[c-nsp] policy routing

Charles J. Boening charlieb at cot.net
Fri Mar 30 23:10:39 EST 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Is it possible to have a routing policy that ignores connected
interfaces for certain subnets or vlans yet honors others?

Take this example:

Vlan 2:  192.168.0.0/24
Vlan 3:  192.168.1.0/24
Vlan 4:  192.168.2.0/24

Vlan 4:  10.1.0.0/24
Vlan 5:  10.1.1.0/24
Vlan 6:  10.1.2.0/24

Let's say that vlan 2 and vlan 4 each have a NAT router to a different
provider.  I don't wan the vlan 4,5,6 traffic to ever enter the vlan
2,3,4 networks and vice versa.  I know I can do a policy map that sets
the ip default next-hop but that won't keep vlan 2,3,4 traffic from
entering vlan 4,5,6 directly and vice versa.  My goal is to completely
separate these subnets and vlans as if they were truly in separate
routers/switches.  Also, in all this, routing between the 192.168.x.0/24
subnets should occur and the same between the 10.1.x.0/24 subnets.
Again, just not between the 192.168.x.0/24 networks and the 10.1.x.0/24
networks.

I hope that makes sense.  Any way to accomplish this within the same
chassis?  My switch is a 4507 with redundant SUP IV.

Thanks,
Charlie
 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32)

iD8DBQFGDd8/cGGHuFdGSWARApJ4AJ9lJ1YQhqpWVupwQR+uq435dCzsBgCdF3mI
YyRt9RV3y8B+ivqheJnemhY=
=JDRY
-----END PGP SIGNATURE-----



More information about the cisco-nsp mailing list