Route Map advice

ward · ‎11-27-2003

Hi

I have 2 companies on our Wide area network.

They all come into the same core network.

The problem I am trying to solve is that we have

got a default route pointing to our firewall for all internet traffic.

I need the the 2 companiees to use there own seperate internet connections.

I created a route map to point all traffic from source 10.99.0.0 to go to next hop 10.99.7.253

which is a 3550 switch.The 3550 switch is in turn connected to there core layer 3 extreme switch.

I setup anothe route map on the 3550 pointing the traffic to there extreme switch so that the extreme switch can route the traffic onto its deafult route and there internet circuit.....

The route map on our core router is

ip access-list extended TQ3-Internet

deny ip 10.99.0.0 0.0.255.255 57.8.0.0 0.0.255.255

permit ip 10.99.0.0 0.0.255.255 any log

route-map TQ3 permit 15

match ip address TQ3-Internet

set ip next-hop 10.99.7.253

and the route map on the 3550 switch is

access-list 151 permit ip 10.99.0.0 0.0.255.255 any

route-map TQ3 permit 15

match ip address 151

set ip next-hop 10.99.7.254

where 10.99.7.254 is there extreme switch.

I could not apply my route map to the fastethernet interface on the 3550 switch.it wont let me.

The first route map on our core router is applied to the fastethernet interfaces.

My config is not working as the 2 companies are still using the default route in our core as for there internet access.Only the one company needs to use that.I cant seem to find a way to have 2 default routes for 2 differentg companies so that I can seperate the 2.

Any advice or help would be much appreciated.

preddyi · ‎11-27-2003

You apply the Route-map on to the ingress Layer 3 interface (Either VLAN interface or Fast Ethernet/Gig) on 3550.

you can configure the Fast ethernet0/0 as Layer 3 interface,as following.

(Config-T)#

(Config-T)#Inteface FastEthernet0/0

(Config-T-IF)#"no switch port "

(Config-T-IF)#exit

Pls refer the URL for more info.

http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/1216ea1/3550scg/swint.htm#xtocid2266925

ward · ‎11-28-2003

Hi

Thanks..

I am trying to apply the route-map to the interface and it wont let me.It is usually ip policy route-map.

The command is not there even when i make the port a no switchport.I also tried it on the vlan interfacce but it wont take the command.How do I apply my route-map on a 3550.

Cheers

aslam · ‎11-28-2003

FYI,

" set ip next-hop ip-address " is an unsupported command on latest releases on 3550. Please check the link

http://www.cisco.com/en/US/partner/products/hw/switches/ps646/products_configuration_guide_chapter09186a008007e773.html#xtocid2009219

Regarding your design, why dont you try to keep the seperate customers traffic in their own VLANS and subnets and have appropriate default-gateways setup so you wont need policy routing.

preddyi · ‎11-28-2003

Then this must be the problem with IOS version.

Pls check your IOS image version.

You may be using SMI (Standard Multilayer Image) version, for PBR you require EMI (Enhanced Multilayer Image)version

ward · ‎11-28-2003

Hi

I am using EMI IOS.

c3550-i5q3l2-mz.121-11.EA1a.bin

ward · ‎12-04-2003

Hi

Can anyone shed some light here.

I still cant get it working.

The 2 companies use 2 different source ip ranges....

the one is 10.98.0.0 and the other is 10.99.0.0

Both these networks sit on the same IP ADSL wan...

So they both have the same route onto our core router....When the traffic hits our core router I have got a default route for any internet traffic pointing to our firewall whcih is ip route 0.0.0.0 0.0.0.0 10.98.7.250.

This internet route should be used for the traffic coming from 10.98.x.x and not 10.99.x.x.

The 10.99.x.x needs to go 3 hops to get to there

internet firewall.the problem I have is getting that traffic to go to that device.The 3rd hop is a 3550 switch and this switch does not support certain route-map commands.I cant seem do find out how to point the traffic from the 3550 switch to the next hop.....

Any advice would be appreciated.