How to set up routing for subnets to different gateways using the CISCO 3750 L3 switch, taking into account local routing (continuation of the topic)?

V

Vyacheslav2018-06-19 12:35:11

Cisco

Vyacheslav, 2018-06-19 12:35:11

Continuing the topic:
How to configure routing for subnets to different gateways using the CISCO 3750 L3 switch?
-------------------------------------------------- -------------------------------------------------- ------
Hello!
Rested on the implementation of the idea.
-------------------------------------------------- ----------------------

We have several virtual subnets (VLAN) and L3 level subnets:
1 - 192.168.0.0/30 (L3)
2 - 192.168.0.4/ 30 (L3)
3 - 192.168.1.64/26 (VLAN30)
4 - 192.168.1.128/26 (VLAN40)
5 - 192.168.1.192/26 (VLAN50)
L3 switch - CISCO 3750, several L2 switches - CISCO 2960
Everything is routed through subinterfaces on CISCO 3750:
Gi1/0/1 and Gi1/0/2 in the "no switchport" state, with the corresponding addresses on the ports;
For subnets VLAN30,40,50 virtual subinterfaces are created:
int VLAN30 - ip 192.168.1.65/26;
int VLAN40 - ip 192.168.1.129/26;
int VLAN50 - ip 192.168.1.193/26;
If there is only one router (network 1), we have a route:
ip route 0.0.0.0 0.0.0.0 192.168.0.1 permanent
Naturally, everything works, all networks go through one exit (Gi1/0/1) and at the same time see each other.
------------------------------
When adding a second router (network 2), use PBR with the following settings (for VLAN50):
access-list 11 permit 192.168.1.192 0.0.0.63
route-map MAP_VLAN50 permit 10
match ip address 11
set ip next-hop 192.168.0.5
On the virtual interface we hang:
interface VLAN50
ip address 192.168.1.193 255.255.255.192
ip policy route-map MAP_VLAN50
When implementing this scheme, VLAN50 does not see other subnets, and this is important
I wanted to specify in the map :
set ip default next-hop
192.168.0.5
"Policy-based routing based on packet length, IP precedence and TOS, set interface, set default next hop, or set
default interface are not supported. Policy maps with no valid set actions or with set action set to Don't Fragment
are not supported."
------------------------------
I can not find a solution to this problem.
Ask for help from the community.

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

V

Vyacheslav, 2018-06-28
@oldalfer

Solution found!!!
telecombook.ru/routing-and-switching/view/route-map
PBR great stuff works great.
After reading the article, everything falls into place.
To implement a scheme containing 10 subnets, it took 1 access-list, 1 route map

V

Valentine, 2018-06-19
@vvpoloskin

Therefore, normal people do not make route-maps, they change the routing rules in a completely unpredictable way. In this case, you need to add rules to MAP_VLAN50 by analogy (see at the very end of the article).
In general, it is necessary to proceed from the task - what is the purpose of such a division? Unbalance traffic by uplinks? So there are other tools for that. Give some users one uplink, others another - there is a vrf for this.

V

Vitaly, 2018-06-28
@Vigogne

Catalyst 3750, for all its L3-ness, is far from a router, and these are not its main functions, so if possible, transfer PBR to a router, and if not, then either describe all possible directions in one map, which, I repeat, is not correct for the switch, or change the network architecture to bypass these directions.