[c-nsp] PBR to change default gateway for an IP?
Jason LeBlanc
jml at packetpimp.org
Mon Aug 27 12:24:49 EDT 2007
int vl11
ip policy route-map ftp-pbr
route-map ftp-pbr permit 103
match ip address 103
set ip default next-hop 10.11.21.5
access-list 103 permit ip host 10.11.11.22 any
Nate Carlson wrote:
> Can you help a dead-tired engineer? ;)
>
> We've got an IP pon our network that needs to use a different route out to
> the world, but for lots of reasons, we can't change it on the device
> itself.. it's currently pointed at an interface on a 6509. From what I
> recall, we can set up PBR to say that anything from the source IP of this
> device should go out a different path than the default - am I remembering
> right? Anyone got an example? My google-fu is being seriously hampered by
> too many 15 hour days lately. ;(
>
> So, here's an example with some IP's:
>
> Device info:
> IP address: 10.0.0.1/24
> Default gateway: 10.0.0.254
>
> 6509 config:
> IP address: 10.0.0.254/24, 172.16.1.1
> Default gateway: 172.16.1.254
>
> >From 10.0.0.1, we need traffic to 192.168.0.0/16 to go via the 6509's
> standard default gateway (172.16.1.254), but need the rest of the traffic
> to go out via a vendor-provided gateway (10.0.0.2). Unfortunately, the
> device does not allow us to add any routes (all we can have is a default
> gateway). Normally my solution would be to point the gateway at 10.0.0.2
> and add routes on it back to our internal network, but that device is a
> PIX running 6.3, and it won't allow traffic to route back out the same
> interface. ;(
>
> I'd appreciate any examples!!
>
> -Nate
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list