Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1129
Views
8
Helpful
3
Replies

Route each Vlan to exit from spacific DSL over Core Switch 6509

Go to solution
Mohamed Lotfy
Level 1
Level 1

‎01-27-2012 05:38 AM - edited ‎03-07-2019 04:35 AM

Dear All,

i'm already has one internet connection is conecting directily to the Core Switch 6509,Vlan 500 (1921.168.1.0) and the Switch is route any internet request with default route:

SW6509-conf)# ip route 0.0.0.0 0.0.0.0 10.170.10.10

10.170.10.10 is --> Next hop for the DSL router internal IP, and it's working fine.

The Problem:

==========

We have a new internet connection with new Vlan 600 (172.16.1.0) another ISP/ with another DSL router, so i need your kindly support and suggest how to connect both of them to exit from the Core Switch 6509.

is it ok if i make another default route to the Next hop to the new DSL router as:

SW6509-conf)# ip route 0.0.0.0 0.0.0.0 10.80.10.10

10.80.10.10 is --> Next hop for the new DSL router internal IP.

is there any way like deafault route , route-map or any other features to :

route Vlan 500 (192.168.1.0) to exit from DSL 1 --> 10.170.10.10

route Vlan 600 (172.16.1.0) to exit from DSL 2 --> 10.80.10.10

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
fb_webuser
Level 6
Level 6

‎01-27-2012 06:05 AM

To answer your question

is it ok if i make another default route to the Next hop to the new DSL router as:

>>it depends whether you would like to do load balancing over 2 links or want to configure fail over.If load balancing then you can add the second route as you mentioned and modify the NAT staments with route-map which will match the exit interface and based on that will perform NAT.

For you second question:You are talking about policy based routing or in other words source based routing.

Following config should work for you

ip route 0.0.0.0 0.0.0.0 10.170.10.10

Route-map ISP2

match ip address 110

set ip next-hop 10.80.10.10

ip access-list ext 110

permit ip 172.16.1.0 0.0.0.255 any

int vlan 600

ip policy route-map ISP2

so with this config any traffic hitting interface vlan 600 and sourced from 172.16.1.0/24 subnet will hit the route-map and will get policy routed.Any other traffic which is not matching ACL will go through normal routing information base.

Side note:you need t make sure that 10.80.10.10 ip is directly connected and pingable,if it is not directly connected an device has to perform RIB lookup to reach this ip , then you need to use "recursive"

keyword in the set ip next hop command

HTH

---

Posted by WebUser Mukti Chandwani

View solution in original post

0 Helpful
3 Replies 3

Go to solution
JohnTylerPearce
Level 7
Level 7

‎01-27-2012 05:49 AM

Well, I see you have two internal VLANs, 500 and 600. Both of these internal vlans connect to the Core Switch. Were both of these ISP links, bought to provide redundancy? What are the speeds of each DSL link? You can setup redundancy between these two internet links incase one of them fails. How are you doing your NAT'ng and do you have any public servers offered, such as web sites, ftp sites, etc etc?

Another thing you could do is setup a route map on each vlan interface. With an access-list of anything other than local set with a next hop of this ip.

Go to solution
fb_webuser
Level 6
Level 6

‎01-27-2012 06:05 AM

To answer your question

is it ok if i make another default route to the Next hop to the new DSL router as:

>>it depends whether you would like to do load balancing over 2 links or want to configure fail over.If load balancing then you can add the second route as you mentioned and modify the NAT staments with route-map which will match the exit interface and based on that will perform NAT.

For you second question:You are talking about policy based routing or in other words source based routing.

Following config should work for you

ip route 0.0.0.0 0.0.0.0 10.170.10.10

Route-map ISP2

match ip address 110

set ip next-hop 10.80.10.10

ip access-list ext 110

permit ip 172.16.1.0 0.0.0.255 any

int vlan 600

ip policy route-map ISP2

so with this config any traffic hitting interface vlan 600 and sourced from 172.16.1.0/24 subnet will hit the route-map and will get policy routed.Any other traffic which is not matching ACL will go through normal routing information base.

Side note:you need t make sure that 10.80.10.10 ip is directly connected and pingable,if it is not directly connected an device has to perform RIB lookup to reach this ip , then you need to use "recursive"

keyword in the set ip next hop command

HTH

---

Posted by WebUser Mukti Chandwani

0 Helpful

Go to solution
JohnTylerPearce
Level 7
Level 7
In response to fb_webuser

‎01-27-2012 06:21 AM

ip access-list extended 110

  permit ip 172.16.1.0 0.0.0.255 any

route-map ISP2 permit 10

match ip address 110

set ip next-hop 10.80.10.10

int vlan 600

ip policy route-map ISP2

That configuration should work fine, but if you want clients on 172.16.1.0/24 to access anything on 192.168.1.0/24

you may run into some problems. If 172.16.1.0/24 wants to access for instance 192.168.1.50, it will go to its default

gateway which is the vlan 600 interface. With the ISP2 route-map applied, it will match ALL traffic that 172.16.1.0/24

sends out which will also match traffic from 172.16.1.0/24 to 192.168.1.50. So traffic going from 172.16.1.0/24 to 192.168.1.50 will go to 10.80.10.10, if there is no route to the 192.168.1.0/24 network you could run into some problems.

Just something to think about.

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card