cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
744
Views
0
Helpful
9
Replies

Routing issue, to reach same destination through two interfaces

sfanayei
Level 1
Level 1

Hi!

I have a Cisco router A that is configured witch two vlan interface x and vlan interface y. How can I redirecte traffic to the same destination with source ip from vlan x throug interface F0 on router B and with source ip from vlan y throug interface F1 on router C? Both router B and c are directtly connected to router A. Many tanks in advance!

Regards

SF 

9 Replies 9

Hitesh Vinzoda
Level 4
Level 4

Use route-map/policy based routing and set the next-hops for the traffic from desired vlan's to router B and router C

HTH

Hitesh Vinzoda

Pls rate useful posts

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello SF,

if you want to route based on source address you need PBR = Policy Based Routing

normal routing is destination based only either using static routes or dynamic routing protocols (including BGP)

example:

access-list 11 permit 10.10.20.0 0.0.0.255

route-map divert-to-RB permit 10

match ip address 11

set ip next-hop

interface f0/0

ip address 10.10.20.1 255.255.255.0

ip policy-map divert-to-RB

PBR has to be applied on the interface(s) that receive the traffic that should be diverted

A similar setup can be done for second LAN interface

access-list 12 permit 10.10.30.0 0.0.0.255

route-map divert-to-RC permit 10

match ip address 12

set ip next-hop

interface f0/1

ip address 10.10.30.1 255.255.255.0

ip policy-map divert-to-RC

to be noted an extended ACL can be used or other criteria including packet size or IP precedence or DSCP settings

Hope to help

Giuseppe

Hi Giuseppe,

Tanks a lot for your reply, and I am trying to implement your soultion, It sounds good, but I have a couple of question. I can not see any where in your example where destination network is indicated. I assumed that Access-lists 11 and 12 are source ip as they shoud be.  I have sendt my network diagram as attached file and configuration in below. Please look at it and tell me more specific what I shoud do. And what is "permit 10" in end of your access-list?

Router A#

interface Vlan X
description Vlan X
ip address 10.98.2.1 255.255.255.0
ip helper-address 10.96.1.2
no ip unreachables
no ip mroute-cache
ip policy route-map divert-to-RB
!
interface Vlan Y
description Vlan Y
ip address 10.98.4.1 255.255.255.0
ip helper-address 10.96.1.2
no ip unreachables
no ip mroute-cache
ip policy route-map divert-to-RC


Router A(config)#access-list 11 permit 10.98.2.0 0.0.0.255
Router A(config)#access-list 12 permit 10.98.4.0 0.0.0.255

Router A(config)#
route-map divert-to-RB permit 10
match ip address 11
set ip next-hop 10.96.2.10  (router B, interface ip)


Router A(config)#
route-map divert-to-RC permit 10
match ip address 12
set ip next-hop 10.98.255.253 (router C, interface ip)

Many tanks again.

SF

Hi SF,

now its seems to have a proper configuration with you,

Answer to your question, "Permit 10" is nothing but the route map permit statement with sequence no 10,

Example:

You can have as many route-map statement as you want, every individule differ with the sequence no it has,

Route-map xxxxx permit 10

match xxxx

set xxxx

Route-map xxxxx permit 20

match xxxx

set xxxx

Hope this will help you out.

Correct me if i'm wrong somewhere.

Regards,

Hardik.

Hi Hardic

Tanks for reply, but it still not working. Before this scenario I had only Router B and static route in Router A to destination network. That worked properly.

But now I am trying to implement route map policy for one of my source netwok (vlan X) where I still having the static route in router A and I kan see that the trafik fra source vlan X is still using the static route.

Regards SF

Hello SF,

you can make PBR destination selective by using extended ACLs instead of standard ACLs

access-list 111 permit ip 10.98.4.0 0.0.0.255 x.y.z.0 0.0.0.255

and by invoking the ACL inside the route-map in place of the standard ACL

>> here I still having the static route in router A and I kan see that the trafik fra source vlan X is still using the static route.

Sorry for the basic questions:

Have you applied the command ip policy on SVI Vlan X?

is the source IP address of this packet the expected one?

have you tried to use debug ip policy as a form of help in understanding what is happening?

What device are you using ?

if C4500 or C6500 post sh module

Hope to help

Giuseppe

Yes, I have tryied with extended ACLs too. And I have applied the ip policy on Vlan X, but connection is running throug static route:(

Regards SF

Hey SF,

why dont you remove the static route and have a check, though you are using PBR, i dont think so you will require static route in place.

Because even if you have PBR it will going to select static over it, since it finds it best path over others.

Cheers,

Hardik

Hi Hardic

I have removed now static route, and now it seems that traffic are diverted through my defalut gateway. I don't tink that ip policy route-map is used.

Regards SF

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco