LAN Routing
cancel
Showing results for 
Search instead for 
Did you mean: 

Route Static - Preference

 
SOLVED
Go to solution
MateusBuogo
Advisor

Route Static - Preference

Hi guys!

I have the problem.

In my network infrastructure, the Core Switch is the default gateway.

The default route from Core is my firewall.

Routing Tables: Public
        Destinations: 27 Routes: 27

Destination / Mask Proto Pre Cost NextHop Interface

0.0.0.0/0 Static 60 0 10.0.1.10 Vlan1
10.0.0.0/16 Direc t 0 0 10.0.10.1 Vlan1
10.0.10.1/32 Direct 0 0 127.0.0.1 InLoop0
10.1.0.0/16 Static 60 0 10.0.10.4 Vlan1
10.14.0.0/16 Static 60 0 10.0.10.4 Vlan1
10.15.0.0/16 Static 60 0 10.0.10.5 Vlan1
10.19.0.0/16 Static 60 0 10.0.10.3 Vlan1

There is internal network traffic that is going through Firewall. This is wrong!

In the default route for the firewall is set preference 60.

Is my network core directing all network traffic to my firewall?

How can I do that?

Firewall: 10.0.1.10

Core: 10.0.10.1

Others Swt: 10.0.10.3 / 10.0.0.4 - default route is the Core

Mateus Buogo
4 REPLIES
Vince-Whirlwind
Honored Contributor

Re: Route Static - Preference

What is the subnet mask on all those devices?
What are the default gateway addresses on the hosts that are sending the "internal traffic" you mention?

What are the full IP addressing details of your core switch?

MateusBuogo
Advisor

Re: Route Static - Preference

Hi,

The subnet is 255.255.0.0 at all.

The gateway of the stations are the Ip's of the Vlaninterfaces of each vlan. And the main Gatway of the whole network is the Core.

I've attached the topology now.

No one has configured the firewall as a gateway. Only the Core Network has a default Firewall route.

Mateus Buogo
Vince-Whirlwind
Honored Contributor
Solution

Re: Route Static - Preference

It isn't clear where your addressing is, nor where your VLANs are. 
But it looks like you are routing on your edge switches, and using VLAN1 to route to the core?

So, seeing as the subnet you are routing from the edge switches with is spanned beyond the "core" to the firewall, then you will get asymmetric routing as ICMP-redirects will tell the edge switches to change their gateway for connections that are going out the default route.

MateusBuogo
Advisor

Re: Route Static - Preference

Thank you!

We found the problem and corrected it!

My friend did the wrong configuration on one of the servers !.

Thanks a lot for the help.

Mateus Buogo