• All Files
Getting started  >  Deployment options  >  Out-of-path topologies  >  Configuring Router for VRRP with PBR and VLANs

Configuring a router for virtual router redundancy protocol (VRRP) with policy-based routing (PBR) and VLANs

To use VRRPVirtual Router Redundancy Protocol with PBR and VLANs, specify the behaviour of the router interfaces connecting to the switch, the LANLocal area network, and the WANWide Area Network.

  1. Launch the router command line interface.
  • To enter privileged EXEC (enable) mode, at the prompt run the command: hostname > enable

The hostname # prompt appears.

  • To enter configuration (config) mode, at the prompt run the commands: hostname # configure terminal

The hostname (config)# prompt appears.

  1. Configure the interface parameters for the switch installed between the router and the out-of-path Exinda Appliances (Gig0/0).
  1. Specify the interface to configure: hostname (config)# interface GigabitEthernet0/0
  2. Set a description for what the router interface is connecting to: hostname (config-if)# description Connected to Exinda Group
  3. Specify that there is no IPInternet protocol address for the interface: hostname (config-if)# no ip address
  4. Set the duplex and speed parameters for the interface:

hostname (config-if)# duplex auto
hostname (config-if)# speed auto

  1. Configure the parameters for the VLAN 10 interface (Gig0/0.10).
  1. Specify the interface to configure: hostname (config)# interface GigabitEthernet0/0.10
  2. Set the router interface to route between VLANs for the switch: hostname (config-if)# encapsulation dot1Q 10
  3. Set the IP address and netmask of the VLAN 10 interface: hostname (config-if)# ip address 10.10.10.1 255.255.255.0
  1. Configure the parameters for the VLAN 20 interface (Gig0/0.20).
  1. Specify the interface to configure: hostname (config)# interface GigabitEthernet0/0.20
  2. Set the router interface to route between VLANs for the switch: hostname (config-if)# encapsulation dot1Q 20
  3. Set the IP address and netmask of the VLAN 20 interface: hostname (config-if)# ip address 10.10.20.1 255.255.255.0
  1. Configure the parameters for the WAN interface (Gig0/1).
  1. Specify the interface to configure: hostname (config)# interface GigabitEthernet0/1
  2. Set a description for what the router interface is connecting to: hostname (config-if)# description Connected to WAN
  3. Specify that there is no IP address for the interface: hostname (config-if)# no ip address
  4. Set the duplex and speed parameters for the interface:

hostname (config-if)# duplex auto
hostname (config-if)# speed auto

  1. Configure the parameters for the VLAN 10 interface (Gig0/1.10).
  1. Specify the interface to configure: hostname (config)# interface GigabitEthernet0/1.10
  2. Set the router interface to route between VLANs for the switch: hostname (config-if)# encapsulation dot1Q 10
  3. Set the route map for policy routing with the name EXOOP1toEXIN: hostname (config-if)# ip policy route-map EXOOP1toEXIN
  1. Configure the parameters for the VLAN 20 interface (Gig0/1.20).
  1. Specify the interface to configure: hostname (config)# interface GigabitEthernet0/1.20
  2. Set the router interface to route between VLANs for the switch: hostname (config-if)# encapsulation dot1Q 20
  3. Set the IP address and netmask of the LAN interface: hostname (config-if)# ip address 10.10.40.1 255.255.255.0
  4. Set the route map for policy routing with the name LANtoEXOOP2: hostname (config-if)# ip policy route-map LANtoEXOOP2
  1. Configure the parameters for the LAN interface (Fa0/1.10).
  1. Specify the interface to configure: hostname (config)# interface FastEthernet0/1.10
  2. Set a description for what the router interface is connecting to: hostname (config-if)# description Connected to EX-IN
  3. Set the router interface to route between VLANs for the switch: hostname (config-if)# encapsulation dot1Q 10
  4. Set the IP address and netmask of the LAN interface: hostname (config-if)# ip address 172.16.10.0 255.255.255.0
  5. Set the route map for policy routing with the name EXINtoEXOOP1: hostname (config-if)# ip policy route-map EXINtoEXOOP1
  1. Configure the parameters for the LAN interface (Fa0/1.20).
  1. Specify the interface to configure: hostname (config)# interface FastEthernet0/1.20
  2. Set a description for what the router interface is connecting to: hostname (config-if)# description Connected to EX-IN
  3. Set the router interface to route between VLANs for the switch: hostname (config-if)# encapsulation dot1Q 20
  4. Set the IP address and netmask of the LAN interface: hostname (config-if)# ip address 172.16.20.0 255.255.255.0
  5. Set the route map for policy routing with the name EXINtoEXOOP2: hostname (config-if)# ip policy route-map EXINtoEXOOP2
  1. Create the following access lists to allows devices in the specified IP address range to access the network:

hostname (config)# access-list 100 permit ip 10.10.30.0 0.0.0.255 172.16.10.0 0.0.0.255
hostname (config)# access-list 101 permit ip 172.16.10.0 0.0.0.255 10.10.30.0 0.0.0.255
hostname (config)# access-list 102 permit ip 10.10.40.0 0.0.0.255 172.16.20.0 0.0.0.255
hostname (config)# access-list 103 permit ip 172.16.20.0 0.0.0.255 10.10.40.0 0.0.0.255

  1. Configure the following route maps to allow access to the routes specified in the access lists, and route the traffic to the router.

route-map Asym permit 10
match ip address 100
set ip next-hop 10.10.10.100
!
route-map EXOOP1toEXIN permit 10
match ip address 100
set ip next-hop 10.10.10.100
!
route-map EXOOP2toEXIN permit 10
match ip address 102
set ip next-hop 10.10.20.100
!
route-map EXINtoEXOOP1 permit 10
match ip address 101
set ip next-hop 10.10.10.100
!
route-map EXINtoEXOOP2 permit 10
match ip address 103
set ip next-hop 10.10.20.100

Book a demo

Related Topics

Exinda Network Orchestrator Help System
Copyright © GFI Software 2021
Free Trial