Routing maps on Catalyst.

Hi guys,

do you know whether the route-maps can be used on Catalyst? Do Catalyst L3 modules offer advanced L3 functionality or just few commands in order to switch packets around among VLANs?

I manage a PIX firewall and I feel the need to apply some advanced L3 rules, and bandwidth policy on packets ingoing and outcoming the firewall.

I think I can not use just one router to do that. As the PIX has 7 interfaces, I theoretically need 7 routers(!). Too expensive.

My question is: can I apply routing rules, with the L3 modules, keeping VLAN flows separated? My question could seem weird but my main goal is to not have undesired traffic flowing from one VLAN to another, or better intrinsic safety managing VLAN traffic that by default must be kept separated.

All said above in order to know if I need to buy a new router or a L3 module, for the 4006 switch [ 8.3(2)GLX ] I manage, could be enough.

TIA

Alex

AM skrev:

order to switch packets around among VLANs?

The catalyst 4500 series support most of the features I think you'd need. (No nat support though, please correct me if I'm wrong on this).

and bandwidth policy on packets ingoing

I theoretically need 7 routers(!). Too

A common solution is to use a single highspeed interface and use VLANs to seperate traffic. Or you could use 7 interfaces and plug them into 7 diffirent VLANs on the 4000 and route between them.

flows separated? My question could seem

to another, or better intrinsic safety

You may want to use VRF's to seperate routing instances to keep the router from routeing between the diffirent VLANs. And completely seperating the routing instances. You may think of this as virtualising the router into diffirent instances. I'm not sure if the 4000 series support VRF's or VRFlite though.

-SAto