Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
440
Views
0
Helpful
3
Replies

can the next-hop in pbr be not directly connected?

ino
Level 1
Level 1

‎10-24-2022 08:01 PM

i have a c1111 router and a c2960x with routing enabled 

an lte router is connected to the c1111 

0.0.0.0 on the c2960x is to the c1111

on the c1111 i do set the next-hop with a route map to the lte routers ip

that works fine

my question is

if i connect the lte router to the c2960 but want traffic still first go through the c1111 can i do that?

so currently traffic goes  

device --> c2960 --> c1111 --> lte

what i want (repluging the lte to the c2960)

device --> c2960 --> c1111 --> c2960 --> lte

would simply setting the next-hot on the c1111 to the lte router work or not as it isnt truly the next hop as traffic first needs to go to the 2960

i probably could do it by setting the next hop to the c2960 and marking it and marked traffic would then be send from the c2960 to the lte router it would be just a bit cumbersome 

 

 

 

0 Helpful
3 Replies 3

MHM Cisco World
VIP
VIP

‎10-24-2022 09:24 PM

Sure it can,

And you can also use verify reachability via ip sla.

0 Helpful

paul driver
VIP
VIP

‎10-25-2022 12:23 AM

Hello

@ino wrote:
device --> c2960 --> c1111 --> lte
device --> c2960 --> c1111 --> c2960 --> lte

Why do you even need PBR given the setups you have outlined, in either case the 2960 are l2 access switchs with no routing, it the second setup the connection between the rtr and the LTE will just be a Layer2 access port.


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

ino
Level 1
Level 1

‎10-25-2022 12:27 PM

@MHM Cisco World thanks a brief test seems to show it will work

that currently it didn't (a trace dies at the lte) is probably because the lte isnt set up correctly in the moment havent got time for it till now

this next-hop is some what confusing to me lets assume i have R1-R2-R3 after each other

pinging R2 from R1 will go R1-R2 job done

what if i set the next-hop to R3? will it go R1-R2-R3-R2?

@paul driver the c2960 although not a fully blown L3 router it is capable of L3 routing (i extra mentioned that its turned on)

the c1111 has a build in lte which i use for vpn 

the original plan was to have the second lte router pas through its lte to it and use both lte connections for internet traffic in a round robin manner

bit till now i wasnt able to achieve that no mater what i do if both lte are in the routing table the vpn breaks as it tries to send the responses from the wrong connection 

i tried setting ip local policy route-map whit out any luck 

any way current plan is to have 2X 2960

each with its own lte router connected to it and vpn access (non cisco lte dev)

and having the build in lte on the c1111 for vpn to that one

so all will have an out of band vpn connection for management in case

having some basic acl on the 2960 for known and expected traffic

anything else is going to the c1111 including all traffic to the internet

so devices connected to one 2960 could end up using the lte connected to the other 2960

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card