mdaTRammer
asked on
Which Route Map Takes Precedence?
Hello,
I do not understand how to accomplish what seems to be a simple task.
Our network was setup so that VOIP traffic was automatically routed around the firewall and DATA traffic goes through the firewall. Pretty simple.
This was accomplished by creating a Route Map for voice traffic coming from the various vlans. For example:
access-list 110 permit ip 192.168.0.0 0.0.255.255 any
access-list 110 permit ip any 192.168.0.0 0.0.255.255
access-list 110 remark Access List for Policy Route for Voice
route-map IT-VOICE permit 10
match ip address 110
set ip next-hop 202.225.XXX.XXX
Now I am in a situation that I need to create a new DATA vlan with an address of 192.168.40.0. I need this address to take a different next-hop than the VOICE . Would this do it?
access-list 120 permit ip 192.168.40.0 0.255.255.255 any
access-list 120 permit ip any 192.168.40.0 0.255.255.255
access-list 120 remark Access List for Policy Route New Servers
route-map IT-NEW permit 20
match ip address 120
set ip next-hop 123.225.XXX.XXX
I just don’t know if the first route map policy would “Overrule” the more granular map policy.
Sadly, I do not have a test environment, otherwise I would just try it.
Thanks in advance.
I do not understand how to accomplish what seems to be a simple task.
Our network was setup so that VOIP traffic was automatically routed around the firewall and DATA traffic goes through the firewall. Pretty simple.
This was accomplished by creating a Route Map for voice traffic coming from the various vlans. For example:
access-list 110 permit ip 192.168.0.0 0.0.255.255 any
access-list 110 permit ip any 192.168.0.0 0.0.255.255
access-list 110 remark Access List for Policy Route for Voice
route-map IT-VOICE permit 10
match ip address 110
set ip next-hop 202.225.XXX.XXX
Now I am in a situation that I need to create a new DATA vlan with an address of 192.168.40.0. I need this address to take a different next-hop than the VOICE . Would this do it?
access-list 120 permit ip 192.168.40.0 0.255.255.255 any
access-list 120 permit ip any 192.168.40.0 0.255.255.255
access-list 120 remark Access List for Policy Route New Servers
route-map IT-NEW permit 20
match ip address 120
set ip next-hop 123.225.XXX.XXX
I just don’t know if the first route map policy would “Overrule” the more granular map policy.
Sadly, I do not have a test environment, otherwise I would just try it.
Thanks in advance.
ASKER
Ah, I see. So If I put the IT-NEW at 10 and IT-VOICE at 20, the traffic should go where I want it to?
Thanks.
Thanks.
That should work. Start with the most granular map and work your way down to the most global. That should do the trick.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks to all who helped me to understand the concept.
Some reading: http://www.cisco.com/en/US/docs/ios/12_2/qos/configuration/guide/qcfpbr_ps1835_TSD_Products_Configuration_Guide_Chapter.html