 3 = 192.168.6.0/24

vlan 4 = 192.168.7.0/24

vlan 5 = 192.168.8.0/24

access-list 101 deny ip 192.168.5.0 0.0.0.255 192.168.6.0 0.0.0.255

access-list 101 deny ip 192.168.5.0 0.0.0.255 192.168.7.0 0.0.0.255

access-list 101 deny ip 192.168.5.0 0.0.0.255 192.168.8.0 0.0.0.255

access-list 101 deny ip 192.168.6.0 0.0.0.255 192.168.5.0 0.0.0.255

access-list 101 deny ip 192.168.6.0 0.0.0.255 192.168.7.0 0.0.0.255

access-list 101 deny ip 192.168.6.0 0.0.0.255 192.168.8.0 0.0.0.255

access-list 101 permit ip 192.168.5.0 0.0.0.255 any

access-list 101 permit ip 192.168.6.0 0.0.0.255 any

access-list 102 deny ip 192.168.7.0 0.0.0.255 192.168.5.0 0.0.0.255

access-list 102 deny ip 192.168.7.0 0.0.0.255 192.168.6.0 0.0.0.255

access-list 102 deny ip 192.168.7.0 0.0.0.255 192.168.8.0 0.0.0.255

access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.5.0 0.0.0.255

access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.6.0 0.0.0.255

access-list 102 deny ip 192.168.8.0 0.0.0.255 192.168.7.0 0.0.0.255

access-list 102 permit ip 192.168.7.0 0.0.0.255 any

access-list 102 permit ip 192.168.8.0 0.0.0.255 any

route-map PBR permit 10

match ip address 101

set ip next-hop 172.17.6.254

route-map PBR permit 20

match ip address 102

set ip next-hop 172.17.6.253

int vlan 2

ip policy route-map PBR

int vlan 3

ip policy route-map PBR

int vlan 4

ip policy route-map PBR

int vlan 5

ip policy route-map PBR

Jon

thanks Jon, now is working

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco