Solved: Hi

MJ.Khaani · ‎06-10-2016

Hi.

I have Cisco 3750G with IP Service k9-mz.150-2.SE4 IOS. In my network i have 4 VLan with 4 internet gateways. I define 4 static route for each gateways and with PBR for matching this static routes. If i use "set ip next-hop" all the traffic goes through the specific gateway an interVlan routing is not working (I need interVlan routing because clients in different Vlans must see each other), and if i use "set ip default next-hop", i was unable to assigned it to Vlan (Route-map lan14 not supported for Policy-Based Routing).

SDM template is on routing an ip routing is enabled.

here is my config for 2 of these Vlans:

interface Vlan7
ip address 192.168.7.254 255.255.255.0
ip access-group 107 in
!
interface Vlan14
ip address 192.168.14.254 255.255.255.0
ip access-group 114 in
!
ip http server
ip http secure-server
!
!
ip route 0.0.0.0 0.0.0.0 192.168.70.254
ip route 0.0.0.0 0.0.0.0 192.168.140.254
!
access-list 107 permit udp any eq bootpc any eq bootps
access-list 107 permit ip 192.168.7.0 0.0.0.255 any

access-list 114 permit udp any eq bootpc any eq bootps
access-list 114 permit ip 192.168.14.0 0.0.0.255 any

route-map lan7 permit 10
match ip address 107
set ip next-hop 192.168.70.254
!

route-map lan14 permit 10
match ip address 114
set ip next-hop 192.168.140.254

!

Where is my mistake in config?

Please help me, I'm stuck here almost for three weeks.

Francesco Molino · ‎06-10-2016

Hi

You created 2 route-map to set next-hop for some traffic classified with an acl.

If you want to manager all other traffic you need to create an empty instance of your route-map

Example:

route-map lan7 permit 10

match.....

route-map lan7 permit 20 ==> add this instance and leave it empty. You'll tell to the switch/router that it has to keep other traffic but nothing to apply.

Hope this clear.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

Francesco Molino · ‎06-10-2016

Hi

You created 2 route-map to set next-hop for some traffic classified with an acl.

If you want to manager all other traffic you need to create an empty instance of your route-map

Example:

route-map lan7 permit 10

match.....

route-map lan7 permit 20 ==> add this instance and leave it empty. You'll tell to the switch/router that it has to keep other traffic but nothing to apply.

Hope this clear.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

MJ.Khaani · ‎06-10-2016

Hi.

Thanks for reply.

I will check it tomorrow and let you know the result.

Francesco Molino · ‎06-10-2016

Ok. And I'm re-reading your post and also the configuration of PBR is not correct under L3 interfaces like Carlos said

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Carlos Villagran · ‎06-10-2016

Hi!

PBR is not even being applied in any of the SVIs, configuration should be like this:

interface Vlan7
ip address 192.168.7.254 255.255.255.0
ip policy route-map lan7
!
interface Vlan14
ip address 192.168.14.254 255.255.255.0
ip policy route-map lan14

Have a nice day, best regards!

JC

MJ.Khaani · ‎06-11-2016

Hi.

Thanks for reply.

I was applying PBR to SVIs, But without default next-hop all the traffic (InterVlan Routing) goes through the route-map and when i set next-hop with default i was unable to assigned with this error UNSUPPORTED_PBR-3 pbr can't be assigned to vlan interface

MJ.Khaani

Carlos Villagran · ‎06-11-2016

Hi MJ!

Please refer to the following links for the guidelines you have to follow in order to use PBR in your switch:

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/12-2_55_se/configuration/guide/3750xscg/swiprout.html#wp1228588

Please put special interest in this guideline and confirm you have your SDM template as routing :

To use PBR, you must first enable the routing template by using the sdm prefer routing global configuration command. PBR is not supported with the VLAN or default template. For more information on the SDM templates, see Chapter8, “Configuring SDM Templates”

Please let me know if you still have problems applying PBR.

Hope it helps, best regards!

JC

MJ.Khaani · ‎06-11-2016

Hi Carlos!

Thanks for reply.

SDM template must be on rounting to use PBR on VLAN.

The first answer fixed my problem with InterVlan thanks to supportlan.

MJ.Khaani

Carlos Villagran · ‎06-12-2016

Ok sir,

However be aware that applying the solution you were given will only cause disastrous results to your switch.

Regards.

Francesco Molino · ‎06-12-2016

Hi guys,

I'm sorry but as I said 2 days ago, I've missed the issue that Carlos pointed out when I was reading the post through my mobile.

What I said 2 days ago, was: For sure the configuration of PBR under L3 is bad. You need to use the command ip policy route-map.

Without this command, you are not doing PBR but a workaround that can cause some issues.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

[SOLVED] Problem with PBR and InterVLAN routing