Multiple Default gateways for individual VLANS

cmorris_DRI · ‎12-08-2004

I have a Catalyst 4506, running IOS 12.1. I currently have a default route for all traffic to be forwarded to our current internet connection. We are putting in a second internet connection and i would like to have a default gateway to go to the second internet connection for one certain VLAN, and no others. Is this possible and if so how do i go about doing it.

Prashanth Krishnappa · ‎12-08-2004

You could set up Policy based routing..

Make sure you are running a newer IOS such as 12.2(18)EW2 since we have many PBR bug fixes

Here is an example

First set up access-list to match traffic

access-list 1 permit 129.71.0.0 0.0.255.255

access-list 2 permit 10.0.0.0 0.255.255.255

access-list 3 permit 192.168.0.0 0.0.255.255

Configure route-map statements

route-map students permit 10

match ip address 2

set ip default next-hop 10.1.1.1 <<--First g/w

!

route-map admin permit 20

match ip address 1 3

set ip default next-hop 20.1.1.1 <<--2nd g/w

Then apply these route maps to VLAN interfaces

interface Vlan1

ip address x.x.x.x 255.255.255.0

ip policy route-map students

!

interface Vlan2

ip address x.x.x.x 255.255.255.0

ip policy route-map admin

cmorris_DRI · ‎12-08-2004

That is exactly what i want to do, my problem is this is a live network and i am setting up this gateway as a test, I want to test our firewall on the network, but not in the live VLAN, is it possible to do the route map without bothering the existing routes?

7rbowenii · ‎12-08-2004

Just create a test vlan and test it there first....

-Bo