Re: policy based route on 3750

ladan.eftetahi · ‎08-30-2006

Hi

thanks for your attention. I config policy-based route on 3750 just like this :

no aaa new-model

switch 1 provision ws-c3750-24ts

vtp domain vtp-a

vtp mode transparent

ip subnet-zero

ip routing

!

ip dhcp pool vlan1

network 192.168.0.0 255.255.255.0

default-router 192.168.0.244

!

--More-- ip dhcp pool vlan2

network 20.20.20.0 255.255.255.0

default-router 20.20.20.1

!

ip dhcp pool vlan3

network 172.31.131.0 255.255.255.240

default-router 172.31.131.1

!

no file verify auto

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

vlan 2

name test

!

vlan 3

name Arian

!

--More-- !

interface FastEthernet1/0/1

switchport mode access

spanning-tree portfast

!

interface FastEthernet1/0/2

switchport mode access

spanning-tree portfast

!

interface FastEthernet1/0/3

switchport mode access

spanning-tree portfast

!

interface FastEthernet1/0/4

switchport mode access

spanning-tree portfast

!

interface FastEthernet1/0/5

switchport mode access

spanning-tree portfast

!

interface FastEthernet1/0/6

spanning-tree portfast

--More-- !

interface FastEthernet1/0/7

spanning-tree portfast

!

interface FastEthernet1/0/8

spanning-tree portfast

!

interface FastEthernet1/0/9

spanning-tree portfast

!

interface FastEthernet1/0/10

switchport access vlan 2

switchport mode access

spanning-tree portfast

!

interface FastEthernet1/0/11

switchport access vlan 2

switchport mode access

spanning-tree portfast

!

interface FastEthernet1/0/12

switchport access vlan 2

switchport mode access

--More-- spanning-tree portfast

!

interface FastEthernet1/0/13

spanning-tree portfast

!

interface FastEthernet1/0/14

spanning-tree portfast

!

interface FastEthernet1/0/15

spanning-tree portfast

!

interface FastEthernet1/0/16

spanning-tree portfast

!

interface FastEthernet1/0/17

spanning-tree portfast

!

interface FastEthernet1/0/18

spanning-tree portfast

!

interface FastEthernet1/0/19

spanning-tree portfast

!

--More-- interface FastEthernet1/0/20

spanning-tree portfast

!

interface FastEthernet1/0/21

spanning-tree portfast

!

interface FastEthernet1/0/22

switchport access vlan 3

switchport mode access

spanning-tree portfast

!

interface FastEthernet1/0/23

switchport access vlan 3

switchport mode access

duplex half

spanning-tree portfast

!

interface FastEthernet1/0/24

switchport access vlan 3

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet1/0/1

--More-- !

interface GigabitEthernet1/0/2

!

interface Vlan1

ip address 192.168.0.244 255.255.255.0

!

interface Vlan2

ip address 20.20.20.1 255.255.255.0

ip policy route-map pbr

!

interface Vlan3

ip address 172.31.131.1 255.255.255.240

!

ip classless

ip route 0.0.0.0 0.0.0.0 192.168.0.2

ip http server

!

access-list 10 permit 20.20.20.0 0.0.0.255

route-map pbr permit 10

match ip address 10

set ip next-hop 172.31.131.14

!

--More-- !

control-plane

!

line con 0

line vty 0 4

no login

line vty 5 15

no login

!

end

I want to ping 20.20.20.1 from my pc with 20.20.20.2 ip address ,& ping 172.31.131.14 or 172.31.131.14 ,but I can't .if my pc be in vlan 2 with 20.20.20.1 default gateway, I should to ping 20.20.20.1 but

I can't.what's the problem. if I want to route vlan 2 to next-hop 172.31.131.14

,I can't never access to vlan 1 or vlan 3 networks despite the fact that with enaqble ip routing in 3750 i expect that I can run intervlan routing.

could you pls guid me.

thanks

Edison Ortiz · ‎08-30-2006

What port is the PC using ? Currently you have the following ports assigned to VLAN2

interface FastEthernet1/0/10

switchport access vlan 2

interface FastEthernet1/0/11

switchport access vlan 2

interface FastEthernet1/0/12

switchport access vlan 2

Can you post the show interface output from the port where the workstation is connected to ?

Also, post the 'show int vlan 2' ?

pdervaux · ‎08-31-2006

Isn?t very clear what you would like to do!

In your case the ACL 10 define the interesting traffic used by PBR.

All packets with address 20.20.20.x are forwarded to the 172.31.131.14 IP address.

Is this device aware how to reach the 20.20.20.0/24 network?

In your case is probably better to have an extended access-list with source AND destination IP address defining the packets forwarded to the 172.31.131.14 address.

Regards,

Pascal