Solved: Re: set next-hop for vlan

ino · ‎09-26-2022

how can i set the next-hop for a vlan? this is for local traffic from the router it self like ping trace sla ...

the router has a default gateway over a build in cellular lte connection

so ping 8.8.8.8 will go like --> lte - 8.8.8.8

vlan 123 (10.0.0.2) is directly connected to 10.0.0.1 an other router wich has also internet access

if i try to ping 8.8.8.8 by specifying the interface vlan 123 i can not ping 8.8.8.8

unless i set ip route 8.8.8.8 255.255.255.255 10.0.0.1

but that means ALL pings to 8.8.8.8 will use 10.0.0.1 now

i probably could do it with some pbr but is there no more direct way?

MHM Cisco World · ‎09-27-2022

I dont fully get your requirement but
there are two
if you want to use PBR for only router generate traffic then you can use local PBR as link below
or
you can use IP SLA and use static route for destination with keyword "permanent"
this make IP SLA always use cellular path and if it down then IP SLA will also up-> down change.

https://www.grandmetric.com/knowledge-base/design_and_configure/how-to-configure-policy-based-routing-for-localy-generated-traffic-cisco/#:~:text=Local%20policy%20based%20routing%20in,same%20flexibility%20as%20normal%20PBR.

View solution in original post

ammahend · ‎09-26-2022

I think PBR would be the way to do, here is a good example.

https://community.cisco.com/t5/switching/source-based-routing/td-p/1326773

-hope this helps-

MHM Cisco World · ‎09-27-2022

can I see last config ?

ino · ‎09-27-2022

interface GigabitEthernet0/1/3
 switchport access vlan 11
 switchport mode access
!
interface Cellular0/2/0
 description LTE
 ip ddns update control
 ip address negotiated
 ip nat outside
 ip access-group VPN in
 load-interval 30
 history BPS all
 dialer in-band
 dialer watch-group 1
 pulse-time 1
 ip virtual-reassembly
 ip virtual-reassembly-out
!
interface Vlan11
 ip address 10.0.1.2 255.255.255.0
 ip nat inside
!
track 1 ip sla 1 reachability
ip sla 1
 icmp-echo 1.1.1.1 source-interface Vlan11
ip sla schedule 1 life forever start-time now
!
ip nat inside source list NAT interface Cellular0/2/0 overload
ip route 0.0.0.0 0.0.0.0 Cellular0/2/0

this should be the relevant part of the config

if i put "ip route 1.1.1.1 255.255.255.255 10.0.1.1" in to the config it works "sla up" but that means ALL pings / traffic to 1.1.1.1 will go through 10.0.1.1

if i put a rule in to the "NAT" it works but that means it tests cellular and not 10.0.1.1

MHM Cisco World · ‎09-27-2022

so you have two path
cellular and VLAN 11
so you need both to config as IP NAT OUTSIDE
also you need
ip route x.x.x.x VLAN11 track
ip route x.x.x.x cellular 200 <<- high AD

ino · ‎09-27-2022

the internal cellular is not used in the moment only for vpn connections there is no nat on it currently

vlan 11 is working as it is (nat inside) behind it is an other router what is doing the nat so no need for nat

what i trying to figure out is how i can "route" internal traffic from the device/router it self eg. sla, ping ...

how could i test with sla if i can reach 8.8.8.8 over vlan 1,2,3...

i can test if i can reach the next hop eg. the device which is connected to the vlan 1,2,3...

but i dont know how to test if i can reach 8.8.8.8 through this route / next-hop

because i dont know how i can tell the router what gateway to use when i try

icmp-echo 1.1.1.1 source-interface Vlan11

its just times out as it doesnt know that the next-op is 10.0.1.1 (locally vlan 11 is 10.0.1.2)

if i set ip route 8.8.8.8 255.255.255.255 10.0.1.1 then it would work for ONE vlan

but lest assume i also want to test vlan 22 which has next-hop 10.0.2.1 and vlan 22 is locally 10.0.2.2

i would need

ip route 8.8.8.8 255.255.255.255 10.0.1.1

ip route 8.8.8.8 255.255.255.255 10.0.2.1

at the same time not tried it but even if one would not over write the other i would expect a round robin

MHM Cisco World · ‎09-27-2022

I dont fully get your requirement but
there are two
if you want to use PBR for only router generate traffic then you can use local PBR as link below
or
you can use IP SLA and use static route for destination with keyword "permanent"
this make IP SLA always use cellular path and if it down then IP SLA will also up-> down change.

https://www.grandmetric.com/knowledge-base/design_and_configure/how-to-configure-policy-based-routing-for-localy-generated-traffic-cisco/#:~:text=Local%20policy%20based%20routing%20in,same%20flexibility%20as%20normal%20PBR.

ino · ‎09-27-2022

thank you

ip local policy route-map XXX

thats what i was looking for

MHM Cisco World · ‎09-27-2022

You are so so welcome