HPE Community
HPE Aruba Networking & ProVision-based
1832964 Members
2487 Online
110048 Solutions
New Discussion

Re: More than one route on routing switch

 
elfordty
Occasional Advisor

‎05-06-2013 08:42 PM

‎05-06-2013 08:42 PM

More than one route on routing switch

Hi there,

 

I have a quick question that I am curious about.  I currently have an HP 5412zl switch that is being used as my core switch.  It is the inter-vlan routing point so all the vlans use this switch as their gateway.

 

Currently I have it set up so that all internet traffic gets passed from the switch to our firewall, then out to the Internet.  I have this happening by using a default route.

 

I am going to be testing a new firewall shortly and I wanted to know if there was a way that I could route most traffic out to the current firewall and have some traffic route to the new firewall?

 

Currently the switch has IP 192.168.0.27 and the current firewall is 192.168.0.5

 

Below is my route table using show ip route

 

 Destination        Gateway         VLAN Type      Sub-Type   Metric     Dist.
  ------------------ --------------- ---- --------- ---------- ---------- -----
  0.0.0.0/0          192.168.0.5     1    static               1          1
  127.0.0.0/8        reject               static               0          0
  127.0.0.1/32       lo0                  connected            1          0
  172.16.3.0/24      DEPLOYMENT      3    connected            1          0
  172.16.16.0/24     DEVICES         16   connected            1          0
  172.16.17.0/24     SERVERS         17   connected            1          0
  172.16.19.0/24     INTERNAL_DEV    19   connected            1          0
  172.16.20.0/24     STAFF           20   connected            1          0
  192.168.0.0/21     DEFAULT_VLAN    1    connected            1          0

 

What I would like to do is route some traffic to say 192.168.0.7, which will be the new firewall.  Is there a way to pick an IP on the local network to be routed this way, or possibly a new VLAN or subnet?

 

tyelford

0 Kudos
3 REPLIES 3
Vince_Whirlwind
Trusted Contributor

‎05-06-2013 10:42 PM

‎05-06-2013 10:42 PM

Re: More than one route on routing switch

Check the "Advanced Traffic Management Guide", and you need a recent version of K.15.

 

class ipv4 TestAlternateRouteTraffic

   match ip 10.1.42.0/24 any

 

policy TestAlternateRoute

   class ipv4 TestAlternateRouteTraffic

   action ip default-next-hop 10.99.99.1

 

vlan 42

   service-policy TestAlternateRoute in

 

0 Kudos
YenLin
Frequent Advisor

‎05-06-2013 11:32 PM

‎05-06-2013 11:32 PM

Re: More than one route on routing switch

hi elfordty,

 

I think you can use PBR(policy-based routing), but it also required K.15 ios and all modules have to be version 2.

 

The configuration will be similar to below:

 

class ipv4 FW

  10 match ip 192.168.0.0/21 any

policy pbr USER

   class ipv4 FW

       action ip default-next-hop 192.168.0.7

 

vlan 10

 service-policy USER in

 

You can access related document from :Advanced Traffic Management Guide

0 Kudos
elfordty
Occasional Advisor

‎05-07-2013 03:11 PM

‎05-07-2013 03:11 PM

Re: More than one route on routing switch

Thanks for the replys.  I'll have a look at the guide you suggested.

 

I just checked my switch and I am on version K15.08.0008 so should be good there but my modules appear to only be on version 1.  Do you think this means it will be not do-able?

 

tyelford

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.