Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Traffic enforcement on a L3 switch

Hi Guys,

I need your support on a routing and siwitching challenge I currently encounter.

My setup is the following :

-hosts, server -----L3 switch----router.

The hosts and the server are in the same subnet. Due to a special DSCP marking which is not supported on the L3 switch, I need the packets to be routed as follows :

- packets from the server to the hosts need to pass through the router - mandatory - due to DSCP marking on the router

- packets from hosts to the server do not necessarily need to pass through the router, they can pass through the L3 switch as well (the hosts are marking DSCP by themselves).

I know I could put the server in a special subnet and perform DSCP marking on a router subinterface, but I want to know if there is any way to enforce the traffic that goes from the server to the hosts through the router, even if they are on the same subnet.

Thanks in advance,


Super Bronze

Traffic enforcement on a L3 switch


The   Author of this posting offers the information contained within this   posting without consideration and with the reader's understanding that   there's no implied or expressed suitability or fitness for any purpose.   Information provided is for informational purposes only and should not   be construed as rendering professional advice of any kind. Usage of  this  posting's information is solely at reader's own risk.

Liability Disclaimer

In   no event shall Author be liable for any damages whatsoever (including,   without limitation, damages for loss of use, data or profit) arising  out  of the use or inability to use the posting's information even if  Author  has been advised of the possibility of such damage.


As the router would normally only be transited at L3, don't see an easy way to accomplish your goal unless your router also supports bridging.  If it did, you could place servers on one VLAN and hosts on another and bridge between them.  Of course, this would force all traffic between hosts and servers through the bridge when you only want server to host, but it would allow server to server or host to host to bypass the bridge.  Off subnet traffic would route normally.


BTW, hope you have a "beefy" router as until you get into the high-end models like ASR 1000s, most do not offer the performance for LAN bandwidths.