policy based routing on 4006 L3 switch with vlans

Discussion in 'Cisco' started by prosthetic head, Mar 4, 2004.

  1. I am trying to setup a failover connection on a 4006 (12.1.19EW) to a
    2nd ISP.
    Here is my scenario.

    Primary internet connectivity is a 100 Mbit sonet connection (4006 is
    plugged into Cisco 3550 which is plugged a Cisco ONS box) and the
    "wan" interface is one of the vlans. I also have a 2nd 4006 running as
    the HSRP secondary, but that is not a factor at the moment.

    The secondary internet connection is a 100 Mbit RPR connection
    (Luminous rpr box plugged into a Linux router w/NAT plugged into
    I am not running any dynamic routing protocols over either connection
    and is not an option to do so with either ISP.
    My 2 primary 24bit networks are bound to seperate vlans, and a 3rd is
    broken out into 27bit networks over 8 vlans. All network interfaces
    (vlans), including the "wan" appear as directly connected interfaces,
    therefore, according to Cisco, a floating static route option will not
    work, which I have verified on the switch already.
    default route is set by "route"
    At this point, I am leaning towards policy based routing with icmp as
    the deciding factor. It appears that the switch will support it.
    Does anyone have an example or any pointers of using policy based
    routing w/ping on vlan interfaces? At some point, I will be adding a
    3rd ISP via DS3, but that will just be another add into the PBR.

    prosthetic head, Mar 4, 2004
    1. Advertisements

  2. Ping-based PBR just became available a couple months ago in 12.3(4)T.
    To my knowledge, it hasn't made it's way into any switch IOS versions

    Without the ability to run a routing protocol you may be out of luck.

    Terry Baranski, Mar 5, 2004
    1. Advertisements

  3. Dohhh! I was afaid of that! I'll see if I can sweet talk the ISP
    into setting up dynamic routing over the "wan" link
    prosthetic head, Mar 5, 2004
  4. prosthetic head

    Hansang Bae Guest

    Too bad it's in 12.3 code and T train to boot. I guess we can use it in
    about 1-2 years!



    "Somehow I imagined this experience would be more rewarding" Calvin
    *************** USE ROT13 TO SEE MY EMAIL ADDRESS ****************
    Due to the volume of email that I receive, I may not not be able to
    reply to emails sent to my account. Please post a followup instead.
    Hansang Bae, Mar 5, 2004
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.