?
Solved

Cisco Policy Based Routing on Switch 2960G

Posted on 2014-09-08
3
Medium Priority
?
887 Views
Last Modified: 2014-09-08
hi
I have managed to configure my Cisco 2960G with IP routing
I am trying to implement policy based routing. I have 3 VLANs and I want them to be able to all talk, but use three different internet connections.

I have been trying to use Access Lists and route-maps

I think i need to apply my policy map to the vlan interface but it work work. (incomplete command)
if I put a default route, all vlans get internet access so it looks like the PBR isn't working

interface Vlan1
 description Native Vlan
 ip address 192.168.0.5 255.255.255.0
!
interface Vlan10
 description "VLAN 10"
 ip address 192.168.1.1 255.255.255.0
 ip helper-address 192.168.0.10
!
interface Vlan20
 description "VLAN 20"
 ip address 192.168.2.1 255.255.255.0
 ip helper-address 192.168.0.10
!
interface Vlan30
 ip address 192.168.3.1 255.255.255.0
 ip helper-address 192.168.0.10
!
ip local policy route-map split-access
ip http server
ip http secure-server
ip route 0.0.0.0 0.0.0.0 192.168.0.1   - If I remove this line, no traffic is routed
access-list 10 permit 192.168.1.10  - set to this for testing?
access-list 10 permit 192.168.1.0 0.0.0.255
access-list 20 permit 192.168.2.0 0.0.0.255
access-list 30 permit 192.168.3.0 0.0.0.255
route-map split-access permit 10
 match ip address 10
 set ip next-hop 192.168.0.1
 set ip default next-hop 192.168.0.1
!
route-map split-access permit 20
 match ip address 20
 set ip next-hop 192.168.0.2
 set ip default next-hop 192.168.0.2
!
route-map split-access permit 30
 match ip address 30
 set ip next-hop 192.168.0.3
 set ip default next-hop 192.168.0.3
!

Open in new window


Would love to hear your thoughts.

Version of switch is Cisco IOS Software, C2960 Software (C2960-LANBASEK9-M), Version 12.2(55)SE9, RELEASE SOFTWARE (fc1)
0
Comment
Question by:Steven Wells
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 30

Accepted Solution

by:
Predrag earned 2000 total points
ID: 40311377
Next hop address in your case should be IP address of next router interface (neighbor router IP address of interface connected to your router).  Your next hop addresses are in the same subnet, so point to multipoint network is the only logical explanation.

access-list 10 permit 192.168.1.10  - set to this for testing?
access-list 10 permit 192.168.1.0 0.0.0.255

the first permit is included in second - remove first

ip policy command you need to put on inbound interface

Router(config-if)# ip policy route-map map-tag

Router(config)# ip local policy route-map map-tag <- only work for router generated traffic

and I don't see any use of setting default next hop address same as next hop address :)

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/18ew/configuration/guide/config/pbroute.html
0
 
LVL 12

Author Comment

by:Steven Wells
ID: 40311415
Hi,
I have found the switch version I am using doesn't support the policy based routing module.
thanks anyway
0
 
LVL 12

Author Closing Comment

by:Steven Wells
ID: 40311416
Accepted, but not hardware doesn't support what I need
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question