This what I though.

I attached a mini attachment of the config file,

ISPA == Int gig2/48

ISAB == int gig6/48

on Int gig6/48 I have to allow VLAN 413 ( 10.34.13.0/24) traffic.

But when I do a traceroute from an port configure as VLAN 413, the path go through ISP A, dispite VLAN 413 is not allowed on int gig2/48

Hi Timothy

How did you verify that Traffic is going over ISPA and not ISPB as these are L2 Links and Vlan 413 is passed as L2 from Location A to B so we can not see via traceroute that which link whether ISPA or ISP B is being followed.

I am not seeing any L3 configuration for VLAN 413 on the Ridgeview_Core in your configs. Can you explain in more detail of the VLAN 413 traffic flow and overall traffic requirement. I believe the config shared is partial only.

Regards

Varma

Thanks , I attached a more detailed config file, as you can see interface gig5/2 is the uplink from 2nd floor, and in the 2rd floor is where VLAN 413 ( 10.34.13.0 /24) network is defined.

We have two Sites  Site_A  & Site_B

This attached core is at site_A

from the 2rd floor access_layer switch, I connect on a Vlan_413 port, received correct IP address and when I do a tracert 10.13.50.8 ( a server at Site_B), the traffic path from Site_A goes from the 2nd_floor_switch --to -- the Core--- and

through (Vlan 592, gig2/48) instead through ( VLAN_680, gig 6/48).

Interface Gig2/48 and Gig6/48 respectively are connected the ISP_A & ISP_B switches.

That is how I know, the traffic fron VLAN_413 is going through the path, it suppose to follow.

ThanKs

Hi Timothy

Thansk for explaining the traffic flow and providing detailed config. So to summarize the LAN User at Site A on the 2nd Floor belong to Subnet 10.34.13.0/24 are trying to access a Server at Site B in the Subnet 10.13.50.8 .

Now these are different L3 segments and we have two routing paths available for sending traffic from Site A to Site B ie via ISPA and ISPB and we are running EIGRP as RP.

Seeing the Int VLAN config the EIGRP metrics are default for both links and so ideally we would be having two equal cost routes in RT for destination Server. If thats the case per-destination Load-Balancing might be happening sending traffic over 1 ISP Link only for the same Source-Destination Pair.

Can you share the output of "sh ip route 10.13.50.8"

Also now looking at the full setup PBR is possible here and you can bind a policy map on the SVI 413 to set the next-hop as the desired ISP.

On a side note we need not pass the VLAN 413 over the Gi6/48 as we are terminating the VLAN 413 on the Site-A Core Itself. I believe the GW for the 2nd Floor LAN users is the Core Router at Site A only ie 10.34.13.1

Time to hit bed..way too late...Will catch up back on this tomorrow. Have a great day ahead...

Regards

Varma

Thanks for the help so far, we getting their.

More Clarification: On 2nd floor network are 5 vlans ( voice1, voice-sign,data1 ...,data3).  Data3 is (vlan413 10.34.13.0/24), we want only network 10.34.13.0 to go thru ISP_B.

ISP_A ( century_link) say's we hand off our traffic to them as a layer2 but the perform layer 3 routing of our traffic within the network.

ISP_B ( Comcast) say their hands off to us is purely layer2.

Also the IP 10.13.50.8 is a fiticious, the correct is 10.2.7.1

Attached file ( prbv2.txt) will show from my laptop, the tracert to 10.2.7.1 from the 2nd-floor switch, show the traffic went

through vlan 592 (192.168.192.1) instead vlan 680 (192.168.65.1)

Also see the "ip route 10.2.7.1"

Hi Timothy

If we need to send the Traffic Sourced from Data3 ( 10.34.13.0/24) towards 10.2.7.1 using Comcast L2 Link the solution is to do PBR on Vlan 413 at Core_212 as explained above.

Why the route for 10.2.7.1 is only learnt via Vlan592. Do you have an EIGRP neighbourship up for Vlan680.

First we need to make sure that there is L3 connectivity between Core_212 and Other Location using Comcast Link over Vlan 680 and we can ping remote end IP.

If the remote end Vlan680 is connected via Comacst L2 link all we need is the below commands to help us out:

route-map PBR permit 10

match ip address 10

set ip next-hop 192.168.65.X ( IP at remote end for Vlan680)

!

access-list 10 permit 10.34.13.0 0.0.0.255

!

int vlan413

ip policy route-map PBR

Hope this helps to solve our requirement

Regards

Varma

Thanks so much, that was what I am thinking of.

See attached file Site_B, it's the core script down config file.

Do I have to add a static route " ip route 10.34.13.0 255.255.255.0 192.168.65.1" in site_B. to force traffic from site_B to 10.34.13.0/24 to follow the Comcast link ?

We can ping the core_site_b comcast interface ( 192.168.65.2)

Thanks