Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
18139
Views
20
Helpful
8
Replies

Source based routing in Cisco Layer 3 ?

ribin.jones
Level 1
Level 1

‎04-22-2010 04:04 AM - edited ‎03-06-2019 10:44 AM

Hi,

In my set up, I have a Cisco 3560 Layer 3 switch in which I have created 4 vlans (say 192.168.1.0/24, 192.168.2.0/24, 192.168.3.0/24, 192.168.4.0/24) and above that I have 2 Cisco routers (say A and B). In my current setup, by default, all traffic goes to my Cisco A through my Linux gateway. Is it possible for me to do source based routing in my Layer 3? I would like to route traffic from one particular vlan alone (say 192.168.3.0/24 vlan) or one particular host from a vlan to my router B. How can I do this otherwise if I can't do source based routing...

Any help greatly appreciated...

Regards,

Ribin Jones S.B

Labels:
0 Helpful
8 Replies 8

KARUPPUCHAMY MALAIYANDI
Level 4
Level 4

‎04-22-2010 04:17 AM

Hi,

Yes.It is possible by configuring "policy based routing" in your L3.

Sample Config on L3:


access-list 1 permit ip 

access-list 2 permit ip 

 

route-map net_access permit 10
 match ip address 1
 set ip default next-hop 
route-map net_access permit 20
 match ip address 2
 set ip default next-hop


interface fa0/0/0

ip policy route-map net_access

Thanks
Karuppu

ycae
Level 1
Level 1

‎04-22-2010 04:17 AM

Hi,

You can work with route-maps.

first you create an access-list which matches for example the source network you want to router B

then you create a route-map which specifies what access-list to use and what would be the next hop for these ip addresses.

the third step, you apply your route map to the concerned interface.

http://www.cisco.com/en/US/docs/ios/12_2/iproute/command/reference/1rfindp2.html#wp1044142

Yves

0 Helpful

kerek
Level 4
Level 4
In response to ycae

‎04-22-2010 04:25 AM

Hi,

One more thing to be considered as well is the sdm mode you are using.

As I know PBR available only in routing sdm ("sdm prefer routing" global config command and requires reboot) and it is not the default.

I have run into this on 3560E while trying to configure PBR so don't be surprised if you get error messages when you try to apply the pbr in the interface.

Hope it helps, rate if does

Krisztian

Jon Marshall
Hall of Fame
Hall of Fame

‎04-22-2010 04:44 AM

One final point. You need the IPServices image on your switch to support PBR. IP Base will not work.

Jon

ribin.jones
Level 1
Level 1
In response to Jon Marshall

‎04-22-2010 05:18 AM

Thanks for all the replies...I will try it out and get back to you guys..

Thanks again,

Ribin

0 Helpful

ribin.jones
Level 1
Level 1
In response to ribin.jones

‎06-03-2010 04:45 AM

hi,

Which interface I shoula pply the route map?

In my setup, port 17 is the one connecting the two routers A and B. So, I tried applying this in the inerface fastEthernet 0/17.

But I get this error.

Switch3560(config-if)#ip policy route-map net_access
                         ^
% Invalid input detected at '^' marker.

Below is my route map and the ACL.

access-list 1 permit 192.168.26.64 0.0.0.255
route-map net_access permit 10
match ip address 1
set ip default next-hop 192.168.50.3

I want traffic from the host 192.168.26.64 to go through router 192.168.50.3.

Thanks,

Ribin

0 Helpful

Hitesh Vinzoda
Level 4
Level 4
In response to ribin.jones

‎06-03-2010 04:58 AM

Hi,

The default gateway for the host seems to be interface vlan's so apply the policy on vlan interfaces...

e.g.

Int vlan 10

ip policy route-map net_access

HTH

Hitesh Vinzoda

Please rate useful posts

0 Helpful

ribin.jones
Level 1
Level 1
In response to Hitesh Vinzoda

‎06-03-2010 07:40 AM

i am not able to apply the route-map in the vlan interface. Seems there is no such command under vlan. Below are my options coming up under vlan.

Switch3560(config)#interface vlan 50

Switch3560(config-if)#ip ?
Interface IP configuration subcommands:
  access-group        Specify access control for packets
  accounting          Enable IP accounting on this interface
  address             Set the IP address of an interface
  admission           Apply Network Admission Control
  authentication      authentication subcommands
  bandwidth-percent   Set EIGRP bandwidth limit
  broadcast-address   Set the broadcast address of an interface
  cef                 Cisco Express Forwarding interface commands
  dhcp                Configure DHCP parameters for this interface
  directed-broadcast  Enable forwarding of directed broadcasts
  hello-interval      Configures IP-EIGRP hello interval
  helper-address      Specify a destination address for UDP broadcasts
  hold-time           Configures IP-EIGRP hold time
  information-reply   Enable sending ICMP Information Reply messages
  irdp                ICMP Router Discovery Protocol
  load-sharing        Style of load sharing
  local-proxy-arp     Enable local-proxy ARP
  mask-reply          Enable sending ICMP Mask Reply messages
  next-hop-self       Configures IP-EIGRP next-hop-self
  probe               Enable HP Probe support
  proxy-arp           Enable proxy ARP
  rarp-server         Enable RARP server for static arp entries
  redirects           Enable sending ICMP Redirect messages
  rip                 Router Information Protocol
  route-cache         Enable fast-switching cache for outgoing packets
  security            DDN IP Security Option
  split-horizon       Perform split horizon
  summary-address     Perform address summarization
  unnumbered          Enable IP processing without an explicit address
  unreachables        Enable sending ICMP Unreachable messages
  vrf                 VPN Routing/Forwarding parameters on the interface

Switch3560(config-if)#ip po
Switch3560(config-if)#ip policy route-map net_access
                          ^
% Invalid input detected at '^' marker.

0 Helpful
Customers Also Viewed These Support Documents
Top