04-05-2013 05:09 AM
I am trying to satisfy a strange use case in a lab environment, and I'm having some problems. Could someone please help walk me through this?
Here's the physical configuration. I only control the MLXe; other groups control the core router and router2.
Core router 10.12.80.1/24
(net1) 10.12.83.2/25 / \ 10.12.83.130/25 (net2)
10.12.83.3/24 host1 host2 10.12.83.133/25
Traffic in both directions from the core to host1 host2 is working fine. But traffic between host1 and host2 is not routing correctly.
We want the MLXe to route between net1 and net2. We don't want router2 to do this. I'm sure this is inefficient and seems fishy, but we have reasons. So when traffic needs to go between net1 and net2, the MLXe will receive the traffic on ve183 from 10.12.183.11 and will need to route the traffic back out the same interface to 10.12.183.11.
The partial routing table for MLXe:
SSH@MLXe-01#sh ip route
Destination Gateway Port Cost Type Uptime
1 0.0.0.0/0 10.12.80.1 ve 80 1/1 S 38d16h
2 10.12.80.0/28 DIRECT ve 80 0/0 D 57d20h
3 10.12.83.0/25 10.12.183.11 ve 183 1/1 S 8d16h
4 10.12.83.128/25 10.12.183.11 ve 183 1/1 S 8d16h
5 10.12.183.0/24 DIRECT ve 183 0/0 D 57d14h
At this point, it looks like the MLX is dropping packets that it should be routing between net1 and net2. For example, when a host on net1 tries to ping a host on net2, router2 sees the echo-requests, but not the echo-replies. Same for a net2 host pinging a net1 host. At this point, there are no ACLs on the MLXe, but we will apply them after the basic routing is working.
Do I need to issue any special commands to do this? I have come across the terms "router on stick", "one armed routing", etc. But I don't know how to do this with the MLXe.
Any help would be much appreciated!
04-08-2013 01:48 AM
I do not believe that the MLX can do this, also router 2 (if the MLX did do this) should drop the traffic by its loop detection.
Anybody seen this done on a MLX?