[c-nsp] PBR to change default gateway for an IP?

Jason LeBlanc jml at packetpimp.org
Mon Aug 27 12:24:49 EDT 2007


int vl11
  ip policy route-map ftp-pbr

route-map ftp-pbr permit 103
 match ip address 103
 set ip default next-hop 10.11.21.5

access-list 103 permit ip host 10.11.11.22 any

Nate Carlson wrote:
> Can you help a dead-tired engineer?  ;)
>
> We've got an IP pon our network that needs to use a different route out to 
> the world, but for lots of reasons, we can't change it on the device 
> itself.. it's currently pointed at an interface on a 6509. From what I 
> recall, we can set up PBR to say that anything from the source IP of this 
> device should go out a different path than the default - am I remembering 
> right? Anyone got an example? My google-fu is being seriously hampered by 
> too many 15 hour days lately.  ;(
>
> So, here's an example with some IP's:
>
> Device info:
> IP address: 10.0.0.1/24
> Default gateway: 10.0.0.254
>
> 6509 config:
> IP address: 10.0.0.254/24, 172.16.1.1
> Default gateway: 172.16.1.254
>
> >From 10.0.0.1, we need traffic to 192.168.0.0/16 to go via the 6509's 
> standard default gateway (172.16.1.254), but need the rest of the traffic 
> to go out via a vendor-provided gateway (10.0.0.2). Unfortunately, the 
> device does not allow us to add any routes (all we can have is a default 
> gateway). Normally my solution would be to point the gateway at 10.0.0.2 
> and add routes on it back to our internal network, but that device is a 
> PIX running 6.3, and it won't allow traffic to route back out the same 
> interface.  ;(
>
> I'd appreciate any examples!!
>
> -Nate
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>   



More information about the cisco-nsp mailing list