Hi,
We just recently applied PBR in our MAN link connection. The setup is this:
MAN Link Area1 interface VLANA= 140.231.153.0/24
MAN Link Area2 interface VLANB= 140.231.156.0/25
These two VLANS should have default gateway to 140.231.153.1.
for VLANA---that is Ok, since this has a direct connection
for VLANB---this one is an additional subnet from the extended site and this is where we started configuring PBR to have default route to 140.231.153.1.
The policy was applied on the MAN Link interface VLAN
It is working but not for all destination.
This is the configuration done:
access-list 101 permit tcp 140.231.156.0 0.0.1.255 any
access-list 101 permit ip 140.231.156.0 0.0.1.255 any
route-map SNX2_Access01 permit 101
match ip address 101
set ip default next-hop 140.231.153.1
Then applied to MAN link VLAN:
ip policy route-map SNX2_Access01
The problem is the Gateway for our VLANB (in the extended site--Area2) is the L3 Switch from Area1 and this L3 switch has configured static routes for other private IP address. Since VLANB does not have direct connection to 140.231.153.1, this is what we noticed:
The destination IPs that were not routed to 140.231.153.1 are the IP addresses that have static routes configured in the L3 Switch which is routed to different link, like this one:
S 157.163.136.0/24 [1/0] via 10.3.116.211
So IP range 157.163.136.0/24 cannot be reached by our VLAN B but if I remove the Static route, VLANB can access 157.163.136.0/24 with next-hop 140.231.153.1.
What else do I need to add so my VLANB will ingnore the static routes configured in L3 Switch and use 140.231.153.1 as the default route for all destination ?
We just recently applied PBR in our MAN link connection. The setup is this:
MAN Link Area1 interface VLANA= 140.231.153.0/24
MAN Link Area2 interface VLANB= 140.231.156.0/25
These two VLANS should have default gateway to 140.231.153.1.
for VLANA---that is Ok, since this has a direct connection
for VLANB---this one is an additional subnet from the extended site and this is where we started configuring PBR to have default route to 140.231.153.1.
The policy was applied on the MAN Link interface VLAN
It is working but not for all destination.
This is the configuration done:
access-list 101 permit tcp 140.231.156.0 0.0.1.255 any
access-list 101 permit ip 140.231.156.0 0.0.1.255 any
route-map SNX2_Access01 permit 101
match ip address 101
set ip default next-hop 140.231.153.1
Then applied to MAN link VLAN:
ip policy route-map SNX2_Access01
The problem is the Gateway for our VLANB (in the extended site--Area2) is the L3 Switch from Area1 and this L3 switch has configured static routes for other private IP address. Since VLANB does not have direct connection to 140.231.153.1, this is what we noticed:
The destination IPs that were not routed to 140.231.153.1 are the IP addresses that have static routes configured in the L3 Switch which is routed to different link, like this one:
S 157.163.136.0/24 [1/0] via 10.3.116.211
So IP range 157.163.136.0/24 cannot be reached by our VLAN B but if I remove the Static route, VLANB can access 157.163.136.0/24 with next-hop 140.231.153.1.
What else do I need to add so my VLANB will ingnore the static routes configured in L3 Switch and use 140.231.153.1 as the default route for all destination ?
