Change next hop based on source IP

  • 0
  • 1
  • Question
  • Updated 4 years ago
  • Answered
Create Date: Jul 11 2012 1:27PM

I have 2 gateways to internet at the core. Right now all host go to default gateway. How would one send 1 particular host to the other gateway?Thanks

(from David_Kordyban)
Photo of EtherNation User

EtherNation User, Employee

  • 20,340 Points 20k badge 2x thumb

Posted 4 years ago

  • 0
  • 1
Photo of EtherNation User

EtherNation User, Employee

  • 20,340 Points 20k badge 2x thumb
Create Date: Jul 11 2012 11:38PM

Hi dkordyban,
concept guide says:
-----------------------
1 Create a flow-redirect to keep nexthop IP address and health check information.

create flow-redirect premium_subscriber
config flow-redirect premium_subscriber add nexthop 192.168.2.2 priority 200
config flow-redirect premium_subscriber add nexthop 192.168.2.3 priority 100

2 Add an ACL entry with a flow-redirect name action to the existing ACL policy
(For example:premium_user.pol).

entry premium_15 {if match
{source-address 211.10.15.0/24;}
then
{permit;
redirect-name premium_subscriber;}}

entry premium_16 {if match
{source-address 211.10.16.0/24;}
then
{permit;
redirect-name premium_subscriber;}}

3 Apply the modified ACL policy file or dynamic ACL into a port, VLAN, or VLAN and Port.
(Forexample: user1 VLAN: 192.168.1.0/30, user2 VLAN: 192.168.1.4/30)

config access-list premium_user vlan user1 ingress
config access-list premium_user vlan user2 ingress

------------------------------


Maybe that will help you
--
Jarek

(from Jaroslaw_Kasjaniuk)
Photo of EtherNation User

EtherNation User, Employee

  • 20,340 Points 20k badge 2x thumb
Create Date: Jul 12 2012 12:56PM

Looking at the concepts guide under layer 3 policy I see:

entry redirect_port_81 {

if {

protocol tcp;

destination-port 81;

} then {

redirect 3.3.3.2;

}

}

How would I create and apply a policy that would redirect traffic from 1.1.1.1 (which is on remote subnet) and send its internet traffic to 2.2.2.2 (internet gateway 2).

both 1.1.1.1 and 2.2.2.2 is reachable by the switch.

Thanks

(from David_Kordyban)
Photo of EtherNation User

EtherNation User, Employee

  • 20,340 Points 20k badge 2x thumb
Create Date: Jul 12 2012 2:03PM

Please read section -> Policy-Based Redirection Redundancy

--
Jarek

(from Jaroslaw_Kasjaniuk)

This conversation is no longer open for comments or replies.