bypassing directly connected network

Discussion in 'Cisco' started by Jeremy McMasters, Nov 10, 2003.

  1. I am trying to bypass a directly connected network that is configured with a
    10.1.1.41 255.0.0.0 on FE0/1 I need to have the traffice from 10.148.0.0
    255.255.240.0 to not go out FE0/1 instead I need it to go out the FE0/0
    interface. I have tryed route-maps but have not had any success. Any other
    ideas.

    Jeremy
     
    Jeremy McMasters, Nov 10, 2003
    #1
    1. Advertisements

  2. :I am trying to bypass a directly connected network that is configured with a
    :10.1.1.41 255.0.0.0 on FE0/1 I need to have the traffice from 10.148.0.0
    :255.255.240.0 to not go out FE0/1 instead I need it to go out the FE0/0
    :interface. I have tryed route-maps but have not had any success. Any other
    :ideas.

    If you need routing to vary according to source IP address,
    then you should indeed by using Policy Based Routing (PBR) with
    a route-map. I'm sure there are a number of examples on cisco.com .
    Just don't ask me to give the commands from memory; my first
    tries never work right either ;-)
     
    Walter Roberson, Nov 10, 2003
    #2
    1. Advertisements

  3. Assume the next-hop address on f0/0 is x.x.x.x, then you can use

    access-list 100 permit 10.148.0.0 0.0.15.255 any
    !
    route-map POLICY
    match ip address 100
    set ip next-hop x.x.x.x
     
    Jesper Skriver, Nov 10, 2003
    #3
  4. Would I apply this policy to the F0/0 interface, if so I did this and still
    no effect on being able to ping the 10.148.0.1 network. as soon as I shut
    off the F0/1 interface I am able to route out the F0/0 to get to it. Here
    is a sample of what I did

    interface FastEthernet0/0
    ip address 24.159.x.x 255.255.255.224
    no ip proxy-arp
    ip policy route-map POLICY
    duplex auto
    speed auto
    !
    interface FastEthernet0/1
    ip address 10.1.1.41 255.0.0.0
    no ip proxy-arp
    ip rip authentication mode md5
    ip rip authentication key-chain rip-chain
    duplex auto
    speed auto
    no cdp enable

    access-list 130 permit ip 10.148.0.0 0.0.15.255 any
    !
    route-map POLICY permit 10
    match ip address 130
    set ip next-hop 24.159.x.x
     
    Jeremy McMasters, Nov 10, 2003
    #4
  5. Jeremy McMasters

    Scooby Guest

    Actually, I think that is backwards. You wanted:

    access-list 130 permit ip any 10.148.0.0 0.0.15.255

    The rest looks good to me.

    Jim
     
    Scooby, Nov 11, 2003
    #5
  6. The policy route is applied to the interface the traffic enters the
    router on. However, from your description, you have two independent
    physical networks sharing the same IP address range. This violates all
    rules for IP network address assignment and is normally considered
    an error, not to mention a very bad idea. Even if you get policy
    routing to force this to work, you are dead as soon as somebody
    assigns a system to use an address in the duplicated range on the
    "wrong" network. In other words, any solution you come up with has
    a high probability of breaking in the future.

    Good luck and have fun! (and you'll need the luck).
     
    Vincent C Jones, Nov 11, 2003
    #6
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.