I am trying someting similar please see my config I need help routing the traffic for the 50.196.73 network on Vlan4 out Vlan3..

interface Vlan3

ip address 50.196.73.157 255.255.255.248

ip policy route-map pbr

!

interface Vlan4

ip address 50.196.73.150 255.255.255.248

!

access-list 10 permit 50.196.73.152 0.0.0.7

route-map pbr permit 10

match ip address 10

set ip next-hop 50.196.73.158

Hi,

The PBR policy must be applied on the ingress interface so VLAN4 here and not VLAN3

Regards

Alain

Don't forget to rate helpful posts.

Thnank you sir so now I have is this correct I will test but i beleive I tried earlier today with no luck the gateway for the machines on VLAN4 is 50.196.73.150

interface Vlan3

ip address 50.196.73.157 255.255.255.248

!

interface Vlan4

ip address 50.196.73.150 255.255.255.248

ip policy route-map pbr

!

!

access-list 10 permit 50.196.73.144 0.0.0.7

route-map pbr permit 10

match ip address 10

set ip next-hop 50.196.73.158

You have changed the subnet in your ACL from 50.196.73.152 to 50.196.73.144. Unfortunately no host connected to vlan 4 will match the new subnet in the ACL and your PBR will not be effective.

If you use the original ACL then PBR should work.

HTH

Rick

Thank you sir but   interface Vlan4 ip address 50.196.73.150 255.255.255.248   is in network 50.196.73.144  the space is from 50.196.73.144-50.196.73.151 usable 50.193.73.145-50.196.73.150  so wouldn;t the ACL be correct?

Indeed you are correct and your ACL and the PBR should work. I was doing the math for the subnets and the masking of the ACL in my head and got confused. I apologize for that.

HTH

Rick

I was afraid I was right since it does not work :(  any ideas? Below is a small list of config VLan 2 seems to pass to Vlan 1 and out default Gateway however I am attempting to route Vlan4 out Vlan3 using gateway 50.198.250.158   interface Vlan1  ip address 50.198.250.125 255.255.255.248  ip access-group 150 in  no ip redirects ! interface Vlan2  ip address 50.198.250.118 255.255.255.248   interface Vlan3  ip address 50.196.73.157 255.255.255.248 ! interface Vlan4  ip address 50.196.73.150 255.255.255.248  ip policy route-map pbr ! ip default-gateway 50.198.250.126 ip classless ip route 0.0.0.0 0.0.0.0 50.198.250.126 ip http server ip http secure-server ! ! access-list 10 permit 50.196.73.144 0.0.0.7  route-map pbr permit 10  match ip address 10  set ip next-hop 50.196.73.158 !

Fernando

I am not sure why your PBR is not working and so am not sure that any of my suggestions will fix it, but I do have some suggestions that you might try.

1) Most of my experience with PBR has used extended access lists in the route map. Logically I would think that your standard access list should work. But my first suggestion is to change your access list and create an extended access list and use the extended access list in the route map.

2) Going back to the idea of using a standard access list, since you want all traffic arriving on that VLAN interface to be routed out VLAN 3 I suggest that you change the access list to something like this

access-list 10 permit any

3) Getting around possible issues with the access list, since you want all traffic arriving on that interface routed out vlan 3 I would suggest try removing the match ip address statement from the route map. So the route map would have a set statement but no match statement.

Give these a try and let us know if any of them help.

HTH

Rick

ok here is the latest made changes but nothing here is current config of interfaces in question..  interface Vlan3  ip address 50.196.73.157 255.255.255.248 ! interface Vlan4  ip address 50.196.73.150 255.255.255.248  ip policy route-map comcast2  ip access-list extended acl-pbr  permit ip any any    route-map comcast2 permit 10  match ip address acl-pbr  set ip next-hop 50.196.73.158   Do you have a sample config that works?  Also I am running ios ver.. c3550-ipservicesk9-mz.122-44.SE6.bin

I also tested by removing the match ip address statement and nothing