Hello,

The switch itself can be as a L3 switch.

And I think need enable "ip routing" as well?

so what should be correct config for PBR?

----------------------------------------------------------

!

ip routing

!

interface Vlan10
ip address 10.1.1.1 255.255.255.0

no shutdown

!
interface Vlan20
ip address 10.1.2.1 255.255.255.0

no shutdown

!
ip route 0.0.0.0 0.0.0.0 192.168.3.1

!

----------------------------------------

Thanks!

Hi Machi,

Yes, that is correct, but take in consideration you need to create the vlan, assign it to an access port or under a trunk in order to enable the SVI:

vlan 10

int g1/0/1
switchport access vlan 10
switchport mode access 

or 

int g1/0/1
switchport trunk encapsulation dot1q (some switches have it implicit)
switchport mode trunk.

Now, the default route is used if you are going to know everything through a specific neighbor, take in consideration that if you are going to point to the IP 192.168.3.1 as next hop, you should have a SVI with one IP of the same network segment, it will work like a point to point between routers:

So your config could be:

vlan 30

inter vlan 30
ip address 192.168.3.2 255.255.255.252
no shut

interface g1/0/2
description P2P-TO-DEVICE-X
switchport access vlan 30
switchport mode access

ip route 0.0.0.0 0.0.0.0 192.168.3.1

I would like to mention tha the multilayer switches has the capability to convert layer 2 switches to layer 3, it can be completed using

interface g1/0/3
no switchport
ip address 192.168.3.2 255.255.255.252
no shutdown

And example of PBR is:

*Imagine you have 2 routers connected to the switch, a primary router and backup, you could use the PBR to manipulate the traffic to go through the backup router. 

access-list 100 permit tcp 10.1.1.0 0.0.0.255 any


route-map 100traffic permit 100
match ip address 100
set ip next-hop 192.168.3.1

interface vlan10
ip policy route-map 100traffic

Hope it is useful

:-)