Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
484
Views
0
Helpful
2
Replies

Need help in routing protocol

SajeshB
Level 1
Level 1

‎08-20-2020 06:25 AM

Need help in Routing protocol !!

We have 2 link one is internet and other is Mpls link terminated in 2 different firewall.

We already running an voice setup in internet link and now data setup in MPLS link perfectly.

The setup is like Voice vlan and data vlan are having different subnet and vlan id is also different, but they are in same vrf.

We have configured this L3 vlan in core switch and vrf is also configured, if voice vlan need go to the internet we have put an static vrf route towards internet firewall leg and if data vlan want to go to the mpls we have put static vrf route toward mpls firewall leg.

So earlier only voice vlan was configured and to reach destination 10.0.0.1 they are using the internet firewall as voice traffic is configured in internet.

Now user want that data vlan to reach the destination 10.0.0.1 through mpls. Need help in this as vrf route is already configured toward internet firewall for destination 10.0.0.1. how can i configure that voice vlan should go from internet firewall and data vlan should go from mpls firewall for the same destination. Do i need to put the voice and data vlan in different vrf or else is there any way to do it.

 

Labels:
0 Helpful
2 Replies 2

Georg Pauwen
VIP
VIP

‎08-20-2020 07:09 AM - edited ‎08-20-2020 07:11 AM

Hello,

 

it is a bit hard to understand what you are trying to accomplish. Post a schematic drawing of the desired setup, as well as the running config of your router...

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎08-20-2020 08:19 AM - edited ‎08-20-2020 08:21 AM

Hello @SajeshB ,

>> Do i need to put the voice and data vlan in different vrf or else is there any way to do it.

If you want to route based on source address you can use PBR policy based routing that is the use of a route-map applied inbound on the data Vlan that will set the next-hop to the MPLS FW when destination is 10.0.0.1 and source is in the data Vlan.

 

example:

let us suppose the data Vlan IP subnet is 10.20.20.0/24

 

access-list 110 remark example

access-list 110 permit 10.20.20.0 0.0.0.255 host 10.0.0.1

 

route-map PBR permit 10

match address 110

set next-hop <MPLS-FW-IP-address>

 

interface vlan 20

desc data vlan

ip policy route-map PBR

 

traffic not matching the PBR route-map will be routed by destination and not dropped.

 

NOTE1:

because there are firewalls involved you need to ensure symmetric path so you need to consider using PBR on HQ Also

PBR applies only to inbound traffic so it placed on the the data Vlan SVI.

NOTE2: the MPLS FW must be able to send the traffic with destination 10.0.0.1 over the MPLS cloud using a specific route or an aggregate route or a default route (unlikely)

 

Hope to help

Giuseppe

 

0 Helpful
Customers Also Viewed These Support Documents