Routing based on source interface

shoeb.khan · ‎06-07-2011

Hi,

I am looking for a config, as per the attached diagram, if the traffic comes from FE01 it should go via FE03 for the internet and when the traffic comes from FE02 it should go via FE04 for the internet.

Jon Marshall · ‎06-07-2011

access-list 101 permit ip any any

access-list 102 permit ip any any

route-map PBR1 permit 10

match ip address 101

set interface fa0/3

route-map PBR2 permit 10

match ip address 102

set interface fa0/4

int fa0/1

ip policy route-map PBR1

int fa0/2

ip policy route-map PBR2

Be aware that this will send ALL traffic to any destination received on fa0/1 to fa0/3 and ditto for fa0/2 / fa0/4. If for example you only wanted to send internet traffic then you need to use deny statements in the acls for the other networks eg.

lets suppose that there is a network 192.168.5.0/24 that is reachable via fa0/2. Now there is a client A that is connected to a subnet reachable via fa0/1 on the router. With the above PBR config when client A sends a packet to a device on 192.168.5.x it would actually get forwarded out of fa0/3 interface. So you would need to modify your PBR config ie.

access-list 101 deny ip any 192.168.5.0 0.0.0.255

access-list 101 permit ip any any

then any traffic received on fa0/1 with a destination IP of 192.168.5.x would not be policy routed but routed via the routing table.

Jon