cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4156
Views
15
Helpful
3
Replies

static route based on object-group

chris fricke
Level 1
Level 1

I have a group of about 20 subnets that I want to assign a static route to.  For example I want traffic destined for any of those 20 subnets to go to a certain next hop.  Is it possible to group those objects and create a single route statement for them?  Or would I need something like PBR?

Thanks,

1 Accepted Solution

Accepted Solutions

Yes, that would work. I would recommend a descriptive name for the ACL and route map if you go with that method. You would then have to apply that route-map to any interfaces where you want to manipulate the traffic.

But, if everything is sourcing from the same subnet and the traffic always routes to the same place, then the route-map will increase complexity. Static routes would be a simpler way of accomplishing what you need.

Another benefit of using statics is that you can name the routes so that you, or someone else, knows exactly why they exist. If they are routes for extranets or something, you can name them vendor1, vendor2, etc. so that's its easy to tell what they are doing.

View solution in original post

3 Replies 3

rfalconer.sffcu
Level 3
Level 3

Can you summarize the subnets?

Either way, if you don't just want to create static routes, you can create a policy map to set the next hop for those subnets. You'll just have to add the subnets to an ACL that the policy map matches. If you can summarize, it just makes your work easier.

If you need to redistribute the statics into a routing protocol, the PBR method won't accomplish this.

Is this kinda what you mean?

If my LAN is 10.100.50.x

Default route is to 2.2.2.2 except traffic destined for 10.1.x.x or 10.2.x.x which would go to 10.100.50.50

-------------------------------------------------------

ip route 0.0.0.0 0.0.0.0 2.2.2.2

access-list 100 permit ip 10.100.50.0 0.0.0.255 10.1.0.0 0.0.255.255

access-list 100 permit ip 10.100.50.0 0.0.0.255 10.2.0.0 0.0.255.255

route-map name1 permit 10

match ip address 100

set ip default next-hop 10.100.50.50

---------------------------------------------------------

Of course I could sumarize the access list wherever possible.  In reality I have about 20 subnets.

I don't know if there's any advantage to doing it this way over just having a bunch of static ip route statements using wildcard masks to sumarize in the same way as the access list.  Does that sound right?

Thanks for any input.

Yes, that would work. I would recommend a descriptive name for the ACL and route map if you go with that method. You would then have to apply that route-map to any interfaces where you want to manipulate the traffic.

But, if everything is sourcing from the same subnet and the traffic always routes to the same place, then the route-map will increase complexity. Static routes would be a simpler way of accomplishing what you need.

Another benefit of using statics is that you can name the routes so that you, or someone else, knows exactly why they exist. If they are routes for extranets or something, you can name them vendor1, vendor2, etc. so that's its easy to tell what they are doing.