Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2081
Views
0
Helpful
16
Replies

The cisco switch routing challenge.

Go to solution
markkwong
Level 1
Level 1

‎08-02-2011 08:26 AM - edited ‎03-07-2019 01:30 AM

I would like to know if any one can device a solution for this challenge.

Rules of the game:  It must be solved using IOS configuration parameters.

Here is the challenge:

On any given CISCO IOS switches, make the switch send back the exact packet you have just sent, to and from the same physical port

Some people believe it is impossible to do that, but I would like to know if there are any one out there that can prove this theory wrong, can a Cisco switch be flexible enough to do that?

Mark

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to markkwong

‎08-02-2011 08:52 AM

Mark

I wasn't trying to win anything, simply answer your question

A 3560 is a L3 switch. However to run PBR (Policy Based Routing) you would need the IP Services feature set. Yes you could apply it on a fast ethernet port.

However i just chose PBR because it was the first thing that came to mind. You don't actually need PBR ie.

int fa0/1

ip address 192.168.5.1 255.255.255.0

no ip redirects

ip route 0.0.0.0 0.0.0.0 192.168.5.20

then from client 192.168.5.10 simply send a packet to the 3560 with a destination address that the 3560 knows nothing about. The packet will be received on the fa0/1 interface and then sent back out to 192.168.5.20 because that is the default route.

Note that both scenarios assume you have a switch connected to fa0/1 with a client attached to that switch with the IP address 192.168.5.10 and a default-gateway of 192.168.5.1.  And that there is another device connected to the same switch as 192.168.5.10 with an IP of 192.168.5.20.

Edit - no it does not modify the src or dst IP of the packet.

Jon

View solution in original post

0 Helpful
16 Replies 16

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎08-02-2011 08:35 AM

Mark

You don't say which type of switch it is. If it a L3 switch then that is fairly easy ie.

int gi0/1

no switchport

ip address 192.168.5.1 255.255.255.0

ip policy route-map RETURN

no ip redirects

access-list 101 permit ip host 192.168.5.10 host 195.20.1.1

route-map RETURN permit 10

match ip address  101

set ip next-hop 192.168.5.20 

the above simply redirects any traffic received on gi0/1 from host 192.168.5.10 to 195.20.1.1 back out the same interface to 192.168.5.20

If it is a L2 switch then no as far i know because switches are designed explicitly not to do this.

Jon

0 Helpful

Go to solution
markkwong
Level 1
Level 1
In response to Jon Marshall

‎08-02-2011 08:43 AM

Hi Jon

Thanks for your anwser, I'll have test this out first to see if you are the winner of this challenge.

What if it is a Cisco 3560? Also, does it have to use gi0/1 or can it also use etherfast 0/1?  I do not have Gigibit port installed.

Also, does it modify the src and dest of the packet when it is returning it? It has to be the exact same.

Mark

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to markkwong

‎08-02-2011 08:52 AM

Mark

I wasn't trying to win anything, simply answer your question

A 3560 is a L3 switch. However to run PBR (Policy Based Routing) you would need the IP Services feature set. Yes you could apply it on a fast ethernet port.

However i just chose PBR because it was the first thing that came to mind. You don't actually need PBR ie.

int fa0/1

ip address 192.168.5.1 255.255.255.0

no ip redirects

ip route 0.0.0.0 0.0.0.0 192.168.5.20

then from client 192.168.5.10 simply send a packet to the 3560 with a destination address that the 3560 knows nothing about. The packet will be received on the fa0/1 interface and then sent back out to 192.168.5.20 because that is the default route.

Note that both scenarios assume you have a switch connected to fa0/1 with a client attached to that switch with the IP address 192.168.5.10 and a default-gateway of 192.168.5.1.  And that there is another device connected to the same switch as 192.168.5.10 with an IP of 192.168.5.20.

Edit - no it does not modify the src or dst IP of the packet.

Jon

0 Helpful

Go to solution
markkwong
Level 1
Level 1
In response to Jon Marshall

‎08-24-2011 02:09 PM

Hi Jon,

I've finally got around to testing this out myself.  It turns out, to my surprise that the mac address is changed when the packet is routed back out the same port. 

For my situation, I also need the MAC to stay the same when the packet gets reversed back out.  The packet from MAC Layer to Data has to be the same.

Any idea or tricks you can apply to do this?

Thanks,

Mark

0 Helpful

Go to solution
markkwong
Level 1
Level 1
In response to markkwong

‎08-02-2011 09:23 AM

Hi Jon,

Well at least you win my respect for being a hall of famer! Deservely so.

Still, I would like to test it fully so this solution will be cemeted on the web.

To add to the question. what if i want it to broadcast it to other ports as well as the one that is connected?

Will let you know how it all turns out.

Thanks,

Mark

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to markkwong

‎08-02-2011 09:26 AM

Mark

I think when people say it is impossible they are referring to a L2 switch only and in that case i believe it is but you didn't specify which is why i used the example(s) i did.

Jon

0 Helpful

Go to solution
Marius Gunnerud
VIP
VIP
In response to Jon Marshall

‎08-03-2011 01:21 AM

As for a L2 switch would it not be possible to use the ip default-gateway x.x.x.x command?  Ok you are dependent on that the destination address of the packet isn't on the L2 switch itself, but if it is an unknown network it should send the packet back out the interface it came in on.

--
Please remember to select a correct answer and rate helpful posts
0 Helpful

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame
In response to markkwong

‎08-02-2011 11:36 PM 

To add to the question. what if i want it to broadcast it to other ports as well as the one that is connected?

All the question and the challenge sounds fitting for a hub than a switch to me.

0 Helpful

Go to solution
markkwong
Level 1
Level 1
In response to Leo Laohoo

‎08-03-2011 07:43 AM

Except that it isn't a hub, and thats where the challenge is.

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to markkwong

‎08-03-2011 04:48 AM

Mark

To add to the question. what if i want it to broadcast it to other ports as well as the one that is connected?

No, you can't do this because it is a routed port.

Jon

0 Helpful

Go to solution
markkwong
Level 1
Level 1
In response to Jon Marshall

‎08-03-2011 07:32 AM

What about multicast, let say in want it to also route it to fa 0/2 fa 0/4 and fa 0/5?  Possible?

Thanks,

Mark

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to markkwong

‎08-03-2011 07:45 AM

Mark

Why don't try testing it yourself. You would learn a lot about switches

Jon

0 Helpful

Go to solution
markkwong
Level 1
Level 1
In response to Jon Marshall

‎08-03-2011 07:47 AM

You're right, I think I'm starting to go overboard.  I'll test it out. Thanks for the answer.

But can you answer this yes or no question.  for the above?  Possible to multi-cast yes or no?  And I'll test it out.

Thanks very much for you answer you really surprise me with your patence!!

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to markkwong

‎08-03-2011 07:50 AM

Mark

Potentially yes, subject to the same conditions ie. the other ports could be routed ports and all ports connected to a L2 switch then yes it might work. I say might because i've never actually done it so it would need testing.

Jon

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card