Solved

Cisco Policy Based Routing on Switch 2960G

Posted on 2014-09-08
3
816 Views
Last Modified: 2014-09-08
hi
I have managed to configure my Cisco 2960G with IP routing
I am trying to implement policy based routing. I have 3 VLANs and I want them to be able to all talk, but use three different internet connections.

I have been trying to use Access Lists and route-maps

I think i need to apply my policy map to the vlan interface but it work work. (incomplete command)
if I put a default route, all vlans get internet access so it looks like the PBR isn't working

interface Vlan1
 description Native Vlan
 ip address 192.168.0.5 255.255.255.0
!
interface Vlan10
 description "VLAN 10"
 ip address 192.168.1.1 255.255.255.0
 ip helper-address 192.168.0.10
!
interface Vlan20
 description "VLAN 20"
 ip address 192.168.2.1 255.255.255.0
 ip helper-address 192.168.0.10
!
interface Vlan30
 ip address 192.168.3.1 255.255.255.0
 ip helper-address 192.168.0.10
!
ip local policy route-map split-access
ip http server
ip http secure-server
ip route 0.0.0.0 0.0.0.0 192.168.0.1   - If I remove this line, no traffic is routed
access-list 10 permit 192.168.1.10  - set to this for testing?
access-list 10 permit 192.168.1.0 0.0.0.255
access-list 20 permit 192.168.2.0 0.0.0.255
access-list 30 permit 192.168.3.0 0.0.0.255
route-map split-access permit 10
 match ip address 10
 set ip next-hop 192.168.0.1
 set ip default next-hop 192.168.0.1
!
route-map split-access permit 20
 match ip address 20
 set ip next-hop 192.168.0.2
 set ip default next-hop 192.168.0.2
!
route-map split-access permit 30
 match ip address 30
 set ip next-hop 192.168.0.3
 set ip default next-hop 192.168.0.3
!

Open in new window


Would love to hear your thoughts.

Version of switch is Cisco IOS Software, C2960 Software (C2960-LANBASEK9-M), Version 12.2(55)SE9, RELEASE SOFTWARE (fc1)
0
Comment
Question by:Steven Wells
  • 2
3 Comments
 
LVL 27

Accepted Solution

by:
Predrag Jovic earned 500 total points
ID: 40311377
Next hop address in your case should be IP address of next router interface (neighbor router IP address of interface connected to your router).  Your next hop addresses are in the same subnet, so point to multipoint network is the only logical explanation.

access-list 10 permit 192.168.1.10  - set to this for testing?
access-list 10 permit 192.168.1.0 0.0.0.255

the first permit is included in second - remove first

ip policy command you need to put on inbound interface

Router(config-if)# ip policy route-map map-tag

Router(config)# ip local policy route-map map-tag <- only work for router generated traffic

and I don't see any use of setting default next hop address same as next hop address :)

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/18ew/configuration/guide/config/pbroute.html
0
 
LVL 12

Author Comment

by:Steven Wells
ID: 40311415
Hi,
I have found the switch version I am using doesn't support the policy based routing module.
thanks anyway
0
 
LVL 12

Author Closing Comment

by:Steven Wells
ID: 40311416
Accepted, but not hardware doesn't support what I need
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Destination host unreachable 12 97
Where do I upload the internet on a cisco catalyst 2960 poe 7 37
clear arp 1 30
Open Port Forwarding but still can't connect RDP 9 49
There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question