In your case here if you can not reach ABC AND you have no route to the destination address matching your ACL it will be sent to XYZ.
Regards, Joe Astorino CCIE #24347 (R&S) Sr. Technical Instructor - IPexpert Mailto: [email protected] Telephone: +1.810.326.1444 Live Assistance, Please visit: www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Classroom and Self-Study Cisco CCNA (R&S, Voice & Security), CCNP, CCVP, CCSP and CCIE (R&S, Voice, Security & Service Provider) Certification Training with locations throughout the United States, Europe and Australia. Be sure to check out our online communities at www.ipexpert.com/communities and our public website at www.ipexpert.com -----Original Message----- From: Nadeem Rafi <[email protected]> Date: Mon, 25 Jan 2010 00:11:21 To: Joe Astorino<[email protected]>; ccie_rs<[email protected]>; Cisco certification<[email protected]> Subject: Re: [OSL | CCIE_RS] Need Help in understanding sequence. so what i can understand from above is that, what ever statements are there set... all of those should match to have an action. But set ip default next-hope is kinda fail safe option, if nothing else work it should work. Best regards, Nadeem Rafi On Mon, Jan 25, 2010 at 12:03 AM, Joe Astorino <[email protected]>wrote: > Because the two set commands are looking at different values: The > first two you mention (set ip next-hop and set ip next-hop > verify-availability make their decisions based on a) if the next-hop > you specify is in your routing table and b) if it is verified via CDP. > > The third set command (set ip default next-hop) looks at something > different entirely -- It looks at the destination IP address. If you > don't have a route for the destination, it will policy route to the > next-hop that you set. The set ip default next-hop command is sort of > like having a static route ONLY for the things that matched the > access-list. > > On Sun, Jan 24, 2010 at 3:54 PM, Nadeem Rafi <[email protected]> wrote: > > i am sorry if i cannot elaborate my question. I will try again... > > with match statement things will proceed to set commands. > > set ip next hope ABC > > will set next hop to ABC but only if > > set ip next-hope verify-availability > > CDP can verify that next hope is available. if its not available then set > > command will not do any thing and will not set it to ABC. > > quite clear upto this point. > > BUT why logic take care of following? Why it should not skip it also? > that > > was what i want to ask :) > > set ip default next-hope XYZ > > > > Best Regards, > > Nadeem Rafi > > On Sun, Jan 24, 2010 at 11:46 PM, Joe Astorino <[email protected]> > > wrote: > >> > >> I'm not sure I understand the question entirely, but there are > >> fundamental differences in the commands here: > >> > >> 1) set ip next-hop <--- This will look at the next-hop address you > >> specify. If that next-hop is in the routing-table, the packet is > >> policy routed to that next-hop. > >> 2) set ip default next-hop <--- This will look at the destination IP > >> address in the header. If you have a route to the destination in your > >> routing table the packet is NOT policy routed. If you don't have a > >> route to the destination, then you are routed to the next-hop > >> specified. > >> > >> The logic is different, and the two commands are looking at different > >> fields. The first looks at next-hop and the second looks at the > >> destination IP address to make decisions. > >> > >> HTH > >> > >> On Sun, Jan 24, 2010 at 1:32 PM, Nadeem Rafi <[email protected]> wrote: > >> > Route-map Policy_routing > >> > match ip address FROM_X_TO_Y permit 10 > >> > set ip next hope ABC > >> > set ip next-hope verify-availability > >> > set ip default next-hope XYZ > >> > how this will work? I know if cdp cannot verify reachability of next > >> > hope then set ip next-hope ABC will not work. But why set ip default > >> > will > >> > work? > >> > Sorry for such basic question... > >> > Best Regards, > >> > Nadeem rafi > >> > _______________________________________________ > >> > For more information regarding industry leading CCIE Lab training, > >> > please > >> > visit www.ipexpert.com > >> > > >> > > >> > >> > >> > >> -- > >> Regards, > >> > >> Joe Astorino CCIE #24347 (R&S) > >> Sr. Technical Instructor - IPexpert > >> Mailto: [email protected] > >> Telephone: +1.810.326.1444 > >> Live Assistance, Please visit: www.ipexpert.com/chat > >> eFax: +1.810.454.0130 > >> > >> IPexpert is a premier provider of Classroom and Self-Study Cisco CCNA > >> (R&S, Voice & Security), CCNP, CCVP, CCSP and CCIE (R&S, Voice, > >> Security & Service Provider) Certification Training with locations > >> throughout the United States, Europe and Australia. Be sure to check > >> out our online communities at www.ipexpert.com/communities and our > >> public website at www.ipexpert.com > > > > > > > > -- > Regards, > > Joe Astorino CCIE #24347 (R&S) > Sr. Technical Instructor - IPexpert > Mailto: [email protected] > Telephone: +1.810.326.1444 > Live Assistance, Please visit: www.ipexpert.com/chat > eFax: +1.810.454.0130 > > IPexpert is a premier provider of Classroom and Self-Study Cisco CCNA > (R&S, Voice & Security), CCNP, CCVP, CCSP and CCIE (R&S, Voice, > Security & Service Provider) Certification Training with locations > throughout the United States, Europe and Australia. Be sure to check > out our online communities at www.ipexpert.com/communities and our > public website at www.ipexpert.com >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
