Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

route-map on 3560g

Hello,

I am trying to isolate a vlan interface in order to dedicate it for management.

I tried to isolate it (at layer 3) using route-map :

my admin net is 1.0.0.0/24 (int vlan 945)

my operation net is 2.0.0.0/24 (int vlan 8)

ip access-list standard allow_1_0_0_0

permit 1.0.0.0 0.0.0.255

deny any

exit

ip access-list standard allow_all

permit any

exit

route-map deny_routing_to_1_0_0_0 deny

match ip address allow_1_0_0_0

set interface Null 0

exit

route-map deny_routing_to_anywhere deny

match ip address allow_all

set interface Null 0

exit

int Vlan945

ip address 1.0.0.2 255.255.255.0

ip policy route-map deny_routing_to_anywhere

int Vlan8

ip address 2.0.0.2 255.255.255.0

ip policy route-map deny_routing_to_1_0_0_0

It seems pretty clean to me (cleaner than using ACLs ?), put the problem is that "set interface 0" is not supported on the 3560g.

I tried using a loopback with an ip in the range 127.0.0.0, and using set ip next-hop but that's not possible either.

Is it possible to do what I am tring to do without using ACLs directly in an vlan interface ?

Thanks

Best regards

Guillaume

4 REPLIES

Re: route-map on 3560g

Hi Guillaume,

Can you please configure "sdm prefer routing".

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat3560/12237se/scg/swsdm.htm

HTH,

Mohammed Mahmoud.

New Member

Re: route-map on 3560g

Thanks Mohammed.

Indeed, I did configure "sdm prefer routing".

But it did not solve my question.

Guillaume

Re: route-map on 3560g

hi Guillaume,

After configuring it, you need to reload the switch.

HTH,

Mohammed Mahmoud.

New Member

Re: route-map on 3560g

Thanks Mohammed, I already did reboot the switch after inputing the command.

#sh sdm prefer

The current template is "desktop routing" template.

The selected template optimizes the resources in

the switch to support this level of features for

8 routed interfaces and 1024 VLANs.

number of unicast mac addresses: 3K

number of IPv4 IGMP groups + multicast routes: 1K

number of IPv4 unicast routes: 11K

number of directly-connected IPv4 hosts: 3K

number of indirect IPv4 routes: 8K

number of IPv4 policy based routing aces: 512

number of IPv4/MAC qos aces: 512

number of IPv4/MAC security aces: 1K

Guillaume

210
Views
0
Helpful
4
Replies