Policy Base Routing on Cisco Nexus
1. Source to Destination routing. all traffic going via OLD Network. Only trying to change Vlan-3 Network should route Via New Network.
2. No static route need to add on Nexus.
3. Nexus Vlan-3Interface IP will not participate in PBR , because PBR has limitation in feature. but the other IP in Vlan-3 will route to New Network Link.
4. EIGRP is using in my OLD Network. All devices have EIGRP except in Firewalls.
5. Firewall has only static routes.
*************************START****************************
1.
Add PBR feature in NEXUS
feature pbr
2.
Add NEW Networ/ VLAN in ACL for Server 65.35.12.30
ip access-list NEW_NET
permit
ip 10.20.3.0 0.0.0.255 host 65.36.12.30
3.
Create Route-map for forward the traffic of new
vlan toward new Firewall
route-map NEW_NET
match ip address NEW_NET
set ip next-hop
10.20.3.252 // New Firewall
IP
4.
Apply on the VLAN interface on Nexus
interface vlan 3
ip policy
route-map NEW_NET
5.
Remove default Route on nexus
no ip route 0.0.0.0/0 10.20.3.252 name NEW_FW1 // Removing all static route for testing
**********************************END********************************************
No comments:
Post a Comment