Showing results for 
Search instead for 
Did you mean: 
Join Customer Connection to register!

Policy based routing to host in same vlan/subnet

Hello i have nexus 7k that i have a policy based routing setup as follows for 2 vlans, 802 and 803, to set default route out to a host in vlan 802. i have applied my policy to the vlans and everything works fine for a host in vlan 803, it routes over and out properly. However when im in vlan 802 my host traffic never gets to when pointed at the gateway I can see the pbr statistics incrementing indicating that i am initially hitting the policy but im not sure where my traffic goes after that. I can talk to .237 direct in the vlan but i would like this to work through pbr to utilize all of my other routes and default gateway.

vlans 802

ip policy route-map West

vlan 803

ip policy route-map West

route-map West permit 10

  match vlan 802-803

  set ip default next-hop

Im thinking there is some kind of hairpinning problem or maybe im creating some kind of blackhole.

any help is appreciated.

thanks, scott

Jon Marshall
VIP Community Legend


If the destination IP is in the same subnet as source IP then it won't be routed it will be L2 switched so it would never use the default gateway ie.

src IP

dst IP

src compares it's own IP with it's subnet mask and sees it is on the 172.21.1.x network. src then compares the destination IP with it's own subnet mask and sees it is also on the 172.21.1.x network so it simply arps out for that address and when it gets the mac address it sends it direct to the destination. It would only use the default gateway if the destination IP was on a different network.

So i don't see how you will be able to do this and i'm not sure why you are seeing hits in your PBR acl for the host in the 172.21.1.x network.

Edit - what exactly do you mean when you say -

However when im in vlan 802 my host traffic never gets to when pointed at the gateway

How are you doing this ie. pointing it to the default gateway because as i say it should always be able to communicate with as it is in the same subnet.


Thanks Jon ,

I could see this being the case when destination is, however this is routing to internet so default gateway is used, hits pbr, then seems to vanish....I would think it would hit pbr then send back to any other default route.



That makes more sense.

I have done what you are trying to do with a router using IOS 12.4 but i have also seen problems with people trying to do in on L3 switches. In theory it should work fine but on some switches it just doesn't seem to work.

I'm not familiar with Nexus switches but is there any sort of debugging you can run to see exactly what the policy routing is doing ?


Hi Scott,

As your PBR redirection for VLAN 802, the next-hop is part of the same subnet.  Try to configure something like " ip route-cache policy" and "ip route-cache same-interface" on vlan802 SVI

Let me know if it helps.