IPv6 Policy based routing?

Dick Visser visser at terena.org
Fri Apr 19 11:30:07 CEST 2013 

Hi guys

I'd like to implement a transparent proxy in my network, and for that
I need Policy Based Routing to work for VLANs on our Cisco 3750X. We
appear to be in good shape:

gatekeeper#sho sdm prefer
 The current template is "desktop IPv4 and IPv6 routing" template.
 The selected template optimizes the resources in  the switch to
support this level of features for
 8 routed interfaces and 1024 VLANs.

  number of unicast mac addresses:                  1.5K
  number of IPv4 IGMP groups + multicast routes:    1K
  number of IPv4 unicast routes:                    2.75K
    number of directly-connected IPv4 hosts:        1.5K
    number of indirect IPv4 routes:                 1.25K
  number of IPv6 multicast groups:                  1K
  number of directly-connected IPv6 addresses:      1.5K
  number of indirect IPv6 unicast routes:           1.25K
  number of IPv4 policy based routing aces:         0.25K
  number of IPv4/MAC qos aces:                      0.5K
  number of IPv4/MAC security aces:                 0.5K
  number of IPv6 policy based routing aces:         0.25K
  number of IPv6 qos aces:                          0.5K
  number of IPv6 security aces:                     0.5K


But if I actually try to use it, it works for IPv4, but no go for IPv6:

gatekeeper#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
gatekeeper(config)#interface vlan 20
gatekeeper(config-if)#ipv6 policy
                           ^
% Invalid input detected at '^' marker.

Turns out the switch doesn't do it at all:

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750x_3560x/software/release/15.0_1_se/configuration/guide/swipv6.html#wp1115839

Cisco says it's not supported on any platform.

Since I'll be needed a new switch any way, I might as well look beyond
Cisco. I hear that a Juniper EX4200 might do it. Other might as well.
However, I'd rather buy a new box based on real world experience that
it supports a feature, than based on docs saying it supports it - and
then later finding out that it doesn't because of corner case x, y and
z.

So, are there people here that are succesfully using dual stack Policy
Based Routing on a VLAN, on a similar switch?

Many thanks,



--
Dick Visser
System & Networking Engineer
TERENA Secretariat
Singel 468 D, 1017 AW Amsterdam
The Netherlands

More information about the ipv6-ops mailing list