Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Routing Question

I need help on setting up routing for a single subnet.

At the moment all traffic is routed via the etherchannel(po1) to the R2 Router via ospf. What i would like to do is route a single SVI on the 4506 to R1 instead of R2.

Can i apply a route map on the subnet ( SVI VLAN18 interface and set the next hop via r1 interface(

should i apply the policy on the trunk port or on the SVI?

Cisco Employee

Re: Routing Question


You should apply the route-map on the SVI, where the packet is enter into the router.

"Policy routing is specified on the interface that receives the packets, not on the interface from which the packets are sent."



New Member

Re: Routing Question

Thanks Jerry,

I have applied the route-map on the 4506 SVI.

route-map Traffic_to_ISP2 permit 10

match ip address 20

set ip next-hop

#sh ip access-lists 20

Standard IP access list 20

10 permit, wildcard bits

interface Vlan17

description Layer3 gateway

ip address

ip policy route-map Traffic_to_ISP2

#sh ip policy

Interface Route map

Vlan17 Traffic_to_ISP2

#sh route-map

route-map Traffic_to_ISP2, permit, sequence 10

Match clauses:

ip address (access-lists): 20

Set clauses:

ip next-hop

Nexthop tracking current:, fib_nh:18836098,oce:189008EC,status:1

Policy routing matches: 0 packets, 0 bytes

However i am not getting any matches when debugging or any matches on the acl.

A traceroute shows traffic hitting the SVI but the PBR is not working

Protocol [ip]:

Target IP address:

Source address:

Numeric display [n]:

Timeout in seconds [3]:

Probe count [3]:

Type escape sequence to abort.

Tracing the route to

1 0 msec 0 msec 9 msec

2 0 msec 0 msec 9 msec

7 16 msec 17 msec 25 msec

Any ideas?

Cisco Employee

Re: Routing Question


Just a question, where do you initiate the ping? On the router where PBR is configured on the SVI? If this is the case, you have to use the command "ip local policy route-map map-tag" to test the PBR.

If you are testing from a PC on VLAN 17, the trace route should hit the ACL and use the PBR.



New Member

Re: Routing Question

Good question

Traffic is not orginating on the switch which is a 4506 not a router. I am tracerouting from another switch on vlan17.

I am not getting any matches which would suggest the switch has issues with PBR should i be running a different IOS?

at the moment i am running "cat4000-i5s-mz.122-25.EWA13.bin"

Cisco Employee

Re: Routing Question

Hi, Can you post the output of the following command:

show ip route

I am wondering is the next hop on the routing table of the 4506.



New Member

Re: Routing Question

Yes it is directly connected, it is a ptp connection from the 4506 to the router for ISP2.

#sh ip route

Routing entry for

Known via "connected", distance 0, metric 0 (connected, via interface)

Cisco Employee

Re: Routing Question

Hi, I don't see any issue with your configuration.

Like I said before, if you are testing the PBR from any device on VLAN17, the route-map and ACL should catch it. However, if the traceroute/ping is initiate from the 4506 sourced from VLAN17, "ip local policy" should be use to perform the test.



CreatePlease to create content