Solved: how 2 reach a target network that is not in routing table using route-map

dannan lin · ‎07-08-2012

I have following questions here.

When default route is pointed at R2 the

traffic source from vlan 10 designated for office1 (20.20.20.0) should be routed to R3 .

The f1/0 on R1 is a layer 2 interface, R4 is acting as a PC and its gateway is a SVI address (10.1.3.1) on R1.

The routing table on R1 is like this

Gateway of last resort is 10.1.1.1 to network 0.0.0.0

10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

C 10.1.3.0/24 is directly connected, Vlan10

C 10.1.2.0/30 is directly connected, FastEthernet0/1

C 10.1.1.0/30 is directly connected, FastEthernet0/0

S* 0.0.0.0/0 [1/0] via 10.1.1.1

Route map on R1 is like this

route-map R3, permit, sequence 10

Match clauses:

ip address (access-lists): 101

Set clauses:

ip next-hop 10.1.2.1

ip next-hop verify-availability

Policy routing matches: 150 packets, 10226 bytes

Access-list on R1 is like this

R1(config)#do show access-list

Extended IP access list 101

10 permit ip 10.1.3.0 0.0.0.255 20.20.20.0 0.0.0.255 (153 matches)

I also forced local policy

ip local policy route-map R3

I applied policy on vlan 10

interface Vlan10

ip address 10.1.3.1 255.255.255.0

ip policy route-map R3

The routing table on R3 is like this

Gateway of last resort is 0.0.0.0 to network 0.0.0.0

20.0.0.0/24 is subnetted, 1 subnets

C 20.20.20.0 is directly connected, Loopback99

10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks

C 10.1.2.0/30 is directly connected, FastEthernet0/0

S* 0.0.0.0/0 is directly connected, FastEthernet0/0

R4’s routing table is like below

R4(config)#do show ip route

Gateway of last resort is 0.0.0.0 to network 0.0.0.0

20.0.0.0/24 is subnetted, 1 subnets

S 20.20.20.0 [1/0] via 10.1.3.1

10.0.0.0/24 is subnetted, 1 subnets

C 10.1.3.0 is directly connected, FastEthernet0/0

S* 0.0.0.0/0 is directly connected, FastEthernet0/0

As you can see there are matching clauses, but I couldn’t ping 20.20.20.20 sourced from vlan 10. I do not want to add 20.20.20.0 network into routing table because if I do so the whole routing map thing would be pointless. So I want to know how to reach 20.20.20.0 network without add extra entry into routing table.

This question is driving me crazy.

Any help is appreciated.

John Blakley · ‎07-08-2012

Does your 20.20.20.0 network know how to get back to the 10.1.3.0 subnet?

Sent from Cisco Technical Support iPad App

HTH, John *** Please rate all useful posts ***

View solution in original post

nkarthikeyan · ‎07-08-2012

definitely you need to have policy based routing in this scenario. also you should have the static route on the r3 as well to reach the r4 to make this work. in pbr access-list even you can specify the traffic based on the hosts and ports if you want. So from the r4 svi vlan 10 all the other traffic would pass via r2 by default... what ever you mention in the access-list of route map to the next hop pointed address would be passing via r3 in ur case..... it should work if you configyre in such a way like this.....

View solution in original post

cadet alain · ‎07-09-2012

Hi,

Is the device you're doing PBR on a L3 switch or a router with a switching module ?

Is cdp enabled on this device and on the interface pointing towards next-hop ?

Regards.

Alain.

Don't forget to rate helpful posts.

View solution in original post

cadet alain · ‎07-09-2012

Hi,

Yes of course because if you're using next-hop reachability without IP sla then cdp is used and if it is disabled then the next-hop is not available and it uses normal routing table.

Regards.

Alain.

Don't forget to rate helpful posts.

View solution in original post

John Blakley · ‎07-08-2012

Does your 20.20.20.0 network know how to get back to the 10.1.3.0 subnet?

Sent from Cisco Technical Support iPad App

HTH, John *** Please rate all useful posts ***

nkarthikeyan · ‎07-08-2012

definitely you need to have policy based routing in this scenario. also you should have the static route on the r3 as well to reach the r4 to make this work. in pbr access-list even you can specify the traffic based on the hosts and ports if you want. So from the r4 svi vlan 10 all the other traffic would pass via r2 by default... what ever you mention in the access-list of route map to the next hop pointed address would be passing via r3 in ur case..... it should work if you configyre in such a way like this.....

dannan lin · ‎07-08-2012

thanks for your reply, i think i do have a default route on R3 (0.0.0.0 0.0.0.0 10.1.2..2).

i paste my config again hope problem can be soloved.

R1 route-map

R1(config)#do show route

route-map 2R3, permit, sequence 10

Match clauses:

ip address (access-lists): office

Set clauses:

ip next-hop 10.1.2.1

ip next-hop verify-availability

Policy routing matches: 5 packets, 570 bytes

R1 routing table

10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

C 10.1.3.0/24 is directly connected, Vlan10

C 10.1.2.0/30 is directly connected, FastEthernet0/1

C 10.1.1.0/30 is directly connected, FastEthernet0/0

S* 0.0.0.0/0 [1/0] via 10.1.1.1

R1 access-list

Extended IP access list office

10 permit ip 10.1.3.0 0.0.0.255 20.20.20.0 0.0.0.255 (5 matches)

R4 routing table

Gateway of last resort is 10.1.3.1 to network 0.0.0.0

     20.0.0.0/24 is subnetted, 1 subnets
S       20.20.20.0 is directly connected, FastEthernet0/0
     10.0.0.0/24 is subnetted, 1 subnets
C       10.1.3.0 is directly connected, FastEthernet0/0
S*   0.0.0.0/0 [1/0] via 10.1.3.1

R3 routing table

R3(config)#do show ip route

Gateway of last resort is 10.1.2.2 to network 0.0.0.0

20.0.0.0/24 is subnetted, 1 subnets

C 20.20.20.0 is directly connected, Loopback99

10.0.0.0/30 is subnetted, 1 subnets

C 10.1.2.0 is directly connected, FastEthernet0/0

S* 0.0.0.0/0 [1/0] via 10.1.2.2

interface FastEthernet1/0

switchport access vlan 10

interface Vlan10

ip address 10.1.3.1 255.255.255.0

ip policy route-map 2R3

I have added the default route at R3

i think the route-map actually worked, the traffic from R4 will be checked by route-map before routing table thus it can reach R3, and R3 has a default route points at R1 and R1 can reach R4 wihtout problems. R3 has default route points at R1as well.

everything looks alright to me, but I still cannot make it work. I have been thinking this overnight still no clue. please help. much appreciated.

dannan lin · ‎07-08-2012

thanks for your reply j, i have added the default route at both R3 and R4 , but it didn't work . i have no idea. please help.

nkarthikeyan · ‎07-08-2012

Hi Dannan,

everything looks good for me....

you can add a static route in r3 like the below and check if this works....

ip route 10.1.3.0 255.255.255.0 10.1.2.2

dannan lin · ‎07-09-2012

hi: karthikeyan, i have added static default route on both R4 and R3.

R4:

S* 0.0.0.0/0 [1/0] via 10.1.3.1

R3:

S* 0.0.0.0/0 [1/0] via 10.1.2.2

it is not work as expected. i am still working on it. thanks for your reply.

nkarthikeyan · ‎07-09-2012

Hi Dannan,

i dont want you to have a default route... try with the static route specifying the destination subnet like the below on the R3

ip route 10.1.3.0 255.255.255.0 10.1.2.2

Pramod Thakuria · ‎07-08-2012

Hi Dannan,

There is no need to add static route on R3 and R4.

You can add a reverse route map on R1's interface fa0/1.

Try this...

Route Map:

route-map R2

match ip address test

set ip next-hop 10.1.3.1

ACL:

access-list 102 permit ip 20.20.20.0 0.0.0.255 10.1.3.0 0.0.0.255

nkarthikeyan · ‎07-09-2012

Hi Pramod,

Yes as u said you need a reverse route to achieve this.... its ebasy to have static route rather than policy based route.... both the things should work...

cadet alain · ‎07-09-2012

Hi,

Is the device you're doing PBR on a L3 switch or a router with a switching module ?

Is cdp enabled on this device and on the interface pointing towards next-hop ?

Regards.

Alain.

Don't forget to rate helpful posts.

dannan lin · ‎07-09-2012

hi cadet : i am doing PBR on a L3 switch and cdp disabled. does it matter? thanks for your reply.

cadet alain · ‎07-09-2012

Hi,

Yes of course because if you're using next-hop reachability without IP sla then cdp is used and if it is disabled then the next-hop is not available and it uses normal routing table.

Regards.

Alain.

Don't forget to rate helpful posts.

dannan lin · ‎07-09-2012

hi : thanks for all of your help, i finally got it work. the problem doesn't not appear to be with the configuration. it is something to do with the GN3 equipments i choosen.

the L3 switch does not work but Router with additional module works.but i have no idea why was that?

again much appreciate all your helps especially cadet, you gave me the hint.

dannan lin · ‎07-09-2012

hi pramod:

thank for your hint, i will definately try to add another RM to it. i will get back to you if it works. appreciate your help.