Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7143
Views
5
Helpful
4
Replies

Different Gateway per VLAN whilst maintaining Intervlan routing

olivenn001
Level 1
Level 1

‎06-21-2016 08:14 AM - edited ‎03-08-2019 06:18 AM

Hi All,

Hopefully this is a fairly simple task for someone, we have a WS-C3650-24PS  running software 03.03.05SE cat3k_caa-universalk9

I have the following VLAN's setup:

VLAN10 - 10.185.53.0/24

VLAN50 - 10.183.53.0/24

VLAN511 - 10.186.51.0/24

VLAN461 - 10.186.46.0/24

These all need to have a default gateway of 10.185.53.254

VLAN20 - 192.168.53.0/24 - Needs to have default gateway of 192.168.53.254

VLAN30 - 172.30.53.0/24 - Need to have default gateway of 172.30.53.254

I need the 3650 to be able to handle InterVLAN routing and forward anything else to the relevant default gateway.

I just can't seem to find a way of doing this, if anyone can point me in the right direction it would be appreciated.

Many Thanks

Labels:
0 Helpful
4 Replies 4

Reza Sharifi
Hall of Fame
Hall of Fame

‎06-21-2016 12:14 PM

Hi,

In order to this you would need PBR (Policy Based Routing). Also, in order to do PBR, you need IP Services license on your 3650, as IP Base will not support it.

PBR

http://www.cisco.com/c/en/us/support/docs/ip/ip-routed-protocols/47121-pbr-cmds-ce.html

ip route 0.0.0.0 0.0.0.0 10.185.53.254

ip route 0.0.0.0 0.0.0.0 192.168.53.254

access-list 100 permit ip 10.185.46.0 0.0.0.255 any

access-list 100 permit ip 10.185.51.0 0.0.0.255 any

access-list 100 permit ip 10.185.53.0 0.0.0.255 any

access-list 101 permit ip 192.168.53.0 0.0.0.255 any

!

route-map test permit 10

match ip address 100

set ip next-hop 10.185.53.254

!

route-map test1 permit 10

match ip address 101

set ip next-hop 192.168.53.254

You also need the same config for vlan 30

HTH

0 Helpful

olivenn001
Level 1
Level 1
In response to Reza Sharifi

‎06-23-2016 01:48 AM

Hi, I've given this a try but it doesn't seem to be working. Traffic is still routing via 10.185.53.154 from the other vlans.

Also when I enable route-map test on interface vlan10 I am then unable to connect to the switch locally I get TTL expired

0 Helpful

pwwiddicombe
Level 4
Level 4
In response to olivenn001

‎06-23-2016 04:31 AM

You really can't / don't want to do this.  You want all 3 distinct vlans to have the same gateway? 

By convention, the gateway address is the address within your subnet, that handles forwarding to other subnets.  Conversely, the return packets will go to the gateway, who will put the return packets into the appropriate vlan.

So vlans other than 10 will be problematic.  Having proxy-arp on the vlan interfaces might allow outbound packets, but return packets will not work properly.

0 Helpful

olivenn001
Level 1
Level 1

‎06-23-2016 04:39 AM

I think I have sorted this by doing the following:

interface Vlan10
 ip address 10.185.53.10 255.255.255.0
!
interface Vlan20
 ip address 192.168.53.10 255.255.255.0
 ip policy route-map test1
!
interface Vlan30
 ip address 172.30.53.10 255.255.255.0
 ip policy route-map test
!
interface Vlan50
 ip address 10.183.53.10 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 10.185.53.254

!

access-list 101 permit ip 192.168.53.0 0.0.0.255 any
access-list 102 permit ip 172.30.53.0 0.0.0.255 any
access-list 103 permit ip 172.30.53.0 0.0.0.255 10.185.53.0 0.0.0.255

!
route-map test permit 1
 match ip address 103
 set ip next-hop 10.185.53.10
!
route-map test permit 10
 match ip address 102
 set ip next-hop 172.30.53.254
!
route-map test1 permit 10
 match ip address 101
 set ip next-hop 192.168.53.254

This setup gives me exactly as I need, All vlans other than 20 and 30 to route via the vlan10 gateway. vlan 20 doesn't need intervlan routing, and vlan 30 needs to speak only to the vlan 10 subnet.

Customers Also Viewed These Support Documents