cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
740
Views
0
Helpful
8
Replies

set next-hop for vlan

ino
Level 1
Level 1

how can i set the next-hop for a vlan? this is for local traffic from the router it self like ping trace sla ...

the router has a default gateway over a build in cellular lte connection

so ping 8.8.8.8 will go  like --> lte - 8.8.8.8 

vlan 123 (10.0.0.2) is directly connected to 10.0.0.1 an other router wich has also internet access 

if i try to ping 8.8.8.8 by specifying the interface vlan 123 i can not ping 8.8.8.8

unless i set  ip route 8.8.8.8 255.255.255.255 10.0.0.1

but that means ALL pings to 8.8.8.8 will use 10.0.0.1 now

i probably could do it with some pbr but is there no more direct way?

 

 

 

 

1 Accepted Solution

Accepted Solutions

I dont fully get your requirement but 
there are two 
if you want to use PBR for only router generate traffic then you can use local PBR as link below 
or 
you can use IP SLA and use static route for destination with keyword "permanent" 
this make IP SLA always use cellular path and if it down then IP SLA will also up-> down change.

https://www.grandmetric.com/knowledge-base/design_and_configure/how-to-configure-policy-based-routing-for-localy-generated-traffic-cisco/#:~:text=Local%20policy%20based%20routing%20in,same%20flexibility%20as%20normal%20PBR.

 

View solution in original post

8 Replies 8

ammahend
VIP
VIP

I think PBR would be the way to do, here is a good example.

https://community.cisco.com/t5/switching/source-based-routing/td-p/1326773

-hope this helps-

can I see last config ?

ino
Level 1
Level 1
interface GigabitEthernet0/1/3
 switchport access vlan 11
 switchport mode access
!
interface Cellular0/2/0
 description LTE
 ip ddns update control
 ip address negotiated
 ip nat outside
 ip access-group VPN in
 load-interval 30
 history BPS all
 dialer in-band
 dialer watch-group 1
 pulse-time 1
 ip virtual-reassembly
 ip virtual-reassembly-out
!
interface Vlan11
 ip address 10.0.1.2 255.255.255.0
 ip nat inside
!
track 1 ip sla 1 reachability
ip sla 1
 icmp-echo 1.1.1.1 source-interface Vlan11
ip sla schedule 1 life forever start-time now
!
ip nat inside source list NAT interface Cellular0/2/0 overload
ip route 0.0.0.0 0.0.0.0 Cellular0/2/0

this should be the relevant part of the config

if i put "ip route 1.1.1.1 255.255.255.255 10.0.1.1" in to the config it works "sla up" but that means ALL pings / traffic to 1.1.1.1 will go through 10.0.1.1

if i put a rule in to the "NAT" it works but that means it tests cellular and not 10.0.1.1

 

 

 

so you have two path 
cellular and VLAN 11 
so you need both to config as IP NAT OUTSIDE 
also you need 
ip route x.x.x.x VLAN11 track 
ip route x.x.x.x cellular 200 <<- high AD 

ino
Level 1
Level 1

the internal cellular is not used in the moment only for vpn connections there is no nat on it currently 

vlan 11 is working as it is (nat inside) behind it is an other router what is doing the nat so no need for nat

what i trying to figure out is how i can "route" internal traffic from the device/router it self eg. sla, ping ...

how could i test with sla if i can reach 8.8.8.8 over vlan 1,2,3...

i can test if i can reach the next hop eg. the device which is connected to the vlan 1,2,3...

but i dont know how to test if i can reach 8.8.8.8 through this route / next-hop 

because i dont know how i can tell the router what gateway to use when i try 

icmp-echo 1.1.1.1 source-interface Vlan11

its just times out as it doesnt know that the next-op is 10.0.1.1 (locally vlan 11 is 10.0.1.2) 

if i set ip route 8.8.8.8 255.255.255.255 10.0.1.1 then it would work for ONE vlan 

but lest assume i also want to test vlan 22 which has next-hop 10.0.2.1 and vlan 22 is locally 10.0.2.2 

i would need 

ip route 8.8.8.8 255.255.255.255 10.0.1.1

ip route 8.8.8.8 255.255.255.255 10.0.2.1

at the same time not tried it but even if one would not over write the other i would expect a round robin 

 

 

 

 

I dont fully get your requirement but 
there are two 
if you want to use PBR for only router generate traffic then you can use local PBR as link below 
or 
you can use IP SLA and use static route for destination with keyword "permanent" 
this make IP SLA always use cellular path and if it down then IP SLA will also up-> down change.

https://www.grandmetric.com/knowledge-base/design_and_configure/how-to-configure-policy-based-routing-for-localy-generated-traffic-cisco/#:~:text=Local%20policy%20based%20routing%20in,same%20flexibility%20as%20normal%20PBR.

 

ino
Level 1
Level 1

thank you

ip local policy route-map XXX

thats what i was looking for

You are so so welcome 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco