Bruce, If you already have your answer please ignore. Maybe this will help someone else. Or maybe someone can tell us an easier way to do this.
Here is what we ended up doing for something very similar. We were switching to a new ISP and only wanted one subnet to route to the new ISP initially. Our subnets are in the 10.x.x.x, 172.17.x.x, and 192.168.x.x range at different sites. The subnet we wanted to use the new ISP was the 10.1.14.x subnet. ip access-list extended 101 deny ip 10.1.14.0 0.0.0.255 10.0.0.0 0.255.255.255 deny ip 10.1.14.0 0.0.0.255 172.17.0.0 0.0.255.255 deny ip 10.1.14.0 0.0.0.255 192.168.0.0 0.0.255.255 permit ip 10.191.14.0 0.0.0.255 any exit route-map policy NewISP permit 101 match ip address 101 set next-hop 10.1.7.250 exit interface vlan.0.3014 ip policy route-map NewISP On Mon, Dec 5, 2011 at 6:48 AM, Hopkins, Bruce <[email protected]>wrote: > I’ve got a situation where I need to do some policy based routing( I > think) on an N7 based on source. The set next hop I don’t think is going to > work in this scenario so I thought I would through it out here and see how > you guys would handle this. I have a second ISP coming online and currently > I have two routers. One is an N7 and the other is a Cisco 7K Nexus. I need > to keep the internal traffic still passing across the lag between the two > boxes so the clients that are to go out the second ISP still get services, > such as DHCP.**** > > ** ** > > Right now I have the default route from the N7 going to the Cisco device > as that is where my firewalls and the current ISP hangs off. My plan is to > add a default roué for 10.0.0.0 pointing to the Cisco device and then point > 0.0.0.0 to the new ISP. I would like to be able to do this form the source > address, but I’m not sure exactly how to best accomplish this. I need to be > able to only push certain vlans through the new ISP. Has anyone done > anything like this and can you point me to some good examples on how to > accomplish it with the least disruption?**** > > ** ** > > Here are my current routes.**** > > ** ** > > N7 – The IP of this router is 10.254.2.1**** > > ip route 192.168.80.0 255.255.255.0 10.254.0.1 1 permanent**** > > ip route 10.1.3.0 255.255.255.0 10.254.0.1 1 permanent**** > > ip route 10.0.0.0 255.0.0.0 10.254.0.1 1 permanent**** > > ip route 0.0.0.0 0.0.0.0 10.254.0.1 1 permanent**** > > ** ** > > ** ** > > Cisco Nexus The IP of this router is 10.254.0.1**** > > ip route 0.0.0.0/0 10.10.1.1 --- This is the current firewall**** > > ip route 10.0.0.0/8 10.254.2.1**** > > ip route 10.10.60.0/24 10.254.2.1**** > > ip route 10.20.51.0/24 10.20.51.1 1**** > > ** ** > > ** ** > > Thanks**** > > Bruce**** > > > - --To unsubscribe from enterasys, send email to [email protected] with > the body: unsubscribe enterasys [email protected] > > --- To unsubscribe from enterasys, send email to [email protected] with the body: unsubscribe enterasys [email protected]
