Jump to content
Калькуляторы

pbr на catalyst 4506e не работают route-map на vlan

Добрый день.

 

имею следующий каталист в эксплуатации

 

sh version

Rec-1#sh version

 

Cisco IOS Software, Catalyst 4500 L3 Switch Software (cat4500e-IPBASEK9-M), Version 12.2(52)XO, RELEASE SOFTWARE (fc1)

 

Technical Support: http://www.cisco.com/techsupport

 

Copyright © 1986-2009 by Cisco Systems, Inc.

 

Compiled Sun 17-May-09 18:51 by prod_rel_team

 

Image text-base: 0x10000000, data-base: 0x124CA328

 

 

 

ROM: 12.2(44r)SG5

 

Darkside Revision 4, Jawa Revision 9, Tatooine Revision 140, Forerunner Revision 1.11

 

 

 

Rec-1 uptime is 2 weeks, 2 days, 16 hours, 15 minutes

 

System returned to ROM by reload

 

System image file is "bootflash:cat4500e-ipbasek9-mz.122-52.XO.bin"

 

 

 

 

 

This product contains cryptographic features and is subject to United

 

States and local country laws governing import, export, transfer and

 

use. Delivery of Cisco cryptographic products does not imply

 

third-party authority to import, export, distribute or use encryption.

 

Importers, exporters, distributors and users are responsible for

 

compliance with U.S. and local country laws. By using this product you

 

agree to comply with applicable laws and regulations. If you are unable

 

to comply with U.S. and local laws, return this product immediately.

 

 

 

A summary of U.S. laws governing Cisco cryptographic products may be found at:

 

http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

 

 

 

If you require further assistance please contact us by sending email to

 

export@cisco.com.

 

 

 

cisco WS-C4506-E (MPC8548) processor (revision 8) with 524288K bytes of memory.

 

Processor board ID FOX1335GE86

 

MPC8548 CPU at 1GHz, Supervisor 6L-E

 

Last reset from Reload

 

19 Virtual Ethernet interfaces

 

52 Gigabit Ethernet interfaces

 

2 Ten Gigabit Ethernet interfaces

 

511K bytes of non-volatile configuration memory.

 

 

 

Configuration register is 0x2102

 

sh inventory

 

Rec-1#sh inventory

 

NAME: "Switch System", DESCR: "Cisco Systems, Inc. WS-C4506-E 6 slot switch "

 

PID: WS-C4506-E , VID: V02 , SN: FOX1335GE86

 

 

 

NAME: "Linecard(slot 1)", DESCR: "Supervisor 6L-E 10GE (X2), 1000BaseX (SFP)with 2 10GE X2 ports"

 

PID: WS-X45-SUP6L-E , VID: V01 , SN: JAE1336I6NR

 

 

 

NAME: "Converter 1/1", DESCR: "Converter Module"

 

PID: CVR-X2-SFP , VID: V02 , SN: FDO13300SAB

 

 

 

NAME: "GigabitEthernet1/3", DESCR: "1000BaseSX"

 

PID: Unspecified , VID: , SN: AGM134012Y7

 

 

 

NAME: "GigabitEthernet1/4", DESCR: "1000BaseLH"

 

PID: Unspecified , VID: , SN: LP640062611746

 

 

 

NAME: "Converter 1/2", DESCR: "Converter Module"

 

PID: CVR-X2-SFP , VID: V02 , SN: FDO13300JGJ

 

 

 

NAME: "GigabitEthernet1/5", DESCR: "1000BaseSX"

 

PID: Unspecified , VID: , SN: AGA133016EB

 

 

 

NAME: "GigabitEthernet1/6", DESCR: "1000BaseSX"

 

PID: Unspecified , VID: , SN: AGA133016E2

 

 

 

NAME: "Linecard(slot 2)", DESCR: "10/100/1000BaseT (RJ45) with 24 10/100/1000 baseT ports"

 

PID: WS-X4424-GB-RJ45 , VID: V06 , SN: JAE1342LK0D

 

 

 

NAME: "Linecard(slot 3)", DESCR: "10/100/1000BaseT (RJ45) with 24 10/100/1000 baseT ports"

 

PID: WS-X4424-GB-RJ45 , VID: V06 , SN: JAE1337J53M

 

 

 

NAME: "Fan", DESCR: "FanTray"

 

PID: WS-X4596-E , VID: V02 , SN: FOX1335GATB

 

 

 

NAME: "Power Supply 1", DESCR: "Power Supply ( AC 1000W )"

 

PID: PWR-C45-1000AC , VID: V05 , SN: AZS13380FGR

 

 

 

NAME: "Power Supply 2", DESCR: "Power Supply ( AC 1000W )"

 

PID: PWR-C45-1000AC , VID: V05 , SN: AZS13380FH1

 

хочу применить следующий скрипт

 

ip access-list extended rules4vlan143

! access to univer.somewhere.kz port 80

permit tcp 10.10.10.32 0.0.0.31 host 10.7.1.43 80

! access to univer.somewhere.kz port 8080

permit tcp 10.10.10.32 0.0.0.31 host 10.7.1.40 8080

! access to stud.somewhere.kz port 80

permit tcp 10.10.10.32 0.0.0.31 host 10.60.0.50 80

! access to www.somewhere.kz

permit tcp 10.10.10.32 0.0.0.31 host 10.5.0.26 80

! access to gateway ip, to ping

permit icmp 10.10.10.32 0.0.0.31 host 10.10.10.33

! access to dns server

permit udp 10.10.10.32 0.0.0.31 host 10.5.0.10 53

! access to dw.somewhere.kz port 80

permit tcp 10.10.10.32 0.0.0.31 host 10.5.0.20 80

! access to cl.somewhere.kz port 80

permit tcp 10.10.10.32 0.0.0.31 host 10.5.0.26 80

! access to cl.somewhere.kz port 8443

permit tcp 10.10.10.32 0.0.0.31 host 10.5.0.26 8443

! access to cl.somewhere.kz port 443

permit tcp 10.10.10.32 0.0.0.31 host 10.5.0.26 443

! access to cl.somewhere.kz port 389

permit tcp 10.10.10.32 0.0.0.31 host 10.5.0.26 389

 

route-map vlan143routemap deny 10

match ip address rules4vlan143

set ip default next-hop 212.154.154.210

 

int vlan 143

description no description

ip address 10.10.10.33 255.255.255.224

ip policy route-map vlan143routemap

 

но он не хочет применятся. последняя строка не срабатывает.

 

помоги что здесь не правильно, может следует другой образ поставить? или нуно еще какой нибудь модуль воткнуть?

Edited by Nurmukhamed

Share this post


Link to post
Share on other sites

Эта фича не поддерживается в IPBASE

Share this post


Link to post
Share on other sites
Эта фича не поддерживается в IPBASE

Добрый день.

попробывал загрузить следующие образы

cat4500e-entservicesk9-mz.122-53.SG.bin

cat4500e-entservicesk9-mz.122-53.SG1.bin

 

каталист ругается, говорит что образ не поддерживается.

 

что делать?

какой образ подойдет для етого каталиста?

Share this post


Link to post
Share on other sites

Судя по сравнительной табличке, это сильно урезанный вариант суп6Е:

http://www.cisco.com/en/US/products/hw/swi...comparison.html

 

Смотрите через фиченавигатор, возможно на нём вообще PBR не поддерживается...

Share this post


Link to post
Share on other sites

Cisco Catalyst 4500 Supervisor Engine 6L-E Feature Highlights

Supports the following software packages, LAN Base, IP Base and Enterprise services (Eneterprise services support introduced with IOS release 12.2(53)SG2 )

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this