为了测试我刚刚设置的新防火墙,我尝试在我们的核心交换机上实施基于策略的路由。我希望来自某些 VLAN 的流量被路由到新防火墙,而其他所有流量继续通过旧防火墙路由。我尝试使用本指南。除了尝试在接口配置模式下运行“ip policy route-map”命令外,该指南中的所有内容都运行正常。IOS 告诉我这样的命令不存在。“show ip interface vlan”命令显示策略路由已禁用。有什么想法吗?
“show ver”的输出:
Cisco IOS Software, Catalyst 4500 L3 Switch Software (cat4500-IPBASEK9-M), Version 12.2(53)SG, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Thu 16-Jul-09 19:49 by prod_rel_team
Image text-base: 0x10000000, data-base: 0x11D1E3CC
ROM: 12.2(31r)SG2
Dagobah Revision 226, Swamp Revision 34
RTTMCB2223-1 uptime is 3 years, 22 weeks, 2 days, 19 hours, 28 minutes
Uptime for this control processor is 51 weeks, 2 days, 18 hours, 2 minutes
System returned to ROM by power-on
System restarted at 19:22:02 UTC Tue Jul 12 2011
System image file is "bootflash:cat4500-ipbasek9-mz.122-53.sg.bin"
...
cisco WS-C4510R (MPC8245) processor (revision 4) with 524288K bytes of memory.
Processor board ID FOX103703W3
MPC8245 CPU at 400Mhz, Supervisor V
Last reset from PowerUp
42 Virtual Ethernet interfaces
244 Gigabit Ethernet interfaces
511K bytes of non-volatile configuration memory.
Configuration register is 0x2
答案1
您有一个“IPBASEK9”图像,但您需要“ENTERPRISESERVICES”来使用基于策略的路由;您可能需要 ENTERPRISESERVICESK9,因为原始图像是一个加密图像(K9 后缀)。
请参阅本页第 2 页Catalyst 4500 功能一览宣传册。