Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4168
Views
0
Helpful
36
Replies

Using SLA for gateway of last resort for specific subnet

TRACY HARTMANN
Level 1
Level 1

‎01-29-2019 08:54 AM

I am trying to get a ip SLA to change the gateway of last resort for a specific subnet.  This is what I have so far...

 IP SLA

ip sla 10
icmp-echo 10.20.0.90 (router I want to be gateway of last resort for specific subnets

 

ip sla schedule 10 life forever start-time now
route-map last_resort permit 10
match ip address test

 

ip access-list extended testzscaler
permit ip host 10.3.20.2 any  ( just trying one address for now)

 

ip local policy route-map zscaler_last_resort
ip classless
ip route 0.0.0.0 0.0.0.0 10.20.0.90 track 10  Only for specific subnets
ip route 0.0.0.0 0.0.0.0 10.20.0.1 200   Default for everyone else

 

If I trace from the switch everything goes out the 10.20.0.90.  However I just want the 10.3.20.2 to go that way.

 

 

Tracy

 

 

 

Labels:
0 Helpful
36 Replies 36

TRACY HARTMANN
Level 1
Level 1
In response to Deepak Kumar

‎01-30-2019 01:42 PM

I don't think I owe anyone anything from the requests.  The PBR will work the way I want on other platforms and yes it is the ip default next hop statement.   I have just not gotten it to work on the 3750 so I am trying to find a different way to do the same thing.

 

Thanks everyone for any help.

0 Helpful

TRACY HARTMANN
Level 1
Level 1
In response to Deepak Kumar

‎02-06-2019 01:24 PM

Thanks for all the replies, did anyone find a different way to do this?

0 Helpful

TRACY HARTMANN
Level 1
Level 1
In response to TRACY HARTMANN

‎02-05-2019 12:16 PM

Jon I think you were going to do some testing, is there any other way I can accomplish the same type of gateway of last resort for a specific ip or subnet besides the ip default next hop?

 

 

Thanks

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to TRACY HARTMANN

‎01-30-2019 01:22 PM

 

Thinking about this I seem to remember we have had this issue before and there is no easy solution. 

 

You could in your acl for the route map use deny lines for the traffic to your internal subnets (you could summarise) and then have a permit for everything else ie. internet traffic but using deny lines in a PBR acl on a 3750 can cause high CPU and is not advised. 

 

There really is no easy way to do what you want on the 3750 but IP SLA is most definitely not going to do what you want. 

 

Jon 

0 Helpful

Deepak Kumar
VIP Alumni
VIP Alumni
In response to Jon Marshall

‎01-30-2019 01:27 PM

Hi,
Sorry I am using my mobile so may be I lost any important information. Why he should make deny statement in pbr acl?

Regards,
Deepak Kumar
Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to Deepak Kumar

‎01-30-2019 01:31 PM

 

You can do that but on a 3750 switch it can cause high CPU presumably because those lines would be dealt with in software and not hardware switched. 

 

Might be worth a try but from memory the Cisco docs recommend against it 

 

Jon

0 Helpful

Georg Pauwen
VIP
VIP
In response to Georg Pauwen

‎01-30-2019 12:55 AM

Hello,

 

just one more thing: I didn't mean to remove the default route from your config, leave that in there. Just add the two more specific routes (one tracked, one with the higher administrative dstance) for your speciic subnet...

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card