You could do this with Policy

ericbkchng · ‎09-14-2016

Hi!

With reference to the attached diagram, let's say I have 2 separate organizations (let's call them Section A and Section B) residing in separate buildings within the same campus. The core switches (6807 with Sup2T) are in a VSS configuration.

My question is, if I want to achieve this:

- Section A users (belonging to a set of VLANs) use only the ISP A link to access the Internet

- Section B users (belonging to another set of VLANs) use only the ISP B link to access the Internet

- The VLAN SVIs all terminate on the core switch

How should I configure the routing so that I can achieve the above, and avoid assymetric routing? Off the top of my head, I was thinking of using VRFs such that Section A users see only Router A (linked to ISP A), and Section B users see only Router B (linked to ISP B), but I was wondering if there is a better way of doing this.

Thanks so much for your help!

S-Lemming · ‎09-16-2016

You could do this with Policy Based Routing.

For instance, you have a default route to ISP A, and want subnets x and y to use ISP B. Set up a Route map to match the source IP subnets for x and y and set next-hop address to ISP B. All other traffic will use ISP A.

Hope this helps.

Internet access for 2 separate groups of users via 2 separate ISP links from a pair of core switches in VSS?